Personal Data Privacy Policy
J.E.D.I. (Bangkok) Asset Management Co., Ltd.
J.E.D.I. (Bangkok) Asset Management Co., Ltd. (hereinafter referred to as “J.E.D.I.”), in its capacity as a data controller under the Personal Data Protection Act B.E. 2019 (2562) (“PDPA”), recognizes the importance of effective personal data protection in accordance with the fundamental principles of necessity, respect for fundamental rights under the Constitution, and international standards. This Personal Data Privacy Policy has been established to ensure that data subjects and the general public are informed and understand the objectives, principles, and measures taken by J.E.D.I. to safeguard personal data. J.E.D.I. is committed to storing, managing, and processing personal data in compliance with applicable laws and for the proper administration of its internal operations.
1. Processing of Personal Data by J.E.D.I.
In the course of its duties, J.E.D.I. necessarily relies on certain fundamental data, including information relating to natural persons (“Personal Data”) that directly or indirectly identifies an individual. Such data may include, for natural persons: name, surname, gender, date of birth, photograph, national identification number, registered and current address, occupation, workplace, contact information, financial details, and personal history. For juristic persons: company name, corporate registration number or taxpayer identification number, certificate of incorporation, address, telephone number, names of all authorized signatories, details of authorized representatives and ultimate beneficial owners, type and objectives of the business, company seal (if any), etc. This information may be obtained directly from data subjects or from other sources, including financial institutions, government agencies, contractual parties, businesses, individuals, or other juristic persons.
2. Objectives of J.E.D.I. in Processing Personal Data
The collection and processing of personal data by J.E.D.I. are carried out in order to fulfill its legal duties and for the management of its organization. The primary objectives include:
(1) Supervision and Audit Purposes:
- To verify and authenticate identity prior to contract execution, transactions with J.E.D.I., or handling complaints.
- To manage operations and facilitate transactions between J.E.D.I. and data subjects, including providing contract results, transaction notifications, and requests for additional information.
- To comply with laws applicable to J.E.D.I.. If J.E.D.I. is required to collect personal data for contractual or legal purposes and you decline to provide it, J.E.D.I. may be unable to provide services or fulfill your requests. This may include processing the personal data of related parties obtained from businesses, in order to fulfill J.E.D.I.’s duty to protect service users.
(2) Security Purposes:
- To ensure the safety and security of J.E.D.I.’s personnel, premises, and property, it may be necessary to collect personal data from individuals entering J.E.D.I.’s premises, such as name, surname, organization, and photograph.
3. Principles of Personal Data Protection
J.E.D.I. places great importance on ensuring appropriate security measures for personal data in line with international standards. Measures are in place to safeguard the rights, freedoms, and benefits of data subjects, proportionate to the level of risk. Preventive technologies such as Data Leak Prevention are applied to all types of data. Personal data processing must be lawful, fair, and transparent in accordance with principles of Data Governance, and conducted only as necessary for specified and legitimate purposes. Personal data shall be accurate, up to date, and retained for 10 years from the contract date, throughout the relationship with J.E.D.I., or as required by law. When no longer necessary, J.E.D.I. will destroy, delete, or anonymize the data.
Disclosure of personal data to external parties such as government agencies, hospitals, or other relevant juristic persons will be carried out only for specific purposes, in accordance with J.E.D.I.’s duties, other legal obligations, or legitimate interests of J.E.D.I. or other persons/entities. Appropriate security measures will be in place to prevent unauthorized or unlawful access, use, alteration, disclosure, or loss of personal data.
4. Rights of Data Subjects
J.E.D.I. recognizes the rights of data subjects as prescribed under the PDPA, including the right to access personal data, the right to rectify inaccurate personal data, the right to data portability, the right to request deletion, the right to restrict processing, and the right to object to processing. The exercise of these rights, and J.E.D.I.’s consideration thereof, shall be in accordance with the requirements of the PDPA. J.E.D.I. may refuse certain requests where permitted by law. Data subjects wishing to exercise their rights may contact J.E.D.I. through the following channels:
1. By submitting a request in person at J.E.D.I.’s office premises.
2. By submitting a registered mail request to J.E.D.I.’s office.
5. Review of the Personal Data Privacy Policy
J.E.D.I. will review this Policy annually or whenever significant changes occur, to ensure compliance with laws, regulations, and relevant practices. Any updated version will be published on J.E.D.I.’s official website.
6. Contact Information
J.E.D.I. (Bangkok) Asset Management Co., Ltd.
Address: 103 Chong Nonsi Subdistrict, Yannawa District, Bangkok 10120
Tel: 0 2165 0650
Email: info@jedi.co.th
Website: www.jedi.co.th
Effective Date: June 1, 2022
Mr. Sathit Thienphichet
Internal Audit and Compliance Committee