Contact Us
TH EN

Personal Data Privacy Policy

Announcement of The Platinum Group Public Company Limited

Subject: Personal Data Protection PolicyThe Board of Directors of The Platinum Group Public Company Limited (“Company”) recognizes the importance of protecting personal data in accordance with the law. The Board of Directors therefore approves and issues the Company's announcement on this Personal Data Protection Policy. The aim is to set a framework for protecting personal data in the business processes of the Company so as not to adversely affect the rights of data subjects as well as to comply with the Personal Data Protection Act B.E. 2562 (“Personal Data Protection Act”).

Article 1 Announcement and Effectiveness of the Announcement

This announcement is called “The Company Announcement on Personal Data Protection Policy” which shall be effective from the date of announcement onwards. It covers all processing of personal data of all groups of data subjects performed by the Company. Data subjects include customers, employees, business partners, contractors, service providers as well as those who enter the Company's premises, shareholders, and directors of the Company.

Article 2 Definitions of terms and main principles for processing personal data

2.1 Key Definitions under this Privacy Policy are in accordance with the Personal Data Protection Act as follows:

“Personal Data” means information about an individual which can be used to identify a living individual directly or indirectly.

“Sensitive Personal Data” means personal data that is sensitive and may be subject to unfair discrimination, such as race, ethnic origin, political opinion, doctrine, religion, or philosophy, sexual behavior, criminal record, health information, disability, union membership, genetic information, biological information, or any other information which affects the personal data subject in the same way as prescribed by the Personal Data Protection Committee.

“Data Protection Officer” means an individual or a group of persons who has been appointed by the Company to act as a personal data protection officer according to the Personal Data Protection Act B.E. 2562.

2.2 Main principles of processing personal data

The Company will process personal data based on legitimate reasons and basis for processing data in a manner that strictly adheres to the personal data processing framework specified under the Personal Data Protection Act. In particular, the processing of personal data and sensitive personal information shall be guaranteed to be limited to the extent that is necessary to perform the duties that the Company primarily has with each group of data subjects only. Before the Company proceeds to collect and process personal data, the Company shall notify each group of data subjects such that they can acknowledge and/or provide consent in various forms appropriately in accordance with the Personal Data Protection Act.

Article 3 Public Relations Policy

The Company attaches great importance to making sure that all employees including third parties who may be involved or hired to process personal data of the Company acknowledge and are aware of policies related to the processing of personal data. The Company shall have regular communication through all channels with employees and such persons, especially when there are significant changes affecting the Company's processing of personal data or changes in this policy.

Article 4 Information Disclosure Policy

The Company shall not to share, sell, transfer or disclose the personal data of the data subject by any other means to third parties without obtaining the consent of the data owner unless permitted by law. In addition, the Company will disclose the personal data of the data subject the Company finds it necessary to do so due under contractual obligations that the Company may have with data subjects or to protect the Company's legitimate rights. When disclosing personal information to external entities, the Company shall take steps to request others to keep the customer's personal information safely and confidentially and not use the information for purposes other than the scope specified by the Company.

Article 5 Data Retention Guideline

The Company has established a framework for considering the period of retention of personal data (Data Retention Guideline) based on the principle of necessity, whereby the Company shall be responsible for notifying the period of retention of such data to each group of data subjects. You have the right to revoke your consent to the processing of personal data that you have given consent to the Company, unless the revocation of consent is limited by law or contract in favor of you. As a data subject, the revocation of consent will not affect the processing of personal data you have previously given consent according to the law.

Article 6 Security of personal data

The Company strictly prioritizes the security of customers' personal information. There are security measures that cover management structure, technical measures, and physical measures as well as a system for collecting, using, or disclosing personal data that is safe and appropriate. To prevent customer personal information from being lost, used, accessed, changed, or disclosed without permission, the Company restricts access to customer personal information to employees, agents, contractors, and other third parties who need it. In addition, the customer personal information can only be processed under the conditions specified by the Company. If there is a breach of customer personal information, the Company shall notify the Office of the Personal Data Protection Commission without delay within 72 hours from the time that the breach was discovered, except when such violation does not carry a risk that will affect the rights and liberties of customers. If the breach has a high risk of affecting the rights and freedoms of the customer, the Company shall notify the customer of the incident along with the remedy without delay.

Article 7 Rights of data subjects

The Company recognizes and respects the legal rights of all data subjects. For personal data under the Company's control, the Company shall guarantee that all data subjects can exercise their rights available under the law. The Company shall consider and process the data subject's request when exercising their rights within the timeframe specified by the Personal Data Protection Act. The rights of the data subjects are:

  • The right to request access and obtain a copy of personal data
  • The right to request personal information and transfer personal data to another controller of personal data
  • The right to object to the processing of personal data
  • The right to request removal or destruction or to make personal data not personally identifiable
  • The right to request the suspension of personal information usage
  • The right to request correction of personal information
  • The right to withdraw consent

Article 8 Review or update the policy

The Company plans to review or amend this policy at least once a year or when there are significant changes to the business. The Board of Directors or other committees shall be assigned to perform the review.

Article 9 Contact channels regarding personal data protection

The Company has appointed a data protection officer who is the Company's personal data protection coordinator. If you wish to inquire about the protection of personal data or would like to exercise the rights related to your personal data, please contact

Personal Data Protection Department

The Platinum Group Public Company Limited (Head Office)

222/1398 The Platinum Fashion Mall Building, Phetchaburi Road, Ratchathewi, Bangkok 10400