PRIVACY POLICY

1.    Introduction

      Superior A.R.T. Assisted Reproductive Technology and Preimplantation Genetic Testing Clinic (S.A.R.T. Clinic) under the operation of Oogonia Co., Ltd. and/or Superior A.R.T. (Thailand) Co., Ltd. and/or its affiliates (hereinafter referred to as the “Company”)

      The company is committed and attaches great importance to the protection of personal information to maintain the standard of responsibility of the organization with customers, partners, visitors, employees, and stakeholders. regarding the collection, use, disclosure, and protection of the personal information you have provided to the Company while visiting the website https://www.thaisuperiorart.com. This includes ensuring that in using the application you receive services correctly, safely, and honestly, including complying with the Personal Information Protection Act, 2019 or may be amended.

      The company, as the controller of personal information, has set up a policy to protect personal information, covering any information that could directly or indirectly identify you, and whether received directly from you or transmitted from a third party. The policy is to ensure that the data collection, the use of the information for processing, disclosure, management, or the use of the information for the company’s business, complies with the law, and only used to the extent of the data subject’s consent. This policy forms part of the terms and conditions for the provision of using the website and any application, including receiving our services. By using such services, each time you are deemed to have read and agreed to this Privacy Policy which has the following details.

2. Definition

  • Personal Data refers to data about a natural person which makes it possible to identify that person, directly or indirectly, but does not include information about a specific deceased person.
  • Sensitive personal data refers to personal data as indicated in Section 26 of the Personal Data Protection Act B.E. 2562 (2019), namely, data on race, ethnicity, political opinions, belief in a creed, religion or philosophy, sexual behavior, criminal records, health information, disability, trade union information, genetic data, biological data or any other information which affects the data subject in a similar manner as specified in the notification of the Personal Data Protection Committee.
  • “Processing” of personal data means any type of processing such as collecting, saving, copying, organizing, keeping, updating, changing, using, restoring, disclosing, forwarding, publishing, transferring, merging, deleting, destroying, etc.

3. Sources of collected personal data

      The Company only collects your personal data as necessary, which can be identified both directly and indirectly for your benefit within the appropriate time necessary for service provision.

      If you are the one who gave consent to us directly, whether giving information in order to receive our service through a website channel, mobile application, or any other channel, for instance, online transaction, newsletter subscription, or electronic mail correspondence; or providing data for job applications, including offline transactions such as registration at the Company’s registration counter, or registering through staff who are company representatives; or by a survey or other communication channels between the Company and you.

      In addition, we may receive your personal data via any third party, such as your family members, friends, referrals, or representatives, whom you have given consent to, in the event that you have given consent to disclose such information or disclose it as required by law.

      In the event that a data subject refuses to provide information necessary to provide the service, it may result in the Company’s being unable to provide that service to such data subject in whole or in part.

      The Company believes that creating a legal basis for the collection and processing of your personal data to facilitate the delivery of services to you is both necessary and appropriate, and should be with your prior consent with the following exceptions:

      1)   To fulfill the terms of the agreement, or to uphold the agreement between you and the Company, in cases where the service requires the collection, use, or disclosure of your personal data,

      2)   To stop or to lessen life-threatening bodily or health conditions

      3)   To comply with the law

      4)   Where the Company will consider it vital to your rights and for your benefit, or for the Company’s legitimate interests in its operations, such as to prevent fraud, network security, protection of freedom,

      5)   For statistical or research purposes

      6)   To perform duties under the statutes and regulations of Thailand, and where the State deems it necessary for the benefit of the public interest.

4.    Personal data collected by the company

      The Company will collect personal data depending on the purposes of data processing and will only collect what is necessary.

  • Identifiable data such as full name, photo, gender, date of birth, passport number, ID card number, or other identifiable numbers, etc.
  • Contact data such as address, phone number, and email, LINE ID, WhatsApp or other channels.
  • Data about work and education, in the case of job applicants
  • Payment information, such as billing information, credit or debit card information, and bank account details
  • Data on the visit for services such as doctor’s appointments, birth delivery schedule, and personal information of relatives.
  • Data on subscription and participation in marketing activities, such as registering to participate in marketing activities.
  • Statistical data such as the number of patients and website visits
  • Data from using our website such as IP Address, Cookie, Online Appointment System
  • Data on health, reports on physical health, health care, laboratory test results
  • Data related to the use of medication and drug allergies
  • Data on feedback and treatment results provided by you
  • We do not collect and use your sensitive data, namely, race, religious belief, and criminal record, unless prescribed by regulations and laws or with your consent.

