minutes reading time

Personal data protection policies and practices

1. importance

Surazinsano Company Limited respects and places importance on protecting the personal information of personnel, customers, business partners, and business partners. Surazinsano Company Limited will protect personal information from being used in a wrong way. that is wrong and keep such information safe according to laws and international standards

2. objective

2.1 To make transactions with Surazinsano Company Limited secure, safe, reliable, with protection of personal information of all personnel, customers, business partners, and business partners.

2.2 To prevent damage caused by personal data being fraudulently exploited or misused.

3. Definition

“Managing director” means a director of Surazinsano Company Limited.

“Manager” means the executives of Surazinsano Company Limited.

“Staff” means employees of Surazinsano Company Limited.

“Personal Data” means information about an individual which enables the identification of that individual, whether directly or indirectly. But it does not include information about the deceased.

“Data Controller” means Surazinsano Company Limited, which has the authority to make decisions regarding the collection, use, or disclosure of personal information.

“Personal Data Processor” means a person or juristic person who carries out the collection, use, or disclosure of personal data according to the order or on behalf of Surazinsano Company Limited. The processor Personal data must not be the same person as the data controller.

“Data Subject” means the person to whom the data is specified. This is not the case where a person has ownership, it does not include legal entities established by law such as companies, associations, foundations or any other organizations.

“Sensitive Personal Data” means personal data that is sensitive in nature. It is forbidden to collect without the express consent of the owner of personal data Because of the risk of being used in unfair discrimination. Therefore, it is necessary to proceed with special caution, including race, ethnicity, skin color, political opinions, religion, and sexual behavior. Criminal history, health information, disability, union information Genetic information, biological information, and any other information required by law. Each country determines

“Personal Data Source” means the source that receives personal data from the owner of personal data, such as
  ● Transactional contact, filling out forms, giving opinions, giving feedback, or inquiring about information via websites, applications, telephone, email, direct meetings. or by any other means
  ● Participating in marketing activities Sweepstakes, events, and other activities
  ● Providing services through websites, applications, or E-Commerce service providers.
  ● Collection of personal information from public sources. Business resources commercial resources or information sources from Social Media, regardless of whether the owner of the personal data disclosed the information himself. or has given consent to anyone to disclose such personal information
  ● Collection of personal information from third parties such as family members. Person to contact in case of emergency beneficiary work insurance vendor Job application websites, references, employment agencies Government agencies, educational institutions, whether the owner of the personal data will disclose the information themselves. or has given consent to anyone to disclose such personal information
  ● Delivery of supporting documents for business contracts or employment contract with the company
  ● Delivery of supporting documents for job applications
  ● Recording of still images or moving images by closed-circuit television (CCTV) cameras in the premises under the control of Suracinsano Company Limited.
  ● Visiting the Company's website, whether intentional or not. or unintentional"

“Third parties” means individuals or legal entities other than the data owner. Personal data controller and personal data processors hired to process data on behalf of Surazinsano Company Limited.

“Data Protection Officer: DPO” means the person appointed. To have a duty to provide advice and inspect the operations of personal data controllers or personal data processors to ensure compliance with the Personal Data Protection Act B.E. 2019 as well as the Personal Data Protection Act. Another version

“Privacy Notice” means informing data owners of the purposes and methods of collecting and using your personal data. The period for keeping personal information of the company

“Cookie” means a unique file created by a website and stored on a computer. or the user's communication device which will store the user's personal information, usage, and various settings in order to improve the user's experience of using the website.

4. Principles

4.1 Control of personal information
    Surazinsano Company Limited as the personal data controller. Must proceed according to the principles of personal data protection as specified below. In order to use personal data correctly, Surazinsano Co., Ltd. must manage the following practices.
    1) Inform the owner of personal data of the purpose, conditions and request consent (if any) before collecting and using it. or disclose personal information
    2) Collect, use and disclose personal information as necessary for the purposes notified to the owner of personal information.
    3) Prevent information from being used or disclosed without permission.
    4) Provide measures to maintain the security of personal information in storage, use, or disclosure, including sending or transferring personal information to other persons, and measures must be reviewed to be consistent with changes.
    5) Correct, change, delete or destroy information as requested by the owner of personal data.
    6) Arrange for follow-up. Verify the deletion or destruction of personal information when
     • Data collection beyond the specified period.
     • Information that is not relevant or superfluous for the stated purpose.
     • The data subject requests or withdraws consent.
    7) Provide for the determination of rights and limitations on the right to access personal information.
    8) Arrange for recording of personal information. so that the owner of personal data can access or verify
    9) Report the incident of personal data violation to the Personal Data Protection Officer. and the owner of personal data immediately upon detection"

