Facebook-f

Privacy Policy

At J.T. Pack of Foods Co., Ltd., we value and respect your right to privacy and are committed to safeguarding the personal data you entrust to us. To ensure the protection of your personal information, we have established this Privacy Policy (“Policy”) to affirm our commitment to lawful, transparent, and secure data processing.

This Policy is designed to give you confidence that any personal data we collect will be handled in accordance with your intentions and applicable laws. We adhere to the following key data protection principles:

• Lawfulness, Fairness, and Transparency: We will process personal data only when there is a valid legal basis, and we will clearly inform you of the purposes for which your data is collected and used.

• Purpose Limitation: We will collect and process personal data solely for the specific, explicit purposes communicated at the time of collection, unless processing for a compatible purpose or as required by law.

• Data Minimization: We will collect only the data necessary to fulfill the purposes for which it is being processed.

• Accuracy: We take reasonable steps to ensure the personal data we hold is accurate, complete, and up to date in accordance with its intended use.

• Storage Limitation: We will retain personal data only for as long as necessary to fulfill the stated purposes or as required by relevant record-keeping regulations.

• Integrity and Confidentiality: We implement appropriate technical and organizational measures to safeguard personal data against unauthorized access, alteration, disclosure, or destruction.

• Accountability: We will maintain documentation and controls necessary to demonstrate our compliance with these principles and applicable data protection laws.

For personal data collected prior to the effective date of the Personal Data Protection Act B.E. 2562 (2019), the Company may continue to retain and use such data in accordance with its original purposes. However, any disclosure or other processing activities beyond collection and use must comply with the provisions set forth in the Personal Data Protection Act B.E. 2562 (2019).

“Personal Data Protection Policy” refers to the official notice prepared by the Company to inform data subjects of the Company’s data processing practices, as well as the details required under the Personal Data Protection Act B.E. 2562 (2019).

“Person” refers to a natural person.

“Personal Data” means any information relating to a natural person that enables the identification of that person, either directly or indirectly. Examples include: name, surname, nickname, address, phone number, national ID number, passport number, social security number, driver’s license number, taxpayer identification number, bank account number, credit card number, email address, occupation, status, job title, family status, employment information, job experience and/or employee evaluations, educational information, vehicle registration, land title deed, house registration, signature, voice, voice recordings, images, photographs, video recordings, purchasing or service usage data, IP address, computer traffic data (log files), LINE ID, Facebook ID, Google ID, Twitter ID, and other social media account information.

However, the following are not considered personal data:
• Business contact information that does not identify a specific individual, such as company name, company address, corporate registration number, work phone number, or corporate email addresses (e.g., info@company.co.th)
• Anonymous data
• Pseudonymous data rendered unidentifiable by technical means
• Information of deceased persons

“Sensitive Personal Data” means personal information of a particularly sensitive nature that may lead to unfair discrimination, including but not limited to: race, ethnicity, political opinions, religious or philosophical beliefs, sexual orientation, criminal history, health data, disabilities, labor union membership, genetic data, biometric data, or any other data similarly defined by the Personal Data Protection Committee.

“Data Subject” refers to a natural person who owns the personal data, but not necessarily the creator or collector of such data. The term excludes juristic persons (e.g., companies, associations, foundations). Data subjects include:

1. Persons with legal capacity, such as:
     • Individuals aged 20 or above
     • Individuals legally married at age 17 or above
     • Individuals permitted by court to marry before age 17
     • Minors whose legal guardians have consented to commercial employment or labor contracts, thereby granting them legal status equivalent to adults

2. Minors (under age 20 and not qualified above) require consent from a parent or legal guardian for data processing.

3. Quasi-incompetent persons, as ruled by court due to physical or mental incapacity or chronic behavior (e.g., substance abuse), must provide consent via a legal guardian.

4. Incompetent persons, as ruled by court due to insanity, require consent via a legal custodian.

Any consent not in accordance with the PDPA shall be deemed invalid.

“Data Controller” means a person or legal entity with the authority to make decisions regarding the collection, use, or disclosure of personal data.

“Data Processor” means a person or legal entity that processes personal data on behalf of or under the instruction of the data controller, without being the data controller themselves.

3.1 Personal data is collected directly from the data subject.
The Company may collect personal data through the following service-related processes:
     (1) When using the Company’s services or submitting requests for exercising data subject rights, such as service registration, subscription to newsletters, or job applications
     (2) When voluntarily provided by the data subject, such as completing surveys, or through communication channels including email or other forms of correspondence between the Company and the data subject.
     (3) When the data subject accesses the Company’s website through browser cookies or engages in electronic transactions via the Company’s digital platforms.

