This policy shall apply on;
- Any individual who uses, enters, contacts or any other kinds of interaction in Chiangmai Hospital’s platform such as site service, email, telephone or mobile application.
In this policy;
“Personal Data” means any information relating to a person, which enables the identification of such person, whether directly or indirectly.
“Personal Data Owner” means any individual who owns personal data or any information relating to a person whether directly or indirectly. In this particular situation means the customers and internet website users or the applications of the hospitals.
“Hospital” means Chiangmai Hospital.
“Users” means any individual who uses, enters, contacts or any other kinds of interaction in Chiangmai Hospital’s platform such as site service, email, telephone or mobile application.
“Cookies” means information that is sent from a website to each visitor’s computer while accessing such website.
“Measures” mean security measures to protect the personal information.
2. Personal Data Collection and Storage
2.1 Hospital will collect your Personal Data that the Hospital received whether directly or indirectly, which consists of;
- Personal data such as name, last name, gender, age, nationality, date of birth, marital status, address, occupation, place of work, postal code, email address, telephone number, credit card.
- Data on your interests such as products and services, hobbies, social networking activities, sports, travelling, etc.
- Data on your decision whether or not to choose products and services, such as reason of purpose, other products that are used for comparison, comments and site visit information regarding products and services.
- Data that specifies your location while using the website. If you enable the GPS system, you consent the Hospital to collect and process your location information. However, if you would like to conceal this information, you can install programs or turn off GPS on your mobile phone.
- IP address
- Type of web browser that is used to access
- Web pages visited
- Time spent on visiting
- Websites that refer to the Hospital’s web site
- Information using application where Hospital will store in Log.
- Other Personal Data subject to your prior consent.
2.2 Please notice that Personal Data Owner has full and free right in deciding whether give a consent on provide your personal data to us or not. If any user enters to our site in the sake of other without owning their personal data, you need to request a consent of Personal Data Owner each time you provide their personal data information to the Hospital.
2.4 Method of Personal Data Collection
- Through the Hospital’s channel, e.g., electronic means, documentation, verbally, depending on circumstances etc.; or
- Through channel of the Hospital’s business partner/other service providers, e.g. Facebook, Instagram, Twitter, Tiktok, Line, Google Analytics, Google Map, Google Tag Manager, YouTube, etc., for the purpose of creation of your profile or agent.
The Hospital has no intention to collect any Personal Data of a child whose age is less than that stipulated by law (the “Age Limit”). If you are younger than that of the Age Limit, please do not use the service of the Hospital or give any Personal Data to the Hospital.
In the event that you are a parent of a child whose age is less than the Age Limit and is aware that your child is giving Personal Data to the Hospital, please contact the Hospital and you may request to exercise your right instead.
In the even that you are a child of age that is less than the Age Limit and need to receive services and products of the Hospital, you are required to have a consent of your parent in place for the provision of your Personal Data
3. Purpose of Collection / Use / Disclosure of The Personal Data
3.1 To provide an effective, corrected and decisive performance of services throughout our websites, email, telephone or application for the User, the Hospital have to asks and collects your personal data.
3.2 After the Hospital collect your personal data, we will store your personal data and will use them only to provide best performance of service especially to Personal Data Owner. The Hospital may use your personal data information to;
- Provide you with customer reserved access to our websites.
- Ensure the security of your access or contact in the Hospital’s services on websites.
- Provide you with technical assistance to access and use our websites.
- Respond to your enquiries.
- Record your interactions with our websites to enable certain functionalities of the website and improve our website by recording your name, IP address or details about your website usage through cookies or similar technologies.
- Managing your booking of medical appointment with the Hospital.
- Contact our user to update you about the Hospital, services and promotions (with your consent only).
- Comply with legal requirements and assist government and law enforcement agencies or regulators or supervisor and also resolve any disputes that you may have with the Hospital.
- To serve any other purposes which have been notified at the time of collection of your Personal Data or any other purposes in relation to any of the above purposes.
4. Disclosure and Transfer of The Personal Data to The Third Parties
4.1 The Hospital will not sell, give or rent your personal data or do any other action that cause harmful affect to your personal data.