4.2 Processing of personal data
    In processing personal information, Surazinsano Co., Ltd. has taken steps to prevent the use or disclosure of personal information illegally or without consent. By allowing the data processor, Surazinsano Company Limited, which includes insiders, outsiders, and outside juristic persons. Proceed as follows.
    1) Collect, use, or disclose personal information. As ordered by the Personal Data Controller
    2) Provide security measures. To prevent loss, access, use, change, modification, or disclosure of personal information.
    3) Record and maintain a list of personal data processing.
    4) Report personal data violations to the Personal Data Controller immediately upon detection.”

5. Duties and responsibilities

5.1 Executives
    5.1.1 Set direction and be a consultant in the operation of the information security management system and personal data protection.
    5.1.2 Consider the information security management system policy and personal data protection proposed and approved by the working group.
    5.1.3 Consider setting guidelines and methods for risk assessment. Criteria for accepting risk and the level of risk that can be accepted
    5.1.4 Consider the results of the risk assessment.
    5.1.5 Consider and certify the implementation of information security control measures and personal data protection.
    5.1.6 Consider the results of the internal audit.
    5.1.7 Provide support and monitor progress in operations.”

 

5.2 Information Security Management Representative (ISMR)
    5.2.1 Report to the information security management system management team. to the operating situation and efficiency of the management system
    5.2.2 Lead the working group in operating the management system.
    5.2.3 Arrange a meeting of the management team to follow up on the operational plan.
    5.2.4 Evaluate operational consistency and efficiency.
    5.2.5 Provide and support necessary resources to be able to implement information security control measures.
    5.2.6 Measures to reduce risk and manage them according to the specified framework. Order and follow up to be able to carry out internal audits. Information security management system according to the specified time frame"

 

5.3 Personal Data Protection Executive Representative (DPO)
    5.3.1 Provide advice and knowledge in complying with various important requirements regarding Personal Data Protection Act for data controllers and data processors and related employees according to the Personal Data Protection Act 2019 as well as other personal data protection laws.
    5.3.2 Check the organization's operations in accessing and maintaining various personal data to ensure that they are in accordance with the requirements in the PDPA.
    5.3.3 Evaluate and specify the purpose of using or disseminating personal information. and clarify the rights of data owners Including the measures the organization uses to protect personal information.
    5.3.4 Coordinate with the Personal Data Protection Committee (PDPA) in the case of problems regarding the use of the Personal Data Protection Act in the organization.
    5.3.5 Take care of the collection. Use and disclose personal information of related organizations and personnel To be consistent with personal data protection laws and corporate data protection policies. Including managing data protection activities within the organization, such as raising awareness of data protection issues and processes Personnel training Data risk assessment Monitoring personal data protection within the organization and dealing with data processing requests from personal data owners or interested parties, etc.
    5.3.6 Coordinate and cooperate with the Personal Data Protection Office. (or related agencies) in the event that there is a problem with data processing
    5.3.7 Mediate preliminary disputes with owners of personal data. In the case of various complaints related to personal information
    5.3.8 Maintain the confidentiality of personal information during the performance of duties.
    5.3.9 Record and maintain a list of the organization's data processing activities.
    5.3.10 Others as appropriate"

 

5.4 Working group
    5.4.1 Create a policy for information security management system and personal data protection.
    5.4.2 Develop policies, procedures and action plans related to information security management systems and personal data protection.
    5.4.3 Organize training. Participate in training. To create awareness of treatment Information security and personal data protection include protecting personal data for yourself and those involved.
    5.4.4 Study and assess risks. According to the scope of the information security management system and personal data protection
    5.4.5 Analyze and plan for reducing information security and personal data protection risks.
    5.4.6 Implement risk control measures according to the risk reduction plan and implement information security and personal data protection measures determined by the management or management representatives.
    5.4.7 Measure the effectiveness of risk control measures and compile them to present to the management or management representatives.
    5.4.8 Establish procedures or regulations related to information security and personal data protection.
    5.4.9 Control and supervise departments within the organization to follow procedures. and action plans related to the designed information security management system and personal data protection.
    5.4.10 Gather operational effectiveness to present to management or management representatives.
    5.4.11 Set plans and guidelines for the company to be in accordance with the law. Personal Data Protection Act 2019
    5.4.12 Evaluate compliance with the said law by reporting performance results to management.”