3.2 Personal data is obtained from third parties.
The Company may receive personal data from third parties whom the Company believes, in good faith, to have the legal right to collect and disclose such personal data to the Company.

4.1 The Company may collect, use, and disclose your personal data for the following purposes:
(1)To create, improve, manage, and deliver products, services, benefits, and privileges;
(2)To provide services to you, including but not limited to processing your transactions;
(3)To take necessary steps at your request prior to entering into a contract, or to perform contractual obligations where you are a party, such as for the sale of goods and/or services, including account management, product delivery, billing and financial operations, after-sales service, and product returns;
(4)To create databases and service usage records through any contact channel;
(5)To publicize and deliver Company content and promotional materials tailored to your interests;
(6)To analyze and process data for marketing, research, sales, and promotional purposes, including communications from the Company, affiliates, partners, or other third parties via push notifications, SMS, or social media;
(7)To improve service quality, and to enhance the performance and usability of the Company’s website and applications;
(8)To serve as a communication channel for collecting feedback and suggestions for improving the Company’s content and offerings;
(9)To fulfill terms, conditions, and agreements between you and the Company;
(10)To comply with applicable laws and regulations, including the Personal Data Protection Act, the Electronic Transactions Act, the Civil and Commercial Code, the Criminal Code, and procedural laws;
(11)To conduct marketing, promotional campaigns, and data analysis, including sending advertisements, coupons, news, and information about promotions or special events via the website and/or application. You may opt out of certain promotional communications by following provided instructions;
(12) To verify your identity and eligibility when registering for Company services.

4.2 The Company does not intend to collect sensitive personal data. However, if it becomes necessary, the Company will obtain your explicit consent before collecting such data, unless otherwise permitted by law

4.3 If identity verification documents (e.g., national ID cards, passports, résumés) submitted to the Company contain sensitive personal data (e.g., religion, nationality, or blood type), the Company does not wish to collect such information. You are requested to redact or obscure these details prior to submission. If not done, the Company reserves the right to redact or obscure such data to protect your sensitive personal information.

4.4 You agree not to submit any false or misleading information to the Company, and you further agree to promptly inform the Company of any inaccuracies or changes. The Company reserves the right to request additional supporting documents for the purpose of verifying the information you have provided.

4.5 If you provide the Company with third-party personal data (e.g., property owners, beneficiaries, emergency contacts, references), including names, contact details, income, and other personal or contact information, you represent that such data has been lawfully obtained. You must inform those individuals of this Privacy Policy and/or obtain their consent as required.

5.1 Collection of Personal Data
The Company shall collect personal data in a limited manner and only to the extent necessary, depending on the type of service used or the information provided by the data subject. The Company prioritizes collecting personal data directly from the data subject and recognizes the importance of obtaining consent from the data subject, as a right to decide whether to allow the Company to process such data. However, the data subject should acknowledge that failure to provide complete personal data as requested or refusal to give consent for the collection, use, and disclosure of such data may result in limitations in accessing certain services.

In some cases, the Company may not be required to obtain consent if the processing is based on other lawful grounds (e.g., performance of a contract or compliance with legal obligations). In such circumstances, if the Company is unable to process the data, it may not be able to provide services to the data subject.

Furthermore, the Company may access information related to the interests and/or preferences of the data subject or their website usage behavior through the use of cookies on the Company’s website and application. These cookies collect data which the Company may access to offer services tailored to the data subject’s needs.

In communications between the data subject and the Company—whether via telephone, email, applications, customer service center, or other channels—the Company may record or retain such communications for various purposes, including but not limited to: as evidence, service improvement, satisfaction tracking, staff training, performance evaluation, data analysis, and system enhancement for optimal service delivery.

5.2 Use of Personal Data
The Company shall use personal data only for the purposes specified by the data subject and in accordance with appropriate security and access control measures.

