NEP social >>

VAVAZ social >>

Privacy Policy

          NEP Realty and Industry Public Company Limited recognizes the importance of protecting the personal data of its business partners. Accordingly, the Company has established this Personal Data Protection Policy for Business Partners with the aim of overseeing and managing the personal data of authorized representatives, directors, shareholders of business partners, and other contact persons whose information has been provided to the Company.
This policy also serves to inform you of your rights as stipulated under the Personal Data Protection Act B.E. 2562 (2019).

            The Company collects, uses, and/or discloses your personal data as a result of your business relationship with the Company and/or your role as an employee, representative, or agent of such business partner.

  1. Types of Personal Data Collected by the Company

“Personal Data”refers to any information relating to an individual that enables the identification of such individual, whether directly or indirectly.
This does not include information of deceased persons. The Company may collect various types of personal data, including but not limited to the following:

Personal Information: This includes, for example: name prefix – full name, gender, age, date of birth, nationality, marital status, photographs, videos, CCTV footage, educational background, employment or business affiliation (e.g. the company you work for, are employed by, or are a business partner of), copies of identification documents (e.g. national ID card, passport, household registration), financial status, government-issued documents, vehicle information, signature, bank account and payment information, electronic signatures, and other identification documents.

Contact Information: This includes, for example: telephone number, mobile phone number, fax number, address, email address, Line ID, and other similar contact details.

Other Information: This includes information relating to the business relationship between the Company and its business partners, such as data you provide to the Company as specified in contracts, forms, surveys, or other documents; transaction-related data between you and the Company; and computer system records, among others.

Personal Data of Other Individuals Related to You: This includes information that identifies your spouse or children, information of employees of a company related to you, and any other personal data of third parties that you have provided to the Company in any form. By providing such third-party personal data to the Company, you represent and warrant that you are authorized to do so and that you permit the Company to use such personal data in accordance with this Privacy Policy. You are also responsible for informing such individuals of this Privacy Policy and/or obtaining their consent, as required.

Sensitive Personal Data: This includes, for example: race as shown in identification documents; religion indicated on the national ID card; labor union information; biometric data such as fingerprints, facial recognition, or iris recognition data; health or physical/mental condition information; criminal records; and any other data of a similar nature as prescribed by the Personal Data Protection Committee.

  1. The Company collects your personal data through the following channels:
    1. Data provided directly by you or through contracts or form submissions:
      This includes data you provide when you conduct business or enter into transactions with the Company, or when you interact with the Company directly — including interactions via the Company’s online platforms, websites, or mobile applications. It also covers communications through email, telephone, surveys, business cards, postal mail, as well as during meetings and events.
    2. Data from business partners for whom you work, act on behalf of, or represent.

    3. Data from the Company’s group of companies, shareholders, or third parties, such as other business partners or representatives

    4. Data from electronic file sources
  1. Use of Your Personal Data
    The Company will collect, use, and/or disclose your personal data in accordance with the nature of your relationship with the Company, for legitimate purposes based on contractual obligations or other legal grounds, and in compliance with the Personal Data Protection law, ministerial regulations, ministerial notifications, or any other applicable laws and regulations.
  1. Disclosure of Your Personal Data
    The Company will not disclose your personal data to any third party, except where it is necessary for the Company’s operations and not in violation of applicable laws. Such parties may include the Company’s shareholders, other business partners, and external service providers engaged by the Company—such as cloud service providers, data analytics providers, and professional advisors. These advisors may include legal counsel, technical experts, and other parties supporting the Company’s business operations or legal rights.

           In certain cases, the Company may be required to disclose your personal data in order to comply with applicable laws or regulations. This includes disclosures to law enforcement authorities, courts, government agencies, or other third parties if the Company believes such disclosure is necessary to comply with legal or regulatory obligations, to protect the rights of the Company, the rights of third parties, or the safety of individuals; or to detect, prevent, or address fraud, security, or safety issues.

In addition, your personal data may be disclosed in the course of a transfer of rights or similar transactions, whether in whole or in part, to assignees and/or transferees of the Company’s rights and obligations. The Company may also disclose your personal data in emergency situations to protect your vital interests.

  1. Cross-Border Transfer of Personal Data
    1. The Company may transmit or transfer your personal data to its affiliates or other parties located in foreign countries when necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract, or for the performance of a contract between the Company and another person or legal entity for your benefit.