4.2 The Hospital will not disclose, transfer or share your personal data to any other irrelevant or illegal third parties without a consent of the Personal Data Owner. However, we may need to disclose your personal data to the following categories of third parties for the exceptional purpose stated below;
- Other group companies. As Chiangmai Hospital is part of a wider business group with headquarters in Thailand which all collaborate and partially share customer services and system including websites-related services and systems to purpose of convenient and swift service providing to you, the Hospital may need to transfer your personal data to, or otherwise allow access to such data by other companies within our group. We will disclose, transfer or allow access to your personal data with strictly protocol and will do in necessary situation only.
- Our services providers. Agents of the Hospital who has been authorized to offer and sell the Hospital’s products and services, including agent or person hired by such person. Example, Infrastructure and IT services providers, marketing and advertising agencies, insurance companies etc.
- Third parties permitted by law. In necessary circumstance to protect the unitarities and stability of the nation, to protect and prevent life, body and health endanger of the User or moreover to protect the Hospital’s rights. We may be required to disclose, transfer or share your personal data in order to the police officer, administrative officer/supervisor, judicial organization, administrative organization or any other legal enforcer organization for the law compliance or the court order.
- Third parties connected with corporate transactions with the Hospital.
4.3 In transfer of your personal data to the third parties mentioned above, the Hospital will use all the essential measures to secure the transfer, storage and usage of your personal data which is also include the appropriate and securities measures.
5. Security of Information
5.1 The Hospital uses Secure Socket Layer (SSL), which is a standard security for securing data transmitted over the Internet, including data encryption and firewall. Secured Socket Layer (SSL) is a technology accessing encrypted data to prevent sniffers while the information is being transmitted over the Internet. The data encryption makes sniffers unable to understand the meaning of the information. This technology is also used for confirming the existence of the website. The Hospital will regularly update and test its technology to ensure that your Personal Data is safe, secured, and trustworthy. The Hospital reserves the right to make changes to its security tools if the Hospital sees that the tool is of a higher standard and can secure data more efficiently.
5.2 In case the Hospital made a deal with any third parties in order to develop and maintain the system and the allocation of resources or services on behalf of the Hospital, the personnel of such third parties who provide service to or act on behalf of the Hospital must agree to keep your Personal Data.
6. Rights of The Personal Data Owner
6.1 Rights to access your own personal data to request a copy of the personal data in the processing of the Hospital, which we will provide back to you in electronic form. If you request for multiple copies of the data, please understand that we may charge you a reasonable fee.
6.2 Rights to rectification your own personal data in order to update your personal data and to correct an inaccurate or incomplete your personal data in the processing of the Hospital.
6.3 Rights to erase or destroy your own personal data that you have provided to the Hospital, unless in certain circumstance that the Hospital need to keep storage of your personal data to comply by the law.
6.4 Rights to withdraw the consent on providing your personal data at any time and without any charge of fee. However, the withdrawal of consent shall not affect the collection, use or disclosure of personal data subject has already given consent legally.
6.5 Rights to restrict the processing of your personal data by the Hospital where you believe such process is inaccurate, unlawful or unnecessary.
6.6 Rights to object the processing of your personal data by the Hospital where you believe the legal justification is our legitimate interest. We will abide to your request of objection unless we have compelling legitimate ground for the processing, or if we need to continue to process the data for the establishment, exercise or defend of our legal claim.
6.7 Rights to file a complaint to the Personal Data Protection Committee when you believe that the Hospital has violate your personal data.
6.8 You may exercise any right as mentioned above through Telephone Number : 053 411 234 or Email : firstname.lastname@example.org, in which case the Hospital will consider and inform you of a result of your complaint within 30 days from the date on which the Hospital receives your complaint.
7. Exceptions of The Confidentiality of Personal Data
7.1 An action towards the Personal Data that has been disclosed to the public at the time you disclose this information to the Hospital or that is publicly disclosed which is not the fault of the Hospital or its Affiliates.
7.2 Disclosure of the Personal Data with your written consent or permission by any other means.
7.3 Disclosure of information as necessary by laws, orders, rules, regulations, court orders, or governmental agency, or other necessities.
2022 Chiangmai Rad Hospital Co.,Ltd. All Rights Reserved.