5.3 Disclosure of Personal Data
As a general rule, the Company shall not disclose personal data to third parties unless the data subject has provided express consent or such disclosure is permitted by law. The recipient of such data shall collect, use, and/or disclose the personal data within the scope of the consent granted or in accordance with this Privacy Policy. Disclosure may be made to the following parties:

1. Service Providers to the Company
The Company may need to disclose personal data to third-party service providers that support the Company’s operations, including government agencies when necessary. Such disclosure will be on a need-to-know basis and subject to this Privacy Policy. Service providers may include:
• The Company’s authorized distributors
• Logistics and delivery service providers
• Travel companies and their networks, both domestic and international
• Marketing service providers, including data and statistical processing agents
• Advertising, public relations, and media communication providers
• Document production and storage service providers

2. Company’s Business Partners
The Company may disclose personal data to third parties who are in a contractual relationship or partnership with the Company, such as business partners, sales agents, contractors, or outsourced service providers engaged in business operations on behalf of the Company.

3. External Providers Under Company Supervision
This includes external providers who support business functions such as transaction processing, advertisement distribution, customer assistance, or other services, including:
• Financial service providers (e.g., banks, payment processors)
• Technology service providers (e.g., cloud platforms, blockchain, SMS services, data analytics providers)
• Software and IT systems developers and maintainers

4. Persons as Required by Law
In cases where disclosure is required by applicable law, regulations, legal orders from government authorities, regulatory agencies, or courts, the Company is obligated to disclose such personal data.

Furthermore, in the event of a business transfer, merger, or organizational restructuring, the Company may transfer personal data to a successor entity or potential transferee, who shall be bound by this Privacy Policy or similar standard.

6.1 The Company may transfer or transmit your personal data to affiliated companies or third parties located in foreign countries when necessary for the performance of a contract to which you are a party, or for the performance of a contract between the Company and another individual or legal entity for your benefit. This may also include actions taken at your request prior to entering into a contract, or where such transfer is necessary to prevent or suppress danger to your life, body, or health, or that of another person, to comply with the law, or for the performance of a task carried out in the public interest or for substantial public benefit.
6.2 The Company may store your data on computers, servers, or cloud platforms provided by third parties, and may use third-party software or applications in the form of Software-as-a-Service (SaaS) or Platform-as-a-Service (PaaS) to process your personal data. However, the Company will not permit any unauthorized persons to access such data and will require such third parties to implement appropriate security measures to protect the personal data.
6.3 In cases where personal data is transferred to a foreign country, the Company shall comply with applicable data protection laws and adopt appropriate safeguards to ensure that your personal data remains protected and that your data subject rights can still be exercised in accordance with the law. The Company shall ensure that any recipient of such data implements adequate data protection measures and processes the personal data only to the extent necessary, while taking steps to prevent unauthorized use or disclosure of the personal data.

The Company will retain your personal data for as long as necessary to fulfill the purposes for which such data was collected. In any case, the retention period shall not exceed ten (10) years from the date of your last interaction or the last processing of your personal data by the Company. However, to comply with legal obligations, the Company may be required to retain your personal data for a longer period as mandated by applicable laws. Once the retention period ends or the data is no longer necessary for the stated purposes, the Company will securely dispose of or delete such personal data.

As the data subject, you are entitled to exercise the following rights under the law:
8.1 Right to Withdraw Consent : If you have provided consent for the Company to collect, use, and/or disclose your personal data (whether given before or after the Personal Data Protection Act came into force), you have the right to withdraw your consent at any time while your data is held by the Company, unless restricted by law or a contract that benefits you. Please note that withdrawing consent may affect your ability to use certain products and/or services—for example, you may no longer receive privileges, promotions, tailored services, or useful updates. We encourage you to consider the implications before exercising this right.
8.2 Right of Access : You have the right to request access to and obtain a copy of your personal data held by the Company. You also have the right to request disclosure of how the Company acquired such data.
8.3 Right to Data Portability : You have the right to receive your personal data in a structured, commonly used, and machine-readable format, where technically feasible, and to request that the Company transfer this data to another data controller. This applies to data you have consented for the Company to process or where the processing is necessary to fulfill a contract or pre-contractual request. This right may be limited by technical constraints.
8.4 Right to Object : You have the right to object to the collection, use, or disclosure of your personal data at any time if such processing is conducted based on the Company’s legitimate interest or a task carried out in the public interest. The Company may continue processing only if it can demonstrate overriding legal grounds or for legal claims. You may also object to the use of your data for direct marketing, scientific, historical, or statistical research purposes.
8.5 Right to Erasure : You have the right to request the deletion or destruction of your personal data, or to anonymize it, if you believe it has been unlawfully collected, used, or disclosed; if it is no longer necessary for the purposes stated in this policy; or if you have withdrawn consent or exercised your right to object as mentioned above.
8.6 Right to Restriction of Processing : You may request the Company to temporarily suspend the use of your personal data while your request for rectification or objection is being considered, or in other cases where deletion is required by law but you prefer suspension of use instead
8.7 Right to Rectification : You have the right to request correction of your personal data to ensure it is accurate, up-to-date, complete, and not misleading.
8.8 Right to Lodge a Complaint : You have the right to lodge a complaint with the competent authority if you believe the Company has processed your personal data in a way that violates applicable data protection laws. You may exercise your rights by submitting a request form via the channel described in Section 14: Compliance with this Policy and Contacting the Company.
Please note that the exercise of these rights may be subject to legal limitations, and in certain cases, the Company may lawfully deny or be unable to fulfill your request (e.g., for legal compliance, public interest, or to avoid infringing upon the rights or freedoms of others). If your request is denied, the Company will inform you of the reasons.