 

5.5 employees
    5.5.1 Use personal information carefully. Strictly comply with the laws, rules and regulations of the company.
    5.5.2 Notify the Personal Data Protection Officer immediately. When discovering a leak or violation of personal information
    5.5.3 If you see any action that may be considered a violation of this policy. Please report them through the company's whistleblowing and complaint channels."

5.6 Third parties or external companies
    5.6.1 Must process data as long as the contract allows data processing on behalf of Surazinsano Company Limited.
    5.6.2 Information security and personal data protection must be followed.”

6. Personal information guidelines

6.1 Collection of personal information
    6.1.1 Store personal information limited to the extent necessary for use in accordance with the purposes notified to Owner of personal information
    6.1.2 Do not store personal information that is sensitive information or information that causes unfair discrimination. or inequality which may affect the data owner unless consent is obtained from the data owner or it is stored according to law.

 

6.2 Storage of personal information
    6.2.1 Security measures for storing personal information By limiting the rights of individuals to access information to prevent destruction. Unauthorized modification and access to data and to prevent personal information leakage
    6.2.2 The collection of personal data by internal persons, outsiders or external companies must have a data protection system in accordance with international standards. There is an agreement to keep personal data for the purpose necessary for use.

 

6.3 Sending or transferring personal information
    6.3.1 The transmission or transfer of personal data requires the request or consent of the data owner.
    6.3.2 International transfers of personal data are possible in the following cases.
     • The owner of personal data is aware of the standards of personal data protection. of the destination country may not be sufficient along with giving consent
     • The transfer of personal data is necessary for the performance of a contract. in which the owner of personal data is a contracting party or is carried out at the request of the owner of personal data
     • The transfer of personal data is done to prevent or stop danger to life. or the health of the owner of personal data in cases where the owner of personal data is unable to give consent.

 

6.4 Rights of the owner of personal data
     6.4.1 Have the right to withdraw consent. In the case where the data owner has previously given consent to use the data That consent can be revoked at any time. The consent must not violate the restriction of the right to withdraw consent by law or contract that benefits the data owner.
     6.4.2 Right to be informed of details
     6.4.3 Have the right to request access to information and obtain copies of your own information.
     6.4.4 Has the right to transfer data to another personal data controller.
     6.4.5 Have the right to object to collection. Use or disclose personal information You can make a request to the data controller at any time.
     6.4.6 Have the right to delete or destroy your own personal information. or make the data unable to identify the owner of personal data as required by law.
     6.4.7 Have the right to suspend the use of personal information. Whether it is in the case of changing your mind about not wanting to provide the information or changing your mind to suspend the destruction of the information when it is due to be destroyed. Because it is necessary to use the information in legal matters or in making claims.
     6.4.8 Have the right to notify in order to make corrections or changes in cases where the information is incorrect so that it is up-to-date and does not cause misunderstandings.
     6.4.9 Have the right to complain. If it is found that personal information has been used for the wrong purpose or has not complied with the law."

 

6.5 Use or disclosure of personal information
    6.5.1 Do not use or disclose personal information other than the intended purpose. and not disclosed to outsiders or outside company Except as required by law.
    6.5.2 Personnel, outsiders, or outside companies are prohibited from using personal information for illegal purposes. and must comply with the policy and personal data protection laws"

6.6 Destruction of personal information
    6.6.1 In the case where the personal data collected is not relevant or is beyond necessity for the purpose. or when the owner of personal data objects or withdraws consent In processing personal information Destroy and delete data from the storage system in a secure way and do not leak the data.
    6.6.2 Destroy and delete personal information from the storage system after the period of use has expired. according to purpose Except in cases where data must be kept as required by law."

