Personal Data Policy

The entire Phyathai Hospital Group is committed to protecting your personal data as a data subject. Your personal data will be protected in accordance with personal data protection laws, which refers to the Personal Data Protection Act B.E. 2562 (2019) and its amendments, including royal decrees, ministerial regulations, notifications, and rules issued under such Act, as well as any other laws and regulations related to personal data protection. The Company, as the Data Controller, has a legal obligation to inform you through this document of the reasons and methods by which the Company collects, uses, or discloses your personal data, as well as to inform you of your rights as a data subject.

 

Definitions

  • “Personal Data” means any information relating to a person, which enables the identification of such person, whether directly or indirectly, but not including the information of the deceased persons in particular.
  • “Sensitive Personal Data” means personal data pertaining to race, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behavior, criminal records, health data, disability, trade union information, genetic data, biometric data (e.g., facial recognition data, iris recognition data, fingerprint recognition data), or any other data which affects the data subject in the same manner, as prescribed by the Personal Data Protection Committee.
  • “Process” means to collect, use, or disclose.
  • “Data Controller” means a person or a juristic person having the power and duties to make decisions regarding the collection, use, or disclosure of Personal Data.
  • “Data Processor” means a person or a juristic person who operates in relation to the collection, use, or disclosure of the Personal Data pursuant to the orders given by or on behalf of a Data Controller. However, such person or juristic person who operates accordingly is not considered a Data Controller.
  • “Bangkok Dusit Medical Services Group” means companies within the network of Bangkok Dusit Medical Services Public Company Limited, both currently existing and to be established in the future, whether registered in Thailand or overseas, including Bangkok Dusit Medical Services Public Company Limited itself.
  • “Affiliated Hospitals” means hospitals within the group or network of Bangkok Dusit Medical Services Public Company Limited, operating both in Thailand and overseas.

 

Disclosure or Sharing of Personal Data

The Company may disclose or share your personal data with third parties as follows:

  • “Personal Data” means any information relating to a person, which enables the identification of such person, whether directly or indirectly, but not including the information of the deceased persons in particular. (Note: This appears as a repetition in the original Thai text)
  • “Sensitive Personal Data” means personal data pertaining to race, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behavior, criminal records, health data, disability, trade union information, genetic data, biometric data (e.g., facial recognition data, iris recognition data, fingerprint recognition data), or any other data which affects the data subject in the same manner, as prescribed by the Personal Data Protection Committee. (Note: This appears as a repetition in the original Thai text)

The Company requires the aforementioned third parties to maintain confidentiality and protect your personal data in accordance with the standards prescribed by personal data protection laws. They may use your personal data strictly for the purposes specified or ordered by the Company. Third parties will not be able to use your personal data beyond these specified purposes.

The Company may store personal data in a Cloud Computing system by utilizing third-party services, whether located in Thailand or overseas. The Company has entered into contracts with such parties with due care, taking into consideration the security systems for personal data retention provided by the Cloud Computing service provider for personal data protection.

The Company may disclose your personal data to government agencies, persons, or any juristic entities to comply with the law or court orders.

 

User Data Deletion Request

If you log into our application using Facebook Login and wish to delete the data obtained through Facebook, you can request data deletion by contacting us via email.

Please send your request to [email protected] with the subject line “คำขอลบข้อมูล Facebook” or “Facebook Data Deletion Request”. We will delete your data from our system within 7 working days. Alternatively, users can delete their own data directly by removing our application from their Facebook account settings at: https://www.facebook.com/settings?tab=applications