Privacy policy

Privacy policy and Privacy Notice

Privacy Notice for Customer
Privacy Notice of Hitachi Transport System Group Thailand

For the purpose of complying with the Personal Data Protection Act B.E. 2562 (2019) and subordinate laws issued thereunder, including any amendments which may be made thereto, (hereinafter referred to be “Laws on Personal Data Protection”), Hitachi Transport System Group Thailand i.e Hitachi Transport System Vantec (Thailand) Limited, TST Sunrise Service Limited, Eternity Grand Logistics Public Company Limited, Pands Group Logistics Company Limited, Eternity Consulting and Service Company Limited (hereinafter referred to be "Company”) has prepared this Personal Data Privacy Notice (hereinafter referred to be “Privacy Notice”) for Customers (hereinafter referred to be “you”) to inform data subject for the purpose of collecting Personal Data, lawful basis, the retention period, disclosure of Personal Data (hereinafter referred to be “Processing”) Data about the Personal Data controller and the rights as the data subject. The details are as follows.


1. Definition

Under this Privacy Notice, the definitions used are as follows:

  • 1.1. Customer means (1) a natural person who uses the service of the Company, even if is a former customer, current customers and
    • potential customers in the future (2) employees, personnel, officers, representatives, shareholders, authorized persons, directors,
    • contacts, agents and other natural persons related to corporate clients of the Company.
  • 1.2. Personal Data means any data relating to a Person, which enables the identification of such Person, whether directly or indirectly,
    • (but not including the data of the deceased Persons in particular).
  • 1.3. Sensitive Personal Data means data about race, ethnicity, political opinion, creed, religious or philosophical belief, sexual behavior,
    • Criminal records, health data, disability data, trade union data, genetic data, biometric data or any data that may affect the owner
    • of the data in the same way.

2. Types of Personal Data collected and Personal Data Protection

The Company will collect various types of personal data that you provide directly to the Company from the operation or sales channels / services / receiving various services of the Company under the terms/based processing as required by law as stated as follows:

  • 2.1. General Personal Data include:
    • 2.1.1. Personal Data, such as first name, last name, nickname, date/month/year of birth, age, sex, national identification number,
      • photograph, and signature, etc.
    • 2.1.2. Contact data, such as address as stated on the national identification card, address as stated in the house registration book,
      • telephone number, fax number, e-mail,and details of person who may be contacted in case of emergency, etc.
    • 2.1.3. Data that execution of payment, such as the account number, Personal Data which appears in the invoice, tax invoice, etc.
    • 2.1.4. Data is used as supporting evidence in the Company’s customer registration or transaction, such as Personal Data which
      • appears in a copy of the national identification card, copy of passport, copy of house registration book, copy of change of
      • name certificate, power of attorney etc.
    • 2.1.5. Technical data, such as data that the Company collects through the Cookies, etc.
    • 2.1.6. Other data, such as voice recording of conversations, and video recording by means of CCTV, etc.
  • 2.2. Sensitive Personal Data, in general, the Company does not intend to collect and use sensitive personal data such as religion and blood
    • group that appears on the copy of your identification card for any specific purpose. If you have provided a copy of your ID card to the
    • Company, ask you to conceal such data. If you do not conceal the above data, you authorize the Company to conceal and the
    • document is deemed to be concealed valid with enforceable in all respects by law. However, if the Company is unable to conceal
    • data due to some technical limitations. The Company will collect and use such data only as part of your identity document.
  • 2.3. Retention of Personal Data, the Company collects Personal Data according to the nature of the data received.
    • 2.3.1. Personal Data in electronic (Soft Copy) from the Company's computer system will be stored in the Company's central database
      • that maintains and maintains the security of data, assigns access control rights, including control rights. Enter the computer
      • room. In the case of cloud-stored data, the Company utilizes a cloud service provider that has received
      • ISO/IEC 20000-1:2011 International Cloud Service Management and CSA STAR Certification. Information security
      • system in accordance with international standards ISO/IEC 27001:2013.
    • 2.3.2. Personal Data in paper Document (Hard Copy), for paper documents in the process of Company’s operations are stored in the
      • Company's secure area where access rights are set. The finished paper documents are stored in a secure
      • document storage facility.

3. Purposes and Lawful Basis for the Collection, Use, Disclosure and Processing of your Personal Data

The Company will collect, use and/or disclose your Personal Data in accordance with the relationship between the Company and you only if necessary with Based on Legitimate Interest Base, Contract Performance Base, Legal Compliance Base, Consent Base or other legal bases as determined by the Personal Data Protection Act as the case may be, for the purposes of collecting, using or disclosing the Company's data as follows:

  • 3.1. For the purpose of used to process your request prior to entering into a contract or to perform the contract including business operations
    • related to transportation, delivery, cargo handling, storage, packing, handling, import/export, other logistics services,
    • Providing related business services, including coordination, reporting and logistics inquiries.
  • 3.2. For the legitimate interests of the Company or another person.
    • 3.2.1. For the purpose to enable the Company to manage, develop and operate any business operations, including the management,
      • use of the Services, fraud detection and prevention or other crimes.
    • 3.2.2. For the purposes of security such as providing security measures including your Personal Data.
    • 3.2.3. For the purpose of marketing activities and data analysis (Marketing and Data Analysis), such as news reporting via email,
      • sms, phone.
    • 3.2.4. For the purpose of exercise of legal claims.
  • 3.3. For the purpose of preventing or suppressing danger to a person’s life, body, or health basis such as emergency contact.
  • 3.4. For the purpose of complying with the laws such as compliance with the provisions of the law, rules and orders of those with
    • legal authority
  • 3.5. For the purpose of the performance of a task carried out in the public interest by the Data Controller, or it is for the exercising of official
    • authority vested.
  • 3.6. In the event of use other than the purpose to Clause 3.1-3.5. Collecting your Personal Data that you will be informed of the details
    • and the Company will request your express consent.
  • 3.7. Where the Company has previously collected your Personal Data before the Laws on Personal Data Protection have become effective,
    • the Company will continue to collect and use your Personal Data in accordance with the original purposes of collection. In this regard,
    • you have the right to withdraw your consent by contacting the Company using the contact details set out in article 9 contacting the
    • Company. However, the Company reserves the right to consider your request for the withdrawal of consent and proceed
    • in accordance with the Laws on Personal Data Protection.

