SMBC
SMBC Gruop

Privacy Policy

1. Our Privacy Statement


SBCS Co., Ltd. (the “Company” or “we”) has established and disclosed this Privacy approach to explain how we process personal data of the inquirer, research cooperator, event attendee, our customers, vendors, other business partners (including the Professional), and other person related to the transaction, including its corporate entity’s individuals such as its employees, contact persons, and directors (“You”) since the protection of your personal data is of great importance to us.

We process your personal data in accordance with the applicable regulation relating to personal data protection, in particular, the Personal Data Protection Act B.E. 2562 (“PDPA”). This Privacy Policy explains how we, as the data controller, collect, use and disclose your personal data.


2. Personal Data to be Collected


Regarding the PDPA, personal data means any information relating to an individual, which enables the identification of such individual, whether directly or indirectly, but not including the information of the deceased persons in particular.

We collect all or part of the following personal data for processing to achieve the purposes as herein with the legal basis provided for in the PDPA. We collect your personal data directly from you or your personal data may be collected from the company which you work for.

Name, Surname, Address, Email address, Phone number, Mobile number, Your company information (name, address, Phone number, your department, your position), Copy of your ID card (without religion), Copy of the Passport, ID number, Passport number, Nationality, Date of birth, Gender, Age, your photo, and any other certificate of personal data


3. Purpose of Processing of Personal Data


The Company collect, use, or disclose your Personal Data for various purposes depending on the relationship between you and the Company as follows:


  • To respond to your inquiry;
  • To contact you about business with you or your company;
  • To identify attendees and applicants, grasp and manage applications for and attendance at events such as the seminars held by us, and provide information on our upcoming Events;
  • To provide our reports and news via e-mail, etc. ;
  • To introduce you or your company to our clients for business matching;
  • To provide our clients with information that we hear from you in the process of research;
  • To conclude a contract with you or your company, to perform contractual obligations, and to receive or deliver the information or documents between your or your company and the Company including to comply with our internal procedures;
  • To perform contractual obligations and monitor your work performance under the contract between you or your company and the Company, including monitoring security during work performance, and to comply with our internal procedures (for example, payment, receipt or delivery of documents between you or your company and the Company, issuance of building entry card, etc.) ;
  • To mediate contact between our group companies, our business partner or our client and you or your company;
  • To manage our relationship with you or your company ;
  • To record your information in the Company’s database;
  • To verify your identity;
  • To comply with relevant regulations such as tax laws;
  • To manage risks and undertake internal prevention, audit and administration to comply with laws, and to report information to government authorities as required by laws or upon receiving an order or a writ of attachment from the authority;
  • To control access to the buildings and premises, and to observe, prevent, deter, and (if necessary) investigate unauthorized access to buildings and premises for the purpose of monitoring the security of the buildings and premises of the Company.

4. Legal Basis for Processing of Personal Data


The legal basis for the processing of your personal data is as follows:


  • When required by the law, consent shall be obtained;
  • When the processing activity is required for the pursuit of legitimate interests of the Company;
  • When the processing activity is required for compliance with our legal obligations.

5. Retention Period for Personal Data


We will retain your personal data for as long as necessary to fulfil the aforementioned purposes for obtaining and processing your personal data. Specific criteria used to determine our retention periods are the duration we have an ongoing relationship with your company, the compliance with applicable laws, the compliance with legal prescription to exercise the rights to legal claims or defend against the rights to legal claims and the necessity of retaining the personal data for other legal or business reasons.

Please kindly be ensured that the retention of personal data after the expiry date of the retention period will only occur only in the necessary circumstance. When the retention period has ended or the retention of such data is no longer necessary (whichever is applicable), we will destroy or erase such data from our system.


6. Disclosure of Personal Data


We may share and disclose your personal data to the following third parties in accordance with the PDPA for the purposes stated in this privacy policy. The Company will inform you to acknowledge and request consent as necessary and required by the PDPA.


  • Our group companies
  • Our clients
  • Our business partners
  • Government authorities, or other authorities as stipulated by laws, including competent officials, e.g., courts, police officers, the Revenue Department, etc.
  • Agencies, service providers and/or sub-contractors for their implementation and procedures, for example, accounting companies, tax consultants, IT services, such as Cloud services, providers.

As a result of the aforementioned sharing and disclosure, in some cases your personal data will be transferred to the recipient company in Japan or other countries with appropriate safeguards by executing with the transferee the standard data protection causes including Binding Corporate Rules or Data Processing Agreement (if any or whichever is appropriate) pursuant to the PDPA, unless the data transferred country has appropriate data protection standard as prescribed by the Personal Data Protection Committee or we obtain your consent pursuant to the PDPA.


7. Your Rights as a Data Subject


You have the following rights regarding personal data obtained and processed by us.


  • Obtaining information regarding the processing of data: You have the right to obtain from us all the requisite information regarding our data processing activities that concern you.

  • Access to personal data: You have the right to obtain from us confirmation as to whether personal data concerning you are being processed, and, if so, then access to the personal data and certain related information.

  • Rectification or erasure of personal data: You have the right to have us rectify inaccurate personal data concerning you without undue delay and the right to have us complete any incomplete personal data. Also, if certain conditions are satisfied, you will have the right to have us delete personal data concerning you without undue delay.

  • Restriction on processing of personal data: If certain conditions are satisfied, you will have the right to have us restrict the processing of personal data concerning you.

  • Objection to the processing of personal data: If certain conditions are satisfied, you will have the right to object to the processing of personal data concerning you.

  • Data portability of personal data: If certain conditions are satisfied, you will have the right to receive personal data concerning you in a structured, commonly used, and machine-readable format and the right to transfer those data to another controller without hindrance from us.

  • To be subject to automated decision-making: If certain conditions are satisfied, you will have the right not to be subject to solely data-based, automated decision-making (including profiling) that produces any legal or similar material effect on you.

If you intend to exercise any of the aforementioned rights, please inquire using the contact details at the end of this privacy policy.

If you do not wish us to continue to use your personal data collected by us before the effective date of the PDPA, you can withdraw its consent. In that case, please inquire using the contact details at the end of this privacy policy.


8. Data Protection Security Measures


The Company implements appropriate and strict security measures for preventing unauthorized or unlawful loss, access to, use, alteration, correction or disclosure of personal information.

In the case where the Company assigns any third party to process your personal information pursuant to the instructions given by or on behalf of the Company, the Company shall appropriately supervise such third party to ensure your personal information protection in accordance with the PDPA.


9. Contact details


For questions or inquiries regarding this privacy policy, please contact us at:

SBCS Co., Ltd.
1 Q. House Lumpini Building, 16th Floor,
South Sathorn Road, Tungmahamek, Sathorn, Bangkok 10120
TEL: +66-2677-7270
E-mail: info@sbcs.co.th