Privacy Policy
AXA Insurance Public Company Limited (“AXA”, “we”, “us” or “our”) recognizes the importance of protecting the agent’s ("You”) personal data including sensitive data, so we have prepared this Privacy Policy to inform you of the collection, use, disclosure, and international transfer of your personal data and sensitive data. Hereinafter, Personal data and Sensitive data will be mentioned as Personal Information.
- Personal data means any information that can directly or indirectly identify you.
- Sensitive data means any information that is defined by the Personal Data Protection Act ("PDPA") as be sensitive data such as racial, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behavior, criminal records, health data, disability, trade union information, genetic data, biometric data, or of any data which may affect the data subject in the same manner
This Privacy Policy applies to your Personal Information including other people relating with you (“Third Party”) that is necessary for your job application such as your ex-employer, people working in AXA that you know.
1. Personal Information We Collect
The detail of Personal Information is as follows:
1.1 Personal Data
(a) Contact details such as name, surname, e-mail address, postal address, telephone number
(b) Identification information such as your date of birth, gender, age, identification number, passport number, marital status, photo
(c) Financial information such as income
(d) Information relevant to your education and experience such as educational background, work experience, skills, qualifications, training course records
(e) Other information such as information of family members, references, emergency contact persons
1.2 Sensitive Data
(a) Identification card details such as religion, blood type, and racial information
(b) Information about your health, disability, drug test results
(c) Criminal records
2. How We Collect Your Personal Information and Third Party’ Information
We might collect your Personal Information from you directly and from other sources, for example;
- Organization – Companies inside the AXA Group, Business partner and any other party whom AXA has a legal relationship
- Government authorities such as Royal Thai Police, Immigration Bureau, The Office of Insurance Commission, The Anti-Money Laundering Office or etc.
- Third parties who provide information which necessary in agent management and selection and risk assessment, such as the referrals you specify in the application or etc.
- Other publicly available sources such as our website, other job posting sites, information made available on the internet, other social media platforms or etc.
3. Purposes of Collection, Use or Disclosure of Personal Information
3.1 Collection, use or disclosure of your information
We collect, use or disclose your Personal Information for the purposes as follows:
3.2 Collection, use or disclosure of third party’s information
Please inform third party before you disclose his/her information to us.
4. Data Disclosure and Transfer
For the purposes set out in this Privacy Policy, we may disclose your Personal Information to companies inside the AXA Group and other recipients outside the group as follows:
4.1 Companies and affiliates within our group for our efficiency and accuracy of business administration or preventing and detecting fraud.
4.2 Recipients and their affiliates for the purposes set out in this Privacy Policy, for example;
(a) Government authorities, supervising authorities or other authorities as stipulated by laws, including competent official, e.g., courts, police officers, etc.
(b) Agencies and/or service providers, such as document storage and destruction service providers, IT development companies, etc.
(c) Other recipients as per your consent or contractual requirements or legal requirements, as the case may be
Disclosure of your Personal Information to a recipient outside of AXA will only be made where the recipient has agreed to keep your information strictly confidential and shall only be used for the specific purpose for which we provide it to them.
We may also disclose your Personal Information to other recipients where:
- we are required or permitted to do so by the law or by regulatory bodies; or
- we believe that such disclosure is necessary in order to assist in the prevention or detection of any criminal action including fraud or is otherwise in the overriding public interest; or
- exemptions under the data protection legislation allow us to do so
Some of the recipients set out above may be in countries outside of Thailand notably in Singapore, where AXA has a Data Centre, or any other designated AXA group entity as the case may be. Where we make a transfer of your Personal Information outside of Thailand, in all cases where Personal Information is transferred to a country which is deemed not to have the same standards of protection for Personal Information as Thailand will ensure Appropriate Safeguards have been implemented to ensure that your Personal Information is protected where standards are not the same or similar to those standards within Thailand.
5. Data Retention Period
The time period we retain your Personal Information for will differ depending on the nature of the Personal Information, what we do with it, why we hold it and what we’re obliged to do by the regulator or the law. In most cases, we will retain your information for 10 years after the termination of your policy.
