Tqcare The Best Partner In Claims Assessment & The Excellent Health Provider
Tqcare
HOME About us
OUR SERVICES Third Party Administration (TPA) Health Provider
Updates contact us Careers

TQC Company Limited

Privacy Policy

Tqcare

Privacy Policy

1. Objective

In order to protect personal data effectively and to have effective remedial measures for the owner of personal data from a violation of personal data rights as follows:

  • To clearly state the importance of correct practices with respect to personal information and to comply with the principles related to the security of personal information.
  • In order to be recognized to the necessity of the information when mentioning the general condition, quantity and identification of personal data that the data is necessary for the company’s operation.
  • To formulate management policies and best practices.
  • To manage the procedures for the proper processing and handling of personal data.
  • Employees have appropriate knowledge to be responsible for taking care of personal information.
  • To provide the best environment, culture and support for the processing of personal data for employees.
  • All employees are aware of their responsibilities and can properly follow the Company's approach to handling personal information.
  • Owner of personal data understand how to submit a request for accessing to your personal data. what the process is, who to contact with, such requests must be handled quickly and accurately.
  • Owners of personal data are confident that their personal data has been managed with a standardized security of personal information and the personal information is safe at all times and prevent unauthorized access.
  • Any other parties who want to transfer or share personal information of the company must comply with the company's procedures strictly.
  • For the system or application development, it is necessary to be assessed for risks and damages that may affect personal data as specified in this policy.

2. Dimension

Covering the employees who related to the collection, use or disclosure of personal data.

3. Definition

  • Personal data” means information about an individual in which the individual can be identified or either directly or indirectly but does not include the information of the deceased in particular.
  • Personal Data Controller” means a person or juristic person who has decision-making authority about the collection, use or disclosure of personal information.
  • Personal Data Processor” means a person or a juristic person who deals with data collection, use or disclosure of personal data in accordance with the instructions or on behalf of the data controller. The person or juristic person who does so is not the data controller.

4. Personal Data Protection Policy

Personal Data Protection Act B.E. 2562 requires the company is responsible for establishing measures to protect personal data to prevent personal data breach, whether intentionally or unintentionally. The company is committed to protecting the personal data in order to prevent loss, misuse, disclosure, modification, unavailability , unauthorized or authorized access including being destroyed and taking reasonable precautions to protect personal information. Including the preparation of appropriate technical measures to ensure that any personal information which has been collected, used or disclosed personal information whether directly or indirectly whether on paper, computer or on any recording medium provide appropriate safeguards to ensure compliance with legal requirements.

TQC collects, uses or discloses personal information that related to person. This includes employees, temporary staff and business partner. There must be a legitimate business purpose for collecting and processing any data and there should be obligated to protect the rights and liberties of individuals as stipulated in the law. which are as follows:

Protection of personal information

  • Requesting consent must be made explicitly in writing or through an electronic system, except without being able to obtain consent by such means
  • To obtain consent from the owner of the personal data, the controller of personal data must notify purposes of collecting, using or disclosing personal data and obtaining that consent, It must be clearly separated from other texts. Having a form or message that is easily accessible and understandable, including using language that is easy to read. And, not to deceive or mislead the owner of the personal data for such purposes.
  • To obtain consent from the owner of the personal data, the personal data controller must take into account the independence of the personal data owner in giving consent. Including any provision of services. There must be no condition of consent to the collection, use or disclosure of personal data that the data is not necessary or relevant for entering into a contract including the provision of a particular service.
  • The owner of the personal data can withdraw their consent at any time, provided that consent is easily withdrawn as well as consent. Unless there is a limitation on the right to withdraw consent by law or a contract that provides benefits to the data owner. However, the withdrawal of consent will not affect the collection, use or disclosure of personal data for which the data subject has given consent.
  • In the case that the withdrawal of consent affects the data owner in any way, the data controller must notify the data owner of the impact of the withdrawal of consent. Requesting consent from the personal data owner that is not in accordance with the provisions set forth in this section shall not bind the personal data and does not prevent the personal data controller from collecting, using or disclosing personal data

Collection of Personal Information

  • Collection of Personal Information prior permission from the personal data owner is required. So that it can be collected otherwise, the provisions of the Personal Data Protection Act B.E. 2562 or other laws allow it to be done.
  • Collection of personal data must be expressly made by making a book or a document or doing it through an electronic system to request consent from the data owner. And, the request for consent must be clearly separated from other messages. Having designs or messages that are easily accessible and understandable.
  • Collection of personal information from persons who are minors under the age of majority through marriage or not having the same status as a person who has reached the age of majority under 27 of the Civil and Commercial Code obtaining consent from the owner of such personal data consent can be obtained from the parent who has the power to act on behalf of the minor.
  • Collection of personal information from persons who are incompetent to request consent from a guardian who has the authority to act on behalf of an incompetent person.
  • Collecting personal information from persons who are quasi-incompetent, ask for consent from a guardian who has the power to act on behalf of a quasi-incompetent person.
  • Collection of Personal Information must be collected as needed only. And, must also inform the purpose of the collection, use or disclosure of information.
  • Determine the period of collection and collection of personal data.
  • Determine measures or methods to maintain personal information that has been collected and to prevent access from unauthorized persons

Use and disclosure of personal information

  • Use or disclosure of personal information must obtain consent from the owner of the personal data only before the company can use or disclose such information.
  • In forwarding or transferring personal data to other parties, TQC will arrange for adequate personal data protection measures. To prevent loss, damage or other errors that may affect personal data
  • Use, disclosure will proceed to use or disclose only according to permission from the owner of the information

5. Monitoring, reviewing and improving policies

This policy requires monitoring and set indicators to measure the efficiency of the operational process in order to comply with this policy. There must be a plan to measure results on a regular basis and has reviewed this policy at least once a year or if there is a change related to business operation, operational process, technological change or reporting incidents of personal data security breaches which may be related to this policy.

6. Location and person in charge

In case you need help from the company in any cases regarding additional information, errors, questions arising without your permission. You can contact the company as follows:

  • Company's website: https://tqccare.com
  • Data Protection Officer via E-mail: tqc@tqccare.com