Privacy Policy for Contacting Participants

DEMCO respects the privacy rights of individuals participating in our activities or contacting us (hereinafter referred to as "Enterer"). To ensure that the Enterer is confident in the protection of his/her personal information, we have developed this policy as an extension and integral part of "DEMCO’s Group Personal Data Protection Policy." This policy aims to inform the Enterer about the details related to the collection, use, disclosure (referred to as "processing"), deletion, and destruction of the Enterer’s personal data through online and other channels as stipulated by data protection laws.

1. Definitions

   Participants or Activity Participants

   :

   Refers to external individuals who contact DEMCO or participate in DEMCO-organized activities.

   Unless otherwise specified, definitions are following the "Privacy Policy of the DEMCO’s Group Personal Data Protection."

2. Purposes of Personal Data Processing
   1. To fulfill the Enterer requests before entering a contract or to perform contractual obligations with DEMCO, such as when the Enterer contacts DEMCO for any reason.
   2. For legal interests of DEMCO or other individuals, such as;
      1. Conducting internal organizational operations or management activities.
      2. Controlling access to buildings, areas within buildings, and the Internet for security, crime prevention, and investigation purposes for both in the case of internal measures by DEMCO and actions by government agencies or other organizations related to legal processes.
   3. To protect and prevent harm to the life, body, or health of the Enterer or others, such as in emergency case, and for controlling and preventing contagious diseases.
   4. To comply with legal requirements, such as adhering to laws, regulations, and orders of authorized legal entities.
   5. For business planning, marketing, public relations, or similar purposes.

   DEMCO may process your personal data for the purposes stated in 2.1-2.5 without relying on explicit consent, as allowed by applicable laws. For other purposes requiring consent, DEMCO will seek the Enterer’s permission, and you can get details in section 4.

3. Personal Data Collected
   1. When the Enterer participates in DEMCO activities or events, regardless of whether such activity is organized by DEMCO or a person employed by DEMCO or is an activity in which DEMCO is involved in organizing. DEMCO will collect personal data, including but not limited to:
      • Registration information: name, surname, age, address, contact number, email.
      • Images and sounds: static and motion pictures (seminar photographs, event videos).
      • History of past activities or events the Enterers have attended or registered for.
      • Details of payment and financial transactions related to the Enterers participation.
   2. For general visitors to DEMCO premises:
      • Images captured by CCTV cameras within DEMCO premises.
      • Visitor records.
      • Personal data collected, such as name, surname, contact number, email, national ID, or similar documentation.
      • Vehicle registration numbers if entering DEMCO premises with a vehicle.
      • Information required for Wi-Fi registration, such as name, surname, contact number, and email.
   3. DEMCO may collect and process special categories of personal data as defined by data protection laws when necessary for specific purposes mentioned in this policy. Examples include:
      • In some cases, DEMCO may collect the Enterer’s special category of personal data, even if the product or service is not directly related to such special data. For example, DEMCO may need to use the Enterer’s identification card, which contains religious information, to confirm your identity.
      • Health-related data for organizing various activities.
   4. In necessary case, DEMCO will process special categories of the Enterer’s personal data only with the Enterer explicit and clear consent or for the purposes outlined by the laws. DEMCO will implement adequate security measures to protect such special categories of personal data.
4. Cookies Usage

   If the Enterer enters the Company's website, the Company has established a policy regarding the use of cookies, which is declared on the Company's website.