9.1 The security of your personal data is of paramount importance to the Company. We have implemented appropriate technical and administrative security standards to protect your personal data against loss, unauthorized access, use or disclosure, misuse, alteration, or destruction. These measures include technologies and security protocols such as encryption and access restrictions, ensuring that only authorized personnel have access to your personal data. These individuals are also trained to understand and uphold the importance of protecting personal data.
9.2 The Company maintains appropriate security measures to prevent unauthorized or unlawful loss, access, use, alteration, modification, or disclosure of personal data by individuals who are not authorized or not related to the processing of such data. These security measures are reviewed and updated as necessary, or when technological changes occur, to ensure their continued effectiveness and alignment with current security standards.

The Company has established procedures for handling personal data breaches as follows:

10.1 In the event a personal data breach is discovered or reported, the individual who discovers or receives the complaint must promptly notify the Chairperson of the Company’s Personal Data Protection Committee or the Data Protection Officer. The responsible officer shall initiate an investigation and coordinate with the relevant departments to identify the cause of the breach. The Company will also report the incident to the competent supervisory authority in accordance with applicable legal requirements.

10.2 Upon identifying the cause of the breach:
(1) If caused by the Company’s internal systems: The Company shall coordinate with the Information Technology Department to suspend or temporarily shut down the affected systems to correct the error or notify the external service provider responsible for the system to take immediate remedial action.
(2) If caused by an internal personnel: The Company shall immediately suspend the individual’s access to personal data and initiate a formal investigation in accordance with internal disciplinary procedures.
(3) If caused by an external service provider: The Company shall require the service provider to investigate and respond within 24 hours of being notified. Meanwhile, the Company will temporarily suspend the transfer of personal data to that service provider until the issue is resolved.

10.3 In the event that personal data has been leaked, the Company shall take necessary measures to contain and minimize the impact of the breach using legal channels or other appropriate means, as applicable.

10.4 The Company shall provide regular updates to the complainant regarding the status of damage control, the cause of the breach, and the corrective and preventive measures undertaken at each stage.

Cookies are small pieces of data that a website sends to store on the device of the data subject who visits the website. They help the website remember the data subject’s visit information, such as language preferences, user account, or other settings. When the data subject returns to the website, it can recognize the user and apply the previously chosen settings.

Cookies will remain active until the data subject deletes them or disables them from functioning. The data subject may choose to accept or reject the use of cookies. However, if cookies are rejected or deleted, certain functionalities of the website may not perform properly or may be unavailable.

For more information, please refer to the Company’s Cookies Policy provided separately.

When using the Company’s application or website, you may encounter links that redirect you to social media platforms, external services, or websites operated by third parties. While the Company endeavors to provide links only to websites that maintain appropriate personal data protection standards, the Company does not assume responsibility for the content or privacy practices of such third-party websites, unless explicitly stated otherwise.

Any personal data you provide on such third-party websites will be collected and managed by those parties and governed by their respective privacy policies or data protection statements (if any). In such cases, we strongly encourage you to review and comply with the privacy policies or notices displayed on those third-party websites, which are separate and distinct from the Company’s own policy.

The Company may update or amend this Privacy Policy at any time without prior notice to the data subject, in order to ensure the appropriateness and effectiveness of the services provided. Therefore, the Company recommends that data subjects review this Privacy Policy each time they visit or use the Company’s services or website.