      Such transfers may also occur for the purpose of preventing or suppressing danger to your life, body, or health or that of others, for compliance with legal obligations, or where necessary for the performance of a task carried out in the public interest.

    2. The Company may store your personal data on computer servers or cloud systems provided by third parties. It may also use third-party software or applications in the form of Software as a Service (SaaS) or Platform as a Service (PaaS) for the processing of your personal data.

      However, the Company does not permit unauthorized persons to access your personal data and requires such third parties to implement appropriate security and protection measures.

    3. In cases where your personal data is transferred to a foreign country, the Company will comply with applicable personal data protection laws and implement appropriate measures to ensure that your personal data is protected and that you can exercise your rights under the law.

      The Company will also require data recipients to implement appropriate data protection measures and to process your personal data only as necessary. Measures will be taken to prevent unauthorized use or disclosure of your personal data.

  1. Retention Period of Your Personal Data

             The Company will retain your personal data only as necessary for the purposes for which it was collected, used, or disclosed, and within the scope of such purposes.

Unless otherwise exempted by the Personal Data Protection Act B.E. 2562 (2019) or other applicable laws, the Company may be required to retain your personal data for a longer period than legally prescribed, where necessary.

  1. Your Rights as a Data Subject Subject to the conditions prescribed by law, you are entitled to the following rights:
    1. Right of Access: You have the right to access and obtain a copy of your personal data held by the Company, and to request disclosure of the source of your personal data if it was collected without your consent.
    2. Right to Rectification: You have the right to request the correction of your personal data to ensure that it is accurate, up-to-date, complete, and not misleading.
    3. Right to Erasure: You have the right to request the deletion or destruction of your personal data, or the anonymization of such data so that it can no longer be used to identify you.
    4. Right to Data Portability:
      You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit or transfer such data to another organization. This applies to personal data that:

      • You have provided to the Company; and

      • The Company has obtained your consent to collect, use, or disclose, or where such processing is necessary for the performance of a contract to which you are a party.

    5. Right to Object: You have the right to object to the collection, use, or disclosure of your personal data by the Company, or to request the suspension of the processing of your personal data.
    6. Right to Withdraw Consent: You have the right to withdraw your consent to the collection, use, or disclosure of your personal data at any time, where the processing is based on your consent.

    7. Right to Lodge a Complaint: You have the right to lodge a complaint with the competent authority if you believe that the collection, use, or disclosure of your personal data is unlawful or not in compliance with the applicable data protection laws.

           If you wish to exercise any of the rights mentioned above, please contact the Company via the “Company Contact Channels” provided below. The Company will consider your request and inform you of the result within 30 days from the date of receipt.
Please note that the Company may reject your request if there are legal grounds to do so.

              However, the exercise of your rights shall not affect the collection, use, or disclosure of personal data that you have previously provided to the Company. In the event that any damage arises from such data, you shall be solely responsible for such consequences.

  1. Data Security Measures

          The Company has implemented appropriate personal data security measures, which include administrative, technical, and physical safeguards to control and restrict access to personal data. These measures are designed to prevent unauthorized loss, access, use, alteration, modification, or disclosure of personal data.

         The Company has implemented access control and restriction measures for personal data and the use of devices used to store and process such data securely. These measures include defining user access rights, responsibilities, and restricting or assigning access permissions only to authorized personnel, in order to prevent unauthorized access, disclosure, awareness, duplication, or theft of personal data or the devices used to store or process such data.

In addition, the Company has established regular audit and monitoring procedures related to the access, modification, deletion, or transfer of personal data.

  1. The Company may amend or update this Privacy Policy.

             Such amendments may be made from time to time to reflect changes in laws, technological developments, or other legitimate reasons as deemed necessary. The amended Privacy Policy will be published on Privacy Policy prior to its effective date.

  1. Company Contact Channels You may contact the Company using the following contact details:

Company Contact Channels Data Protection Officer (DPO)

  • Contact Address: NEP Realty and Industry Public Company Limited

           Head Office: 41 Phahonyothin 5 Alley, Phahonyothin Road, Phaya Thai Subdistrict, Phaya Thai District, Bangkok 10400, Thailand

           Factory: Navanakorn Industrial Promotion Zone, Nakhon Ratchasima 999/5 Moo 1, Mittraphap Road, Naklang Subdistrict, Sung Noen District, Nakhon Ratchasima 30380, Thailand