5. Consent and Possible Consequences effect of Withdrawal
   1. In cases where DEMCO collects, gathers, and processes personal information beyond the scope of 2.1-2.5, DEMCO will request the Enterers’ consents. The Enterers have the right to withdraw their consents at any time. However, the withdrawal of consents will not affect the collection, use, disclosure, or processing of personal information that the Enterers have previously consented to.
   2. If the Enterers withdraw their consents given to DEMCO or refuse to provide any information, it may result in the Company being unable to carry out some or all the purposes specified in this privacy policy.
   3. If the Enterer is under the age of 20, please provide details of the legal guardian for notification purposes, enabling DEMCO to obtain the consent from the guardian.
6. Duration of Personal Data Retention
   1. DEMCO will retain the Enterer’s Personal Data for the necessary period to achieve the purposes according to the regulation for each type of personal data unless the law allows for a longer retention period. If a clear retention period cannot be specified, DEMCO will retain the data for a period that may be reasonably expected according to general standards, such as legal prescription at maximum of 10 years.
   2. For Personal Data Retained in CCTV cameras,
      • Personal Data may be retained for up to 30 days under normal circumstances.
      • In exceptional situations, such as for investigation, legal proceedings, or the data subject is requested by the Enterer, personal data may be retained longer, and DEMCO will securely delete the data when the purpose is fulfilled.
   3. DEMCO has implemented a system to evaluate for the reasonable deleting or destroying of personal data beyond the retention period or when it is no longer necessary for the specified purposes.
   4. If DEMCO processes the Enterer personal data with the Enterer’s consent, the Company will continue to retain the data just the necessary part for record-keeping purposes after you withdraw your consent. This shall help DEMCO to respond to the Enterer’s request in the future.
7. Disclosure of Personal Data to Third Parties
   1. DEMCO may disclose, transmit, transfer, or share the Enterer’s personal data with other entities within the DEMCO business group, as attached in the accompanying documents, or other individuals or legal entities which are not parts of DEMCO business group ("Other Parties"). This includes service providers involving in CCTV, event organization, information technology services, data analytics, auditors, government agencies, and other entities necessary for DEMCO's operations as specified in 2.1 - 2.5. However, DEMCO must seek strictly consent for disclosure, transfer, or sharing for any purposes which are not legally permitted without the Enterer’s consent.
   2. In cases where disclosure, transmission, transfer, or sharing occurs as per 7.1 and the recipient becomes a data processor, DEMCO will execute a contract and provide strict instruction as required by law.
   3. DEMCO will emphasize data recipients to have appropriate data protection measures and process Enterer’s personal data only as necessary and it is important to prevent unauthorized usage or disclosure of personal data.
8. International Transfer of Personal Data
   1. DEMCO may transmit or transfer Enterer’s personal data to DEMCO’s affiliates or other individuals outside the country. This shall be taken when it is necessary to fulfill contractual obligations which the Enterer engaged in activities specified in agreements with DEMCO or is an act in accordance with a contract between DEMCO and another person or juristic person for Enterer’s benefit or to be used to take action at Enterer’s request prior to entering a contract. Such actions may also be necessary to comply with legal requirements to protect Enterer’s lives, bodies, or health, or to carry out public interest tasks.
   2. DEMCO may store your data on third party’s servers or clouds and use software or applications provided by third parties and the form of providing a ready-made platform for processing Enterer’s personal data. However, access to personal data by unrelated parties is strictly prohibited, and appropriate security measures are implemented.
   3. In case of transferring Enterer’s personal data internationally, DEMCO will comply with the conditions stipulated by personal data protection laws and implement appropriate measures to ensure that Enterer’s personal data is protected. DEMCO will also ensure that the recipient of the data has adequate safeguards for Enterer’s information and processes the personal data only to the extent of necessity. Moreover, DEMCO will take action to prevent unauthorized use or disclosure of Enterer’s personal data.
9. Security Measures for Personal Data
   1. Ensuring the security of Enterer’s personal data is a top priority for DEMCO and has implemented appropriate technical, administrative and physical security measures to protect personal information from loss, unauthorized access, use or disclosure, misuse, alteration, and destruction by using security technologies and procedures, such as encryption and restricted access, to ensure that only authorized individuals can access to Enterer’s personal information and these individuals are trained on the importance of protecting personal information.
   2. DEMCO establishes and maintains appropriate security measures to prevent loss, unauthorized access, alteration, or disclosure of personal data. Regular reviews are conducted to ensure the effectiveness of these security measures, with adjustments made as necessary to accommodate technological changes.
10. Rights Regarding Enterer’s Personal Data
    1. Enterer has various legal rights concerning Enterer’s personal data, as follows:
       • Withdraw consent for DEMCO to process Enterer’s personal data.
       • Request access to and copies of Enterer’s personal data or request to disclosure for the source of Enterer’s personal data.
       • Transfer Enterer’s electronic personal data to another data controller as specified by data protection laws.
       • Object to the collection, usage, or disclosure of Enterer’s personal data.
       • Request the deletion or anonymization of Enterer’s personal data.
       • Restrain the use of Enterer’s personal data.
       • Correct Enterer’s personal data to ensure for accuracy, recency and completeness.
       • Make an accusation to the Personal Data Protection Committee if DEMCO or its personal data processor, including employees or subcontractors of DEMCO or its personal data processor, violates or fails to comply with the Personal Data Protection Act.

       DEMCO will consider and notify results of consideration according to Enterer’s request to exercise Enterer’s rights as soon as possible within 30 days from the date DEMCO receives such request. The rights mentioned above are in accordance with the Personal Data Protection Act.

    2. To exercise your rights, click [here] (effective since June 1, 2022, when data protection laws become applicable to personal data controllers).
11. Information About the Data Controller and Data Protection Officers
    1. Personal Data Controller: DEMCO Public Company Limited
    2. Contact Address: 59 Moo 1, Suanphrikthai, Muangpathumthani, Pathumthani, 12000, THAILAND
    3. For inquiries regarding personal data protection:
       • Email : DPO@demco.co.th
       • Phone : 02 9595811

If there are any modifications or updates to this privacy policy, DEMCO will announce the revised version on its website. Enterers are recommended to periodically check for changes. The new policy will be effective immediately on the date of announcement.