5.    Purpose for personal data collection

      We may process your information with your consent or performance of contracts with each other or any other purposes for our legitimate interest for the following purposes:

A. Medical Services

  • Provide or deliver the Service, and your access to the service, whether online or offline.
  • Make an appointment with a doctor, send a news release, introduce the company’s services.
  • Coordinate and refer information to hospitals and other medical facilities, which will help speed up referrals.
  • Verify the patient’s identity.
  • Send message reminders for doctor appointments or offering assistance.
  • Accounting or financial purposes, such as credit card payment verification, billing, validation, and refunds.
  • Security, including safety while being treated in the clinic.
  • To comply with the company’s rules and regulations.
  • To comply with any law, requirement, regulation, or request from government agencies, such as compliance with subpoenas or court orders or other requests by law.
  • Other purposes supporting the implementation of the above objectives or with your consent from time to time.

B. Marketing (Only if you have consented to the processing)

  • Facilitate and present a list of benefits to members.
  • Objectives of marketing, sale promotion, and customer relations, such as sending information about products and services, sale promotion, and partner businesses.
  • Customer satisfaction survey, market research, and statistical analysis for information on product and services improvement or create new products and services.
  • To be a channel for communication, answering questions, or responding to complaints related to the use of our services.

6.    Personal data forward and disclosure

      We may disclose or transfer your personal information to third parties which may be located within Thailand, or outside Thailand where such a country has adequate personal information protection standards and complies with the rules for personal information protection required by law. We will take necessary and appropriate measures, as required by regulations and laws, for the purposes stated above in disclosing personal information to the following persons:

  • Network companies, and business partners.
  • Agents, service providers, or partners who provide services to us or take any action as a representative, such as an information technology service provider.
  • Business partners, such as hotels, car rental companies, insurance companies, partners, and other companies related to providing services to you or fulfill the above objectives.
  • Banks and payment service providers, such as credit or debit card companies.
  • Officers or security and safety agencies.
  • Immigration Department and customs.
  • Government agencies, regulators, and other agencies as permitted or required by law.

7.    Linking to Third Party Sites

      In some case, the Company may be necessary to transfer your data to oversea for the purposes of providing services to you, for example, to send data to the Cloud with a platform or server located oversea (such as Singapore or the United States, etc.) to support information technology systems located outside Thailand, depending on the services of the Company that you use or are involved in on an individual activity.

      However, at the time of preparing this policy, the Personal Data Protection Committee has not yet announced a list of destination countries with adequate personal data protection standards. In the event that the Company has to transfer your data overseas, the Company will make the transfer with adequate personal data protection measures in accordance with international standards or proceed according to the conditions and/or Agreement so that the data transferred will be according to the law as follows:

      1)   You have been informed and consented in the event that the destination country has insufficient standards for personal data protection in accordance with the announcement of the list of countries announced by the Personal Protection Board.

      2)   It is necessary to comply with the agreement that you have entered into with the Company or to fulfill your request prior to entering into that Agreement.

      3)   It is an act according to the Agreement between the company with other persons or juristic persons for your benefit.

      4)   To prevent or suppress a danger to your life, body, or health or another person’s life, body or health when you are unable to give consent at that time.

8.    Personal data retention period

      The Company shall retain your personal data only for as long as it is necessary according to the collection purpose as per any service agreement, policy, announcement, or related legislation. After the expiration of the retention period and your personal data is no longer necessary for such purposes, the Company will either delete and destroy your personal information or make your personal information non-identifiable in accordance with the format and standards for deleting and destroying personal data that the committee or law will announce or in accordance with international standards. However, in the event of a dispute, exercising the right, or lawsuit related to your personal data, the Company reserves the right to keep that information until the dispute has a final order or judgment.

