(Privacy Policy)

Prolife Plus Public Company Limited (the “Company”) is committed to implementing personal data protection measures in accordance with the Personal Data Protection Act B.E. 2562 (2019) and all applicable laws. This Privacy Policy has been established to ensure that the Company’s operations comply with legal requirements and international standards for personal data protection. It also outlines the principles for safeguarding the rights of data subjects and the management procedures to address any infringement of such rights in an efficient and appropriate manner.หมาะสม

1. Scope of Application

This Privacy Policy, in compliance with the Personal Data Protection Act B.E. 2562 (2019) and other relevant legislation, governs the processing of all personal data carried out by the Company. It extends to any individuals who gain access to personal data in connection with the Company's operations. All such persons are required to comply with this Privacy Policy and the applicable legal framework as defined under contractual terms and conditions, including products and services under the Company’s management such as websites, applications, documents, or other forms of services (collectively referred to as the “Services”).

This Policy applies to the following data subjects:

• Individual customers;
• Officers, staff, or employees of the Company;
• Business partners and service providers who are natural persons;
• Directors, authorized persons, representatives, agents, shareholders, employees, or other individuals holding a similar status in legal entities that have a relationship with the Company;
• Users of the Company’s products or services;
• Visitors to or users of the Company’s websites, systems, applications, devices, or other communication channels under the Company’s control;
• Other individuals whose personal data is collected by the Company, such as job applicants, employees’ family members, guarantors, etc. Items (1) through (7) are hereinafter collectively referred to as the “Data Subjects.”

In addition to this Policy, the Company may issue specific Privacy Notices (each a “Notice”) relating to certain products, services, or personal data processing activities that are subject to particular contractual terms or conditions. These Notices are intended to inform Data Subjects of the personal data being processed, the purposes of such processing, the retention periods, and the rights to which they are entitled under applicable law. In the event of any inconsistency between such a Notice and this Policy, the provisions set forth in the Notice shall prevail.

With respect to personal data collected prior to the effective date of the Personal Data Protection Act B.E. 2562 (2019), the Company may continue to collect and use such data for the original purposes for which it was obtained. However, any disclosure or processing activities other than collection and use shall be conducted in accordance with the Personal Data Protection Act B.E. 2562 (2019) and relevant laws.

2. Definitions

For the purposes of this Personal Data Protection Policy, the following terms shall have the meanings set forth below:

“Personal Data Protection Policy” refers to this policy established by the Company to inform Data Subjects of the Company’s personal data processing activities and relevant details, as required under the Personal Data Protection Act B.E. 2562 (2019) and applicable laws.

“Personal Data” means any information relating to an individual that enables the identification of such individual, whether directly or indirectly, but excluding information of deceased persons.

“Sensitive Personal Data” means any Personal Data pertaining to race, ethnicity, political opinions, religious or philosophical beliefs, sexual behavior, criminal records, health data, disabilities, labor union information, genetic data, biometric data, or any other information of a similar nature as may be prescribed by the Personal Data Protection Committee.

“Processing” means the collection, use, or disclosure of Personal Data.

“Data Subject” refers to a natural person who is the subject of the Personal Data.

“Data Controller” means a person or juristic person who has the authority and responsibility to make decisions regarding the collection, use, or disclosure of Personal Data. This definition shall include any reference under applicable data protection laws that has the same or similar meaning to a data controller.

“Data Processor” means a person or juristic person who processes the collection, use, or disclosure of Personal Data on behalf of or under the instructions of the Data Controller. This term shall include any reference under applicable data protection laws that has the same or similar meaning to a data processor. For clarity, such a person or entity is not considered a Data Controller.

“Cookies” means small computer files that temporarily store necessary Personal Data on the Data Subject’s computer in order to facilitate and enhance communication during access to the Company’s website. The use of Cookies is effective only during a user’s session on the website.