7. Privacy protection guidelines

In order to comply with the law regarding the protection of personal information, Surazinsano Co., Ltd. is required to provide a privacy notice specifying the collection of personal information. with notification of details of personal data collection at least according to the following topics
  7.1 Specify the types of groups of people whose personal data the company collects, including customers, partners, employees, job applicants, and third parties. Including the source of personal information
  7.2 Explain the purpose and method of collecting the personal data of the personal data subject.
  7.3 Specify personal information collected, including name, address, telephone number, email, ID card number, etc.
  7.4 Specify the retention period for personal data.
  7.5 Specifies all rights of personal data owners.
  7.6 Give the owner of personal data the right to give consent. and withdrawing consent from the collection of personal information
  7.7 Indicates all measures taken to protect the personal data of personal data subjects.
  7.8 Specify channels for contacting the Personal Data Controller. or Personal Data Protection Officer so that owners of personal data can contact or ask for more information or exercise your rights as the owner of personal data
  7.9 Specify the categories of persons or entities outside the organization that may use personal information.
  7.10 Specify the policy for using cookies in cases where the company collects personal information through the website. and applications"

8. Cookie Policy

When you enter the website www.einhell.co.th Information related to entering the website Your information will be recorded in the form of cookies. This Cookie Policy explains the meaning, function, purpose, including deleting and refusing to store cookies. For your privacy, by entering this website, it is considered that you have given permission for us to use cookies in accordance with the cookie policy as detailed below.

What are cookies?

Cookies are small data files. To store website usage information such as date, time, links clicked, pages visited Various setting conditions It will be recorded on the computer device and/or Communication tools that are accessible to you such as notebooks tablet or smartphone Through your web browser while you enter the website. Cookies will not cause any harm to your computer equipment and/or communication devices. In the following cases Your personal information may be collected to enhance your experience. Using online services It remembers the uniqueness of your language and customizes usage information according to your needs. It is a confirmation of unique characteristics. Your security information Including the services you are interested in Cookies are also used to measure online traffic and personalize content based on your usage. By considering previous and current usage behavior and may have advertising purposes.

How does the company use cookies?

Surazinsano Company Limited uses cookies to record your visits and sign up to use the website. By making it easier to remember your use of the website and this information will be used to improve it. www.einhell.co.th to meet your needs and in some cases Surazinsano Co., Ltd. requires third parties to help with this process. which may be required Internet Protocol Address (IP Address) and Cookies for Statistical Analysis as well as linking information and processed for marketing purposes
Cookies used by Surazinsano Company Limited may be divided into 2 types according to their storage as follows:
   1. SessionCookies These are temporary cookies to remember you during your visit. www.einhell.co.th, for example, monitoring the language you have set and chosen, etc., and it will be deleted from your computer or device. When you leave the website or close your web browser.
   2. Persistent Cookie is a cookie that will stay for a specified period of time or until you delete it. This type of cookie helps www.einhell.co.th Remember you and your preferences when you return to use the website. This will help you access the website services more conveniently and quickly.
 The purposes of using cookies that Surazinsano Company Limited uses are as follows.

1. Strictly Necessary Cookies

These types of cookies are necessary to provide the service. www.einhell.co.th So that you can access and use various parts of the website. Including helping to remember information that you have previously provided through the website. Disabling this type of cookies will result in you being unable to use the essential services of www.einhell.co.th which needs to be able to run cookies

2. Cookies for analysis and evaluation of usage (Performance Cookies)

This type of cookie helps Surazinsano Co., Ltd. understand user interactions when using www.einhell.co.th. including which pages or areas of the website are popular As well as analyzing other data, Surazinsano Co., Ltd. also uses this information to improve the functionality of the website. and to better understand user behavior, even though the information in cookies This collected information will be non-personally identifiable information. and used for statistical analysis only. Disabling this type of cookie will result in the company being unable to know the volume of visitors to the website and unable to assess the quality of the service.

Type of cookies details example
Strictly Necessary Cookies This type of cookie is necessary to provide the website so that you can access and use various parts of the website. Including helping to remember information that you have previously provided through the website. Disabling this type of cookies will result in you being unable to use the essential services of www.einhell.co.th which is necessary to be able to run cookies 1. PHPSESSID 2. JSESSIONID
Cookies for analysis and evaluation of usage (Performance Cookies) This type of cookie helps the company understand user interactions in using the service, including which pages or areas of the website. popular As well as analyzing other information, the company also uses this information to improve the functionality of the website. and to better understand user behavior, although the information this cookie collects It will be non-personally identifiable information. and used for statistical analysis only. Disabling this type of cookie will result in the Company being unable to know the volume of visitors to the website and unable to assess the quality of the service. 3. __utmc 4. _hjIncludedInPageviewSample 5. _hjTLDTest 6. _gid 7. __utma 8. __utmb 9. __utmt 10. __utmz 11. _hjid 12. _ga 13. _hjAbsoluteSessionInProgress 14. _hjFirstSeen

How can you manage cookies

Most browsers are set to accept cookies by default. However, You can refuse the use of or delete cookies in the settings page of your browser. If you change your browser settings, it may affect the layout and functionality of our website. Please note that if you choose to disable cookies on your browser or device, You may affect some parts of the work. www.einhell.co.th that cannot work or provide services normally
   If you wish to change your settings. You can check more details at the link provided below.