We keep your Personal Information for as long as reasonably necessary to fulfil the relevant purposes set out in this Privacy Policy and in order to comply with our legal and regulatory obligations. In some instances, we will minimize Personal Information; or de-identify data to use for statistical or analytical purposes, this activity is undertaken in accordance with PDPA.
6. Your Rights
You can ask us to do various things with your Personal Information. For example, at any time you can ask us for a copy of your Personal Information, correct mistakes, change the way we use your information, or even delete it. We’ll either do what you’ve asked or explain why we cannot.
You have the following rights in relation to our use of your Personal Information.
- The right to access your Personal Information
You are entitled to a copy of the Personal Information we hold about you and certain details of how we use it. There will not usually be a charge for dealing with these requests. Your Personal Information will usually be provided to you in writing, unless otherwise requested. - The right to rectification
We take reasonable steps to ensure that the Personal Information we hold about you is accurate and complete. However, if you do not believe this is the case, please contact our DPO team by using the contact information as specified in article 7 of this policy and you can ask us to update or amend it. - The right to erasure
In certain circumstances, you have the right to ask us to erase your Personal Information, for example where the Personal Information we collected is no longer necessary for the original purpose or where you withdraw your consent. However, this will need to be balanced against other factors, for example according to the type of Personal Information we hold about you and why we have collected it, there may be some legal and regulatory obligations which mean we cannot comply with your request. - Right to restriction of processing
In certain circumstances, you are entitled to ask us to stop using your Personal Information, for example where you think that the Personal Information we hold about you may be inaccurate or where you think that we no longer need to process your Personal Information. - Right to data portability
In certain circumstances, you have the right to ask that we transfer any Personal Information that you have provided to us to another third party. Once transferred, that third party will be responsible for looking after your Personal Information. - Right to object
You have the right to object to the collection, use or disclosure of your Personal Information for direct marketing purposes or on grounds stipulated by law. - The right to withdraw consent
You can withdraw consent given to us at any time unless there is a restriction of the withdrawal of consent by law or the contract which gives benefits to you.
However, the withdrawal of consent will not affect the collection, use or disclosure of personal information for which you have previously legally given consent to us. - The right to lodge a complaint
You have a right to complain to the Personal Data Protection Committee at any time if you object to the way in which we use your Personal Information.
You can make any of the requests set out above using the contact details provided to you in your policy documentation, the contact details of the Data Protection Officer (DPO) as specified in this Privacy Policy. Please note that in some cases we may not be able to comply with your request for reasons such as our own obligations to comply with other legal or regulatory requirements. However, we will always respond to any request you make and if we can't comply with your request, we will tell you why.
7. Contact Details of the Data Protection Officer
If you wish to contact AXA or the Data Protection Officer, the details are below:
AXA Insurance Public Company Limited.
Address: 414 Siam Patumwan House, Floor 25th, unit2511-1-2, Phayathai Rd., Wangmai Sub-district, Pathumwan, Bangkok 10330 Thailand
Call Center: 02 – 118 – 8111
Monday to Friday - 8:30 AM - 6:30 PM and Saturday - 9:30 AM - 6:00 PM
Closed on Sunday and official holidays
The Data Protection Officer
Address: 414 Siam Patumwan House, Floor 25th, unit2511-1-2, Phayathai Rd., Wangmai Sub-district, Pathumwan, Bangkok 10330 Thailand
E-mail: dpo@axa.co.th
Channels for exercise your rights as the Data Subject : https://direct.axa.co.th/PDPA
8. Update to this Privacy Policy
AXA regularly reviews and, if appropriate, updates this Privacy policy from time to time to ensure that your personal information is properly protected. In case of any update to this Privacy policy, AXA will inform you through Notice on this website, notification on your device or other appropriate methods. Please visit https://www.axa.co.th/privacy-policy-statement for the updated Privacy Notice.
This Privacy Policy shall take effect as of the date that the Personal Data Protection Act becomes effective.
Published on 31/05/2022