Global Privacy Policy
Global Securitech Company Limited
Last Updated : May 2020
Introduction
This Privacy Policy (“Policy”) applies to all visitors to our Customer’s premises, all other individuals whom the Customer collects or holds personal data as a result of the operation of our security products namely; Just-ID Visitor™, Just-ID Card Process™, Just-ID Member Process™, Just-ID Face Process™ , Just ID Check™, Just ID Database™
References in this Policy to “you” or “your” are references to individuals whose personal data we processed. “We”, “us” or “our” are references to Global Securitech Co., Ltd. “Customer” is references to our customer either state body or private sector who purchased our products and subscribed for our service.
Importance of Personal data protection
Please read this Policy carefully together with any other notices we may provide on specific occasions when we are collecting or processing your personal data, so that you are fully aware of how and why we are using your personal data. . This Policy is therefore designed to comply with Thailand Personal Data Protection Act (PDPA), General Data Protection Regulation (GDPR) and all relevant legislations.
This Policy is not our cookie policy. As of the date written above, we do not collect any personal data of website visitor via cookie.
If you have any question about this Policy, including any request to exercise your right, please email [email protected] or
call 02-040-1018
How we obtain your personal data
- Directly from you.
- Via our Just ID Visitor™, our card-reader records data of individuals entering and departing the premises of the Customers
- Via Just-ID Member™ when the Customer collect information of its employees so as to allow only authorized person in and out of its premises
- Via Just-ID Card™ when you sign up your information on our website for use of checking point requested by the state body/Customer; when you log in your signed up account for the use at Customer’s store
- Via Just id Check™
Our device for a security guard to do security patrol, your personal data such as face picture, vehicle etc. may be captured if the guard found suspicious acts or circumstance where the security may be compromised.
- Via Just ID Face™
A CCTV-like device monitors the specific areas of the Customer’s premises record faces of visitors or individuals in such areas and use face recognition technology but not the sound to protect health and safety.
The cameras are not located to focus on private area.
Signs are placed in the area in order to inform occupants, visitors and members of the public that CCTV-like device is in operation.
- From third parties
Through our Just ID Database™, our Customers may report or inform us your personal data. In such case, we shall email you our privacy notice within 30 days (i) informing the collection of such data and (ii) requesting to obtain your consent in processing such data. In certain circumstance, we may not request for your consent if the legitimate interests weigh more than your interest.
The types of personal data we collect
Personal data includes any information about an individual from which that person can be identified. It does not include personal data where the identity has been removed (anonymous data).
We collect, use, store different kinds of personal data about you. We have grouped together the following categories of personal data to explain how this type of information is used by us. These terms are used throughout this notice:
Identity Data
including your name, title, date of birth, passport number, identification number, photographic identification, face image and gender;
Time log
including date and time of entering and departing from the premises
Contact Data
including your address, email address and telephone number
Body Temperature Data
including contraction symptoms.
Vehicle Data
including license plate number, type of vehicle, picture of vehicle
Performance Data
including proficiency, performance record and workplace.
CCTV Data
including CCTV footage and other information obtained through electronic means such as Just ID face records.
Face Recognition data
face recognition data obtained through CCTV-like footage electronic means such as Just ID face records.
Our services are neither aimed at nor intended for children under 20 years old.
Purposes and legal basis for which we will use your personal data
We set out below the types of personal data we collect and use , the purposes for which we use your personal data, and the lawful bases we rely on to do so.
We may process your personal data for more than one legal basis depending on purposes for which we are using your personal data.
Purposes |
Type of Data |
Lawful basis for processing |
To prevent, reduce, detect crime and other incident ; and protect premises and assets of Customers, other occupants of the premises and of their respective staff and visitors) |
– Identity data – Contact data – Vehicles data – Time log |
Legitimate Interests: ensuring the occupants of the premises, visitors, staff and of Customers in protecting their assets and their own safety. |
For the personal safety of Customers, occupants and visitors of Customer’s premises and to act as a deterrent against crime |
– Identity data – Contact data – Vehicles data – Time log
|
Legitimate Interests of the Customers and other occupants of the Customer’s premises in keeping them safe |
To support law enforcement authorities in the prevention, detection and prosecution of crime |
– Identity data – Contact data – CCTV data – Vehicles data – Time log |
– Legal obligation as requested by law enforcement authorities. – Legitimate interests of Customers and other occupants of the premises in preventing crime and helping to detect any prosecute crime |
To assist in the day-to-day management, including ensuring the health and safety of Customer, other occupants of the premises |
– Identity data – Contact data – CCTV data – Time log |
Legitimate interests of the Customers and other occupants of the premises in managing their businesses and ensuring the health and safety of their staff and visitors. |
To prevent and suppress danger to life, body or health of occupants of the premises, visitors and staff at Customer’s premises |
– Body temperature data – Time log – Identity data – Contact data
|
– Consent of Data Subject or – Legitimate interest of the Customers and other occupants of the premises ensuring the health and safety of their staff, occupants and visitors. |
To prevent and suppress danger to life, body or health of occupants of the premises, visitors and staff at Customer’s premises |
– Performance data – Identity data |
– Consent of Data Subject or – Legitimate interest of the Customer’s and other occupants of the premises ensuring the health and safety of their staff, occupants and visitors. |
To prevent and suppress danger to life, body or health of occupants of the premises, visitors and staff at Customer’s premises |
– Face recognition data
|
– Explicit Consent of Data Subject or – In case the data subject fails to give explicit consent for whatsoever reasons, we will adopt legitimate interest of the Customer’s and other occupants of the premises ensuring the health and safety of their staff, occupants and visitors |
How we use your personal data
We will only process your personal data when the law allows us to, that is, when we have a legal basis for processing in Clause 5 (Purposes and legal basis for which we will use your personal data).