  • Android (Chrome)
  • Apple Safari
  • Google Chrome
  • Microsoft Edge
  • Microsoft Internet Explorer
  • Mozilla Firefox
  • Opera
  • Iphone or Ipad (Chrome)
  • Iphone or Ipad (Safari)

Linking information to other websites

Surazinsano Company Limited's website may contain links to third party websites or social media. There may also be embedded content or videos from social media such as LINE or Facebook, etc., which will help you access the content. Third-party websites or social media will set and set their own cookies. The company Surazinsano Company Limited cannot control or take responsibility for those cookies and we recommend that you read and study the policies or notices of those third parties' cookies.

Announcement changes

The company may consider improving Edit or change this announcement as you see fit. and will inform you via www.einhell.co.th The date of the latest version is marked at the end. However, the Company recommends that you check regularly for new notices, especially before disclosing personal information.

Cloudflare

Our pages use features from Cloudflare. The provider is Cloudflare, Inc. 665 3rd St. #200, San Francisco, CA 94107, USA.

Cloudflare provides a globally distributed content delivery network with DNS. The technical transfer of information between your browser and our website is routed via the Cloudflare network. Cloudflare is thus able to analyse the data traffic between users and our websites; for example, to speed up the loading time of our pages or to detect and ward off attacks on our services.

In addition, Cloudflare may store cookies on your computer for optimisation and analysis. This safeguards our legitimate interests in the security, performance and reliability of our advertising offer in accordance with Art. 6(1)(f) GDPR. We have concluded a corresponding contract processing agreement with Cloudflare on the basis of the GDPR. The data is generally processed in Germany or other states in the European Union. Insofar as processing is carried out in third countries in certain cases, processing is only carried out if the adequacy of the level of data protection in the third country has been asserted by the EU Commission in accordance with Article 45 GDPR, on the basis of the EU standard contractual clauses or if an adequate level of data protection is ensured by the data recipient in another way. Cloudflare collects statistical data about your visit to this website. Access data includes:

  • IP address
  • Date and time of the request
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website from which the request comes
  • Browser, operating system and its interface, language and version of the browser software

Cloudflare uses the log data for statistical evaluations for the purpose of operation, security and optimisation of the offer. You can find information about the data collected there and about security and data protection at Cloudflare here.

 

Friendly Captcha

Einhell uses the "Friendly Captcha" service to prevent fraudulent activity and to protect you as an end user from becoming a potential victim of cybercrime.

The Friendly Captcha services provides a JavaScript element that is integrated into the source code of the website / webshop. The inclusion of the JavaScript element loads software in the background that provides crypto puzzles. Your device solves this crypto puzzle automatically, and you do not have to solve any arithmetic problems or picture puzzles.

The solution of the crypto puzzle is used to track whether the website / webshop is being used fraudulently or through automated machine processing, e.g. using bots, and to confirm the visitors are real people. The service is used in forms (contact forms, prize draw forms, registration and login forms, etc.) and in the order process.

To provide the service, Friendly Captcha stores the following data:

  • the User Agent, Origin and Referer request headers.
  • The puzzle itself, which contains information about the Friendly Captcha account and the identifier of the website to which the puzzle relates.
  • The version of the Friendly Captcha service being used.
  • Timestamp (Date / Time) that the puzzle was requested and solved.

Friendly Catch stores an anonymised counter for each IP address to enable dynamic scaling of the puzzle complexity in the edge network, in order to detect malicious/automated use and minimise the banning of real people. The IP addresses are anonymised by one-way hashing, and thus are not personally identifiable. The use of Friendly Captcha does not involve the storage of personal data such as your name, email address, online profile, etc.

No cookies are set when using Friendly Captcha.

Provider of the service:
Friendly Captcha GmbH, Wörthsee, Deutschland

You can find further information about Friendly Captcha's data protection policy here. Friendlycaptcha.com - Privacy policy for end users

In accordance with article 6, section 1(f) of the General Data Protection Regulation (GDPR), Einhell Germany AG and its subsidiaries have a legitimate interest in the use of Friendly Captcha, as the service helps to prevent potentially fraudulent activity on our website / webshop which could put Einhell infrastructure at risk.

