Privacy Policy

Modernform Group Public Company Limited (hereinafter referred to as “Company”, “we/our/us”) issued this Personal Data Protection Policy to prescribe the process of data collection, storage, usage, and disclosure, including other rights of the data subjects, covering our customers, employees, and stakeholders who provide the data to us directly or via our information technology system. The company recognizes the importance of personal data protection. Therefore, the data subjects can be confident that the provided information has been managed with the most appropriate and best security measures, in compliance with the Personal Data Protection Act B.E. 2562 (2019) (PDPA).

“Company Group” means Modernform Group Public Company Limited

“Company” means Modernform Group Public Company Limited, including persons authorized to act on behalf of the company or persons assigned to work on behalf of the company.

“Personal Data” means any information relating to a person which directly or indirectly enables the identification of such person.

“Officially Authorized Person” means a person whom the highest-ranking executives have assigned to oversee, take responsibility for, and perform the work.

“Cookies” means tiny components of data stored in the equipment of customers or service users or stakeholders enabling the website to memorize the user’s website accessing history or movement for each use of the website.

The company respects and recognizes the importance of personal data rights and personal data protection. Additionally, the company realizes that personal data subjects need security and safety in using services. Any personal data submitted to the company, such as names, age, addresses, telephone numbers, identification numbers, and financial information, etc., which can identify the data subjects and are complete, accurate, up-to-date and quality personal data will be used only in line with the company’s operating objectives. The company has strict security measures and prevention not to let unauthorized parties access and use personal data without the data subject’s consent. The company will report breaches of personal data to data subjects immediately when violations occur.

The company collects personal data from various channels. The personal data which we may collect include following details:

Information obtained directly by customers, service users, or stakeholders such as:

• Personal contact information such as first names, last names, telephone numbers, addresses, and email addresses.
• Identification data such as usernames, and contact persons for collection of goods.
• Other personal data such as credit card numbers, birth date, address, gender, age, income, lifestyle, type of accommodation, and CCTV moving and still images.
• Other data appearing on filling forms and accompanying documents
• Computer traffic logs including IP numbers, dates and times of use, equipment code, type of equipment, mobile network, connection, geographic location, type of browser, website entry/exit logs, referring website, website history, login logs, and transaction logs.
• Audio recording data when communications are made to the company or logs of contact details.
• Data generated by analysis and collection of statistics on the use of services or systems such as customer behavior, website entry statistics, website access time, searched data, use of website functions, and data collected by the company through cookies.

The company is using closed-circuit television (CCTV) devices for monitoring our designated areas within and around our buildings and facilities to protect life, health, and property. We collect personal data of all customers, employees, directors, contractors, workers, visitors, or any individuals entering the monitored space within our buildings, sites, and facilities through the use of CCTV devices, for the following purposes:

• to protect individuals’ health, personal safety, and belongings.
• to protect and prevent our premises, facilities, and assets from damage, disruption, vandalism, and other crime.
• to support law enforcement agencies in the prevention, detection, and prosecution of crime and to act as a deterrent against crime.
• to assist in the effective resolution of disputes which arise in the course of disciplinary or grievance proceedings.
• to assist in the investigation or proceedings concerning a whistleblowing complaint
• to assist in the establishment or defense of any civil litigation, including but not limited to employment proceedings.
• to identify individuals and to comply with relating law enforcement.

The company installs CCTV devices in plain sight and in the appropriate areas, and never installs the CCTV devices in the restroom or changing room. The company will also place appropriate signage in the monitored areas to alert you that a CCTV is in use and your personal data is being recorded.

The company collects the aforementioned personal data for objectives in the company’s legal operations and to enhance the company’s operations efficiency. The company stores only necessary personal data to be used for the following operations:

• To report/manage activities involving the company’s businesses.
• To study, research, and collect statistics.
• To improve service quality, develop marketing plans, create commercials and public relation program, send product news and promotions related to the company’s products and services.
• To improve, develop, and enhance the efficiency of the company’s operations.
• To accept complaints, recommendations, criticisms, and comments.
• To contact data subjects via any channel for checking, informing, validating, verifying personal data, or surveying as necessary.
• To verify data in compliance with the law and associated criteria and rules currently enforced and future revisions or additions.