We will only process your personal data when the law allows us to, that is, when we have a legal basis for processing in Clause 5 (Purposes and legal basis for which we will use your personal data).
We will ensure that your personal data only viewed and accessed by approved Customers whose role requires them to have access to such data. Where required, we will subject to the extent of applicable law, disclose your personal data to
(i) Any person or entity to whom we are requested to make disclosure by any court of competent jurisdiction or by any governmental, or other regulatory authority, law enforcement agency, or similar body
(ii) Our professional advisers or consultants, including lawyers.
(iii) Specific data such as time log may be processed as collective data by way of anonymization for the purpose of analization and statistics
Change of purpose
We will only use your personal data for the purposes for which we collected it as detailed in Clause 5 (Purposes and legal basis for which we will use your personal data) and Clause 6 (How we use your personal data). If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Data Security
We value your privacy; therefore, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing.
We limit access to your personal data to those authorized person and they are subject to duty of confidentiality.
We do not transfer your personal data across border.
Data Retention
We will only retain your personal data for 10 years as necessary to fulfill the purposes we collected it for. This includes for example the purposes of satisfying any legal and regulatory requirement. After 10 years we will delete all personal data permanently.
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data as described below:
- right of access to your personal data – you have the right to receive confirmation of whether or not we are holding or using your personal data and, if we are, to obtain a copy of your personal data.;
- right to have inaccurate personal data rectified – you have a right to have any inaccurate or incomplete personal data rectified. If we have disclosed the relevant personal data to any third parties, we will take reasonable steps to inform those third parties of the rectification where possible;
- right to restrict processing of personal data in certain circumstances – you have a right to ask us to suspend the processing of your personal data in certain circumstances; for instance, if you are disputing the accuracy of personal data, if you have raised an objection to processing, if processing of personal data is no longer necessary and you oppose erasure and request restriction instead;
- right to object to processing of personal data in certain circumstances, including where personal data is used for marketing purposes – you have a right to object to processing being carried out by us if (a) we are processing personal data based on legitimate interests, (b) if we are using personal data for direct marketing purposes, or (c) if information is being processed for scientific or historical research or statistical purposes unless we have legitimate grounds to reject your request, e.g. we have compelling legitimate ground to process or disclosure of your personal data is carried out for the establishment, compliance, or exercise legal claims, or for the reason of our public interests.
- right to data portability – You have the right to receive your personal data in case we can arrange such personal data to be in the format which is readable or commonly used by ways of automatic tools or equipment, and can be used or disclosed by automated means. Also, you have the right to request us to send or transfer your personal data to third party, or to receive your personal data which we sent or transferred to third party, unless it is impossible to do so because of the technical circumstances, or we are entitled to legally reject your request.
- Right to withdraw consent – where you have given consent to our using your personal data for a specific purpose, you have the right to withdraw that consent at any time pursuant to methods and means prescribed by us, unless the nature of consent does not allow such withdrawal. Your withdrawal of consent will not affect the lawfulness of any use of your personal data based on your consent before you withdraw consent.
- Right to eraser (the right to be forgotten) – You have the right under specific circumstances to ask us to delete or remove personal data where we have no legitimate reason to continue using it.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within 30 days. Occasionally it may take us longer than 30 days if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you have any questions please contact
Global Securitech Ltd.
- 2521/68 Lat Phrao Rd Khwaeng Khlong Chaokhunsing Khet Wang Thonglang ,Bangkok 10310
- Office : 02-0401018
- Sale : 080-5571991
- Support : 061-7136111
- E-Mail : [email protected]
- www.global-tech.me
- facebook : globaltechth