 

Matomo (self-hosted)

Description of Service
This is an open source web analytics service. Matomo is providing the technology. However, Matomo is not processing any data as the data is not being transferred to Matomo due to the self-hosting solution. Self-hosting means that Einhell hosts the web analytics service Matomo on its own servers and thus has sole sovereignty over the analytics data.

Data Purposes
This list represents the purposes of the data collection and processing.

  • Analytics
  • Event tracking

Technologies Used
We use Matomo without any tracking cookies - instead we rely on cookieless tracking. Cookieless tracking is an alternative form of tracking that uses methods such as counting unique IP addresses or browser fingerprinting to identify users instead of cookies.

Data Collected
This list represents all (personal) data that is collected by or through the use of this service.

  • Time of users previous visit
  • Screen resolution
  • Files clicked or downloaded
  • Links to outside domain clicked
  • Page speed
  • Page URL
  • Number of users visits
  • Anonymized user IP
  • User agent
  • Browser information
  • Time zone
  • Time of users first visit
  • Date and time of visit
  • Page title
  • Referrer URL
  • Usage data
  • Device information
  • Geographic location
  • Anonymized order ID

We use IP anonymization for the analysis with Matomo. In this case, your IP address is shortened before analysis so that it can no longer be clearly assigned to you. The same applies to the order ID, which is also anonymized when the shopping functionality is available on the website.

Legal Basis
In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. f GDPR
  • §25 para. 2 no. 2 TTDSG

Location of Processing
This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

  • European Union

Deactivate Matomo
If you do not agree to the storage and use of your data, you can deactivate the data processing here. In this case, an opt-out cookie will be stored in your browser, which prevents Matomo from storing usage data. If you delete your cookies, this will have the effect that the Matomo opt-out cookie will also be deleted. The opt-out must then be reactivated when you visit our site again.

9. Punishment

In the event that executives and employees do anything that violates or fails to comply with this policy, whether directly or indirectly. Executives and employees will be considered for disciplinary action according to the company's work regulations. And may be prosecuted by law if the action is considered a violation according to the Personal Data Protection Act 2019.

10. Policy review

Surazinsano Company Limited will review this policy at least once a year.

Customer Privacy Policy Statement

Surazinsano Company Limited (hereinafter referred to as the "Company" in this announcement) recognizes and places importance on the protection of your personal information. The company therefore places importance on respecting customers' privacy rights and maintaining the security of customers' personal information. It has established various policies, regulations, and criteria. In the company's operations, we have strict measures in place to maintain the security of personal information. So that you can be sure that Your personal information that the Company receives will be used according to your needs and in accordance with the law.
   This policy is used to inform you, as the owner of personal data, of the purposes and details of the collection, use and/or disclosure of personal data. as well as your legal rights related to personal data under the Personal Data Protection Act 2562

Definition
   “Personal information” means information about an individual which enables that individual to be identified, whether directly or indirectly. But it does not include information about the deceased.
   “Company” means Sinsawang and Sons Company Limited.
   “Customer” means a natural person and juristic person who currently uses products and services and includes a person who contacts for information about products and services. Those who receive information about products and services through various media and who are offered or recommended by the company to purchase products and services.
   “Goods and services” means goods and/or services. All types that the company is the issuer, advisor or seller

1. Types of personal information that the company collects

1.1 Personal information
   First and last name, national identification number, date/month/year of birth, tax identification number, bank account number, gender, occupation, nationality, religion.
1.2 Contact information
   Email, Line ID, telephone number, address

2. Purposes for collecting and using your personal information

2.1 The Company collects your personal data for the following purposes:
   2.1.1 For use in product warranty.
   2.1.2 To set up a customer database before opening sales.
   2.1.3 To offer products for sale
   2.1.4 To assess satisfaction.
   2.1.5 For marketing purposes.
     2.1.5.1 The Company wishes to use personal data for marketing and promotional purposes. Including to send or display updates about the latest news, offers and promotions regarding the Company's products and services.
     2.1.5.2 The company wants to use personal data to analyze the needs of the company's customers and market trends. Including to gain in-depth information This may be used by the Company to modify the types of products and offers presented to you.”