9.    Retention and Safety of Personal Information

  1. To avoid unauthorized loss, access, use, change, correction, or disclosure, the Company will maintain the security of your personal data in line with the principles of confidentiality, integrity, and availability. The Company has also put in place safeguards to guarantee the security of personal data. This includes administrative safeguards, technical safeguards, and physical safeguard procedures. According to the personal data protection committee’s announcement, the company has organization and technical data security procedures that match international requirements.
  2. Following the end of the aforementioned period, your personal data will be kept for as long as necessary, or as required by law, for the purposes outlined in this privacy statement, or for legal action. The Company will promptly, and in compliance with data destruction processes, destroy your personal data if you do not grant us permission to continue processing it.
  3. The Company will take steps to maintain security and employ suitable management to safeguard and secure the personal data it has gathered about you. Whether it is kept offline or online, the Company will restrict access to your information. It shall be held at a facility with restricted access in document form and only accessible to those who need and are authorized to process that personal data.
  4. The Company has taken steps to protect personal information by restricting access to personal data so that only certain officers, or authorized or designated persons, who have a need to use such information for the purposes for which the personal data subject has been notified, are able to access it. Such individuals have a responsibility to uphold the confidentiality of any personal information they become aware of while performing their tasks and are required to adhere to and comply completely with the Company’s personal data protection standards.
  5. The Company will also choose personal data security and confidentiality measures that are appropriate and in compliance with the law when it sends, transfers, or discloses personal data to third parties, whether for service in accordance with the mission contract, or for other types of agreement. This will ensure that the personal data the Company collects is always secure.

10. Rights relating to your personal information
      The Personal Data Protection Act B.E. 2562 (2019) prescribes the rights of personal data subjects in several ways. These rights will be effective when the law on these rights comes into force. Details of the rights are as follows:

      The right to be informed is a right that the personal data subject has without request. As stipulated in Section 23, you have the right to obtain your personal data from the Company in a form that is readable or generally usable by means of automated tools or devices and is capable of using or disclosing personal data by automated means.
      You may contact the Company/Personal Information Protection Officer to submit a request to exercise your rights as follows:

10.1 Right to withdraw consent: You have the right to withdraw your consent to the processing of personal information that you have given us at any time your personal information is with the company.

10.2 Right of access: You have the right to access your personal information and ask the company to make a copy of such personal information for you, including asking the company to disclose the acquisition of personal information that you did not give consent to the company.

10.3 Right to rectification: You have the right to request the company to correct inaccuracies or add incomplete information.

10.4 Right to erasure: You have the right to request that the company delete your data for some reasons.

10.4 Right to restriction of processing: You have the right to suspend the use of your personal information for some reasons.

10.6 Right to data portability: You have the right to transfer personal information that you have provided to the company to another data controller or yourself for some reasons.

10.7 Right to object: You have the right to object to the processing of your personal information for some reasons.

      However, where withdrawal, erasure, restriction, or rectification is permitted, it will not affect to any previous use, processing, or portability of your personal data or information. Furthermore, you should be aware that any withdrawal, erasure, restriction, or rectification of your personal data or information may mean that any further treatment or services may be restricted or withdrawn.

11. Privacy Policy Amendment

      The Company will regularly review the Personal Information Protection Policy to comply with the guidelines, related laws, and regulations, and changes of services and operations of the company. If there is a change in the privacy policy, the company will notify you by posting information on the Company’s website https://www.thaisuperiorart.com./th/ as soon as possible.

     If you have any questions, suggestions, and complaints regarding the Privacy Policy, please contact us at e-mail. services@thaisuperiorart.com

12. Contact Us

      You can request access or updates and corrections to your personal information, including any of the above rights or rights under applicable data protection laws. Please do so in writing along with attaching a copy of evidence providing your identity, such as a copy of ID card or passport, along with doctor appointment details, and contact information, inquiries, details of the error that occurred, telephone number, email, contact address, and any questions, suggestions, complaints about this Privacy Policy.

You can download  “Request Form Regarding Personal Data” (click here). Please fill in the form and send an email to Personal Information Protection at services@thaisuperiorart.com

      Or you can contact the Personal Information Protection Officer by contacting the Call Center 063-904-8899 or at this address.

      Oogonia Company Limited, 1126/2 Vanit Building 2, Lobby Floor, New Petchburi Road, Makkasan, Ratchathewi, Bangkok 10400 / Phone No. 02-035-1400

      The company will consider and notify the result of your request within 30 days from the date of receipt of such request.

    This Privacy Policy is effective from 15 August 2022 onwards.

This will be effective from 15 August 2022 onwards
Announced on 10 August 2022
Please be informed accordingly