If personal data collection objectives change or update afterward, the company will notify or announce the updated objectives concerning data collection to data subjects without hesitation.

In the aforementioned personal data collection, the company only collects data with consent from data subjects or stakeholders

To facilitate the company’s business operations or perform the company’s duties to customers, the company may disclose personal data to service providers who are third parties, representatives, subsidiaries, or associated persons located domestically or abroad for any objective of personal data storage, utilization, disclosure, and processing. Furthermore, the company may disclose personal data to government officials or agencies to comply with laws, rules, guidelines, regulations, or management systems enforced on the company.

The company will require third-party agencies to maintain secrecy and safety of personal data and forbid the use of the aforementioned personal data for any other objectives than specified by the company.

Following are examples of the third parties to whom the company may disclose personal data:

• Data import service providers.
• Expert consultants, advisors, and/or external certified public accountants.
• Third-party service providers such as management service providers or operational service providers involved in the company’s business including telecommunications, information technology, logistics and transportation, assembly, installation, publication, postal services, or marketing services and sales promotion activities.
• Associated government officials or agencies.

Third parties with whom the company engages in business with has the right to utilize personal data for only specific operations as stated in the contracts made with the company. Part of the specifications in contracts made by the company with third parties require the aforementioned persons to comply with any laws and policies specified by the company, and these persons must use appropriate measures to ensure that your personal data will be safe and protected.

The company will keep personal data periodically based on suitability for use with a clear designated retention period based on the category of the data. At the end of the aforementioned period, the company will immediately delete the aforementioned personal data.

• The company affirms to keep our customers' and stakeholders' collected personal data confidential, and not use it for other objectives than the lawful objectives, or for the company’s business operations.
• The company will not sell, transfer, or disseminate the aforementioned data to outside persons without consent from data subjects.
• The company may disclose personal data if the data is disclosed to the public legally or in compliance with court orders or requests from government agencies for the benefit of investigations by officials according to the law or court case considerations.

• To access, delete, revise, or verify personal data.
• To not accept any marketing communication data from the company.
• To request the company to send or transfer personal data to other personal data controllers which can be done automatically when the personal data subjects notify the objectives to the company, identify in writing, and send to the company. When the company accepts the aforementioned request, the company shall notify the existence or details of data, to data subjects within an appropriate period.

Requests pursuant to the rights of personal data subjects will be considered and recorded. The company will consider taking action based on personal data subjects’ requests only after the company checks and found no conflicts with any specifications of the law which the company is required to comply with.

To manage personal data safely and appropriately, the company has security and safety measures to prevent unauthorized or unlawful loss, access, use, edition, revision, or disclosure of personal data. If personal data is violated with negative effects on personal data subjects directly, the company will inform personal data subjects of personal data violations as quickly as possible to mitigate damage and investigate the cause in addition to specifying appropriate remedial measures.

The company has appointed personal data protection officers to oversee the compliance of this policy. If personal data subjects or stakeholders have questions concerning this policy or wish to send petitions under any rights, please contact Call Center 0-2094-9999, Line : @modernform, Facebook : Modernform Furniture

The company may modify this policy to be consistent with changes in the company’s operations in response to recommendations or opinions from personal data subjects or to make modifications in line with legal requirements. If revisions or changes are made to this policy, the company will announce changes to associated personal data subjects clearly before making changes via www.modernform.co.th/privacy-policy, or the company may send notifications to remind personal data subjects directly.

Personal data subjects agree and acknowledge that this personal data protection policy is effective on all personal data collected by the company and personal data subjects agree for the company to have the right to collect, store, use or disclose personal data collected by the company (if any), including personal data currently collected by the company or personal data to be collected by the company to other persons within the scope specified in this personal data protection policy.