If you, as the data subject, have any inquiries or suggestions regarding this Privacy Policy or its implementation, the Company welcomes your questions and feedback. This will support the ongoing improvement of our data protection practices and service quality. You may contact the Company through the following details:

J.T. Pack of Foods Co., Ltd.
Contact Address: 75/75 Moo 5, Soi Thongkham 3, Chanthongiam Road, Bang Rak Phatthana, Bang Bua Thong District,
Nonthaburi 11110, Thailand
Phone Number: 02-033-7939
Email: jtgroupdpo@jtpackoffoods.com

Data Protection Officer (DPO):
Contact Address: 75/75 Moo 5, Soi Thongkham 3, Chanthongiam Road,
Bang Rak Phatthana Subdistrict, Bang Bua Thong District,
Nonthaburi Province 11110, Thailand
Phone Number: 02-033-7939
Email: jtgroupdpo@jtpackoffoods.com

This Privacy Policy shall be governed by and construed in accordance with the laws of Thailand. Any disputes arising hereunder shall be subject to the jurisdiction of the Thai courts.

Effective Date: December 1, 2022

Last Updated: 1 November 2022

JT Pack of Foods Co., Ltd. (“the Company”) recognizes the importance of safeguarding your personal data and privacy. To deliver high-quality services and improve your experience on our website [https://jtpackoffoods.com/] and other online platforms under the Company’s management—such as our official Facebook fan page or LINE account (collectively referred to as the “Website”)—we may collect, use, and/or disclose your personal data (“Personal Data”) through the use of cookies or similar technologies when you visit our Website. This helps enhance your user experience and allows us to tailor our services to your preferences.
This Cookie Policy outlines the following details:
1. What are Cookies?
Cookies are small text files that are stored on your computer or internet-connected devices, such as smartphones or tablets, when you visit our Website. These cookies typically record Personal Data such as your name, address, email address, password, IP address, telephone number, search history, and user preferences (e.g., language settings). Cookies enable us to understand how you use our Website so that we can improve our services and tailor content to better suit your needs. By remembering your settings, cookies facilitate faster and more personalized interactions during subsequent visits.
2. Types of Cookies Used
The Company may use the following categories of cookies on its Website:
• Strictly Necessary Cookies: Essential for the Website to function properly and to ensure secure access to content and features.
• Site Analytical/Performance Cookies: Help us recognize and count Website visitors, track browsing behavior, and analyze usage patterns. This information is used to enhance site functionality and tailor content based on user interests. If you disable these cookies, we may not be able to track Website usage or performance effectively.
3. How the Company Uses Cookies
We collect, use, and/or disclose your Personal Data, including your usage preferences, through the placement of cookies into your browser for the following purposes:

Cookie Category Purpose and Description Duration
Strictly Necessary Cookies These cookies are essential for enabling access to Website features and ensuring secure operations. 90 Days
Analytical/Performance Cookies These cookies collect statistical data on how visitors interact with our Website. The insights gained help us improve navigation, understand user interests, and measure ad effectiveness. Without these cookies, we cannot track visit counts or optimize performance. 90 Days

Some cookies on the Website may be managed by third parties (e.g., advertising partners, embedded content providers such as video or map services, or social media platforms). These cookies are typically used for analytics or service functionality and may involve processing your data independently. We recommend reviewing the cookie and privacy policies of those third parties.
4. Managing Cookies
You can manage your cookie preferences by adjusting your browser settings to accept, decline, or delete cookies. You may also configure your browser to block cookies entirely. More information can be found at AboutCookies.org. However, please be aware that disabling certain cookies may affect your ability to use some Website features or reduce the performance and accuracy of content display.
5. Privacy Notice
For more information about how we collect, use, or disclose your Personal Data, please refer to our full [Privacy Notice], which is published on our Website. This Cookie Policy forms part of that Privacy Notice.
6. Changes to This Cookie Policy
We reserve the right to update or amend this Cookie Policy without prior notice. Please revisit this page periodically to stay informed of any changes. When appropriate, we may notify you via email using the address you have provided.
7. Contact Information
If you have any questions about this Cookie Policy or would like to exercise your data subject rights under applicable law, please contact us at:
JT Pack of Foods Co., Ltd.
Address: 75/75 Moo 5, Soi Thongkham 3, Chan Thong Iam Road,
Bang Rak Phatthana, Bang Bua Thong District,
Nonthaburi 11110, Thailand
Phone: +66 (0)2-033-7939
Email: jtgroupdpo@jtpackoffoods.com
Data Protection Officer
Address: Same as above
Phone: +66 (0)2-033-7939
Email: jtgroupdpo@jtpackoffoods.com