3. Legal principles

3.1 Contract base for use in entering into contracts for the purchase and sale of goods and services. Including product warranty
3.2 Consent base To allow you to receive updates on the latest news, offers and promotions regarding the Company's products and services and to adjust the types of products and offers. to suit your needs"

4. Disclosure of your personal information to third parties

The Company may disclose your personal information to others under your consent or under the criteria permitted by law to disclose. Such information may be collected, used and/or disclosed your personal information to the extent that you have given your consent or to the extent related to this policy.

5. Personal data retention period

The Company will retain your personal information for the necessary period while you are a customer or using the Company's services, including during the product warranty period. and/or until the customer withdraws consent. In order to achieve the objectives related to this policy, the Company will delete or destroy personal information. or make it non-personally identifiable information when it is no longer necessary or at the end of the said period.

6. Your rights under the Personal Data Protection Act 2019

The Personal Data Protection Act 2019 aims to make your personal data more under your control. You can exercise your rights under the Personal Data Protection Act 2019 when the provisions regarding the rights of personal data owners come into effect. which has the following details
   6.1 Have the right to withdraw consent. In the case where the data owner has previously given consent to use the data That consent can be revoked at any time. The consent must not violate the restriction of the right to withdraw consent by law or contract that benefits the data owner.
   6.2 Right to be informed of details
   6.3 Have the right to request access to information and obtain copies of your own information.
   6.4 Have the right to transfer data to another personal data controller.
   6.5 Have the right to object to collection. Use or disclose personal information You can make a request to the data controller at any time.
   6.6 Have the right to delete or destroy your own personal information. or make the data unable to identify the owner of personal data As required by law
   6.7 Have the right to suspend the use of personal information. Whether it is in the case of changing your mind about not wanting to provide the information or changing your mind to suspend the destruction of the information when it is due to be destroyed. Because it is necessary to use the information in legal matters or in making claims.
   6.8 Have the right to notify so that corrections and changes can be made in cases where the information is incorrect so that it is up-to-date and does not cause misunderstandings.
   6.9 Have the right to complain. If it is found that personal information has been used for the wrong purpose or has not complied with the law.

7. Maintaining personal information security

The company has appropriate measures to maintain the security of your personal information. Both technically and administratively To prevent data loss or there is unauthorized access, destruction, use, change, correction, or disclosure of personal information in accordance with the Company's Information Security Policy and guidelines. In addition, the Company has established a personal information protection policy. (Privacy Policy) was established and announced throughout the organization with guidelines to ensure security in collecting, using and disclosing personal information by maintaining confidentiality, accuracy and completeness (Integrity). ) and the availability (Availability) of personal information by arranging to review the said policy including this announcement in an appropriate period of time.

8. Access to personal information

The company has designated employees Only officials and persons who have authority and duties involved in the collection, use and disclosure of personal data in this processing activity will have access to your personal data. The Company will ensure that such officials and persons comply. Strictly follow this announcement.

9. Changes to the Privacy Notice

The company may consider improving Edit or change this announcement as you see fit. and will inform you via www.einhell.co.th or other appropriate channels The date of the latest version is marked at the end. However, we recommend that you check regularly for new announcements. Especially before you disclose personal information.

10. Contact and inquiries

You can inquire about this announcement at
   10.1 Personal Data Controller (Data Controller)
   Name: Surazinsano Company Limited
   Contact location: No. 130 Moo 2, Old Tram Road, Samrong Tai Subdistrict, Phra Pradaeng District, Samut Prakan 10130
   Contact channels: Email: info@zinsano.com Contact number: 02-888-2777

   10.2 Data Protection Officer (DPO)
   Name: Surazinsano Company Limited
   Contact location: No. 130 Moo 2, Old Tram Road, Samrong Tai Subdistrict, Phra Pradaeng District, Samut Prakan 10130
   Contact channel Email: info@zinsano.com Contact number: 02-888-2777

Cookie Policy

Cookie Policy

When you enter the website www.einhell.co.th Information related to entering the website Your information will be recorded in the form of cookies. This Cookie Policy explains the meaning, function, purpose, including deleting and refusing to store cookies. For your privacy, by entering this website, it is considered that you have given permission for us to use cookies in accordance with the cookie policy as detailed below.

What are cookies

Cookies are small data files. To store website usage information such as date, time, links clicked, pages visited Various setting conditions It will be recorded on the computer device and/or Your accessible communication device such as a laptop. tablet or smartphone Through your web browser while you enter the website. Cookies will not cause any harm to your computer equipment and/or communication devices. In the following cases Your personal information may be collected to enhance your experience. Using online services It remembers the uniqueness of your language and customizes usage information according to your needs. It is a confirmation of unique characteristics. Your security information Including the services you are interested in Cookies are also used to measure online traffic and personalize content based on your usage. By considering previous and current usage behavior and may have advertising purposes.

How does the company use cookies

Surazinsano Company Limited uses cookies to record your visits and sign up to use the website. By making it easier to remember your use of the website and this information will be used to improve it. www.einhell.co.th to meet your needs and in some cases Surazinsano Co., Ltd. requires third parties to help with this process. which may be required Internet Protocol Address (IP Address) and Cookies for Statistical Analysis as well as linking information and processed for marketing purposes
   Cookies used by Surazinsano Company Limited may be divided into 2 types according to their storage as follows:
     1. SessionCookies These are temporary cookies to remember you during your visit. www.einhell.co.th, for example, monitoring the language you have set and chosen, etc., and it will be deleted from your computer or device. When you leave the website or close your web browser.
     2. Persistent Cookie is a cookie that will stay for a specified period of time or until you delete it. This type of cookie helps www.einhell.co.th Remember you and your preferences when you return to use the website. This will help you access the website services more conveniently and quickly.

The purposes of using cookies that Surazinsano Company Limited uses are as follows.

1. Strictly Necessary Cookies
These types of cookies are necessary to provide the service. www.einhell.co.th So that you can access and use various parts of the website. Including helping to remember information that you have previously provided through the website. Disabling this type of cookies will result in you being unable to use the essential services of www.einhell.co.th which needs to be able to run cookies

2. Cookies for analysis and evaluation of usage (Performance Cookies)
This type of cookie helps Surazinsano Co., Ltd. understand user interactions. www.einhell.co.th including which pages or areas of the website are popular As well as analyzing other data, Surazinsano Co., Ltd. also uses this information to improve the functionality of the website. and to better understand user behavior, even though the information this cookie collects is non-personally identifiable information. and used for statistical analysis only. Disabling this type of cookie will result in the company being unable to know the volume of visitors to the website and unable to assess the quality of the service.

Type of cookies details example
Strictly Necessary Cookies This type of cookie is necessary to provide the website so that you can access and use various parts of the website. Including helping to remember information that you have previously provided through the website. Disabling this type of cookies will result in you being unable to use the essential services of www.einhell.co.th which is necessary to be able to run cookies 1. PHPSESSID 2. JSESSIONID
Cookies for analysis and evaluation of usage (Performance Cookies) This type of cookie helps the company understand user interactions in using the service, including which pages or areas of the website. popular As well as analyzing other information, the company also uses this information to improve the functionality of the website. and to better understand user behavior, although the information this cookie collects It will be non-personally identifiable information. and used for statistical analysis only. Disabling this type of cookie will result in the Company being unable to know the volume of visitors to the website and unable to assess the quality of the service. 3. __utmc 4. _hjIncludedInPageviewSample 5. _hjTLDTest 6. _gid 7. __utma 8. __utmb 9. __utmt 10. __utmz 11. _hjid 12. _ga 13. _hjAbsoluteSessionInProgress 14. _hjFirstSeen

How can you manage cookies

Most browsers are set to accept cookies by default. However, You can refuse the use of or delete cookies in the settings page of your browser. If you change your browser settings, it may affect the layout and functionality of our website. Please note that if you choose to disable cookies on your browser or device, You may affect some parts of the work. www.einhell.co.th that cannot work or provide services normally
   If you wish to change your settings. You can check more details at the link provided below.

  • Android (Chrome)
  • Apple Safari
  • Google Chrome
  • Microsoft Edge
  • Microsoft Internet Explorer
  • Mozilla Firefox
  • Opera
  • Iphone or Ipad (Chrome)
  • Iphone or Ipad (Safari)

Linking information to other websites

Surazinsano Company Limited's website may contain links to third party websites or social media. There may also be embedded content or videos from social media such as LINE or Facebook, etc., which will help you access the content. Third-party websites or social media will set and set their own cookies. The company Surazinsano Company Limited cannot control or take responsibility for those cookies and we recommend that you read and study the policies or notices of those third parties' cookies.

Announcement changes

The company may consider improving Edit or change this announcement as you see fit. and will inform you via www.einhell.co.th. The date of the latest version is marked at the end. However, the Company recommends that you check regularly for new notices, especially before disclosing personal information.