4. Disclosure of Personal Data

  • 4.1. The Company may need to disclose your Personal Data in accordance with the purposes and rules prescribed under the law on Personal
    • Data protection by providing appropriate measures to protect your Personal Data disclosed to the following persons and entities:
    • 4.1.1. Hitachi Transport System group of companies are shall include executives, directors, employees and/or internal personnel to the
      • extent and as necessary for the processing of your Personal Data.
    • 4.1.2. Business partners, service providers, and data processors designated or hired by the Company to perform duties in connection
      • with the management/Processing of Personal Data for the Company in the provision of various services or any other services
      • which may be beneficial to you or relevant to the Company’s business operation.
    • 4.1.3. Advisors of the Company, such as legal advisors, lawyers, auditors, or any other internal and external experts of the Company.
    • 4.1.4. Relevant governmental agencies which have supervisory duties under the laws or which have requested the disclosure pursuant
      • to their lawful powers or relevant
      • to the legal process or which were granted permission pursuant to applicable laws, such as Revenue Department,
      • Ministry of Commerce, Office of the Personal Data Protection Commission, etc.
  • 4.2. The disclosure of your Personal Data to third parties other than article 4.1 shall be in accordance with the Purposes or other purposes
    • permitted by law, provided that if the law requires your consent to be provided, the Company will request for your prior consent. And
    • the Company will put in place appropriate safeguards to protect the Personal Data that has been disclosed and to comply with the
    • standards and duties relating to the protection of Personal Data as prescribed by the Laws on Personal Data Protection.
  • 4.3. Where the Company sends or transfers your Personal Data as specified in article 4.1 and 4.2.which are outside Thailand, the Company
    • will ensure that the recipient country, the international organization or such overseas recipient has a sufficient standard for the
    • protection of Personal Data. In some cases, the Company may request your consent for the transfer of your Personal Data outside
    • Thailand, subject to the requirements under Laws on Personal Data Protection.

5. Security of Personal Data

The Company has provide appropriate security measures to prevent of Personal Data as required by the law on Personal Data protection. It's covers management preventive measures, technical and physical safeguards in regard to access or control of access to Personal Data, to maintain confidentiality, integrity and completeness and the availability of Personal Data, to prevent the loss, unauthorized access, use, alteration, correction or disclosure of Personal Data.


6. Retention Period of Personal Data

The Company will retain your Personal Data for the period necessary to the purposes for which the Personal Data was processed, whereby the retention period will vary depending on the purposes for which such Personal Data. The Company will retain Personal Data for the period prescribed under the applicable laws (if any) and the Company will keep your Personal Data until the end of the lawsuit (if any).


After the period of time set forth above has expired, the Company will delete or destroy such Personal Data from the storage or system of the Company. In this regard, for additional details regarding the retention period of your Personal Data, you can contact the Company by using the contact details set out in article 9 contacting the Company.


7. Rights related to data subjects

  • 7.1. Under the Laws on Personal Data Protection and under the Company's rights management process, you have the rights follows:
    • 7.1.1. Withdraw the consent you have given to the Company for the processing of your Personal Data.
    • 7.1.2. Request to view and copy you’re Personal Data or disclose the source where we obtain your Personal Data.
    • 7.1.3. Send or transfer Personal Data that is in an electronic form as required by Personal Data protection laws to other data controllers.
    • 7.1.4. Oppose the collection, use, or disclosure of Personal Data about you.
    • 7.1.5. Delete or destroy of your Personal Data.
    • 7.1.6. Suspend the use of your Personal Data.
    • 7.1.7. Correct your Personal Data to be current, complete, and not cause misunderstanding.
    • 7.1.8. Complain to the Personal Data Protection Committee in the event that the Company violate to comply with Personal Data
      • protection laws.
  • 7.2. If you wish to exercise any of the rights as specified in article 7.1. Please contact using the contact details set out in article 9 contacting
    • the Company. However, may be cases where applicable law restricts the exercise of any rights or there may be cases where the
    • Company can refuse your request such as in the case of refusing to exercise your right to comply with the law or court order.
    • In the case of refusing to exercise your right to comply with the law or court order if the Company refuses your request
    • for such reasons. If you find that there is a violation of your Personal Data in accordance with the data protection law,
    • please contact the Company to clarify the reasons and take corrective action according to your complaint.
  • 7.3. In this regard, the process of receiving a request to exercise rights from you, the Company will consider and notify you within 30 days
    • from the date of receipt of the request form as required by the Personal Data Protection Law.

8. Changes to this Privacy Notice

The Company may change or update this Privacy Notice from time to time and if there is a change in the Company's Personal Data protection practices due to reasons such as technological change or legal changes. The amendment to this Privacy Notice will become effective when the Company publishes the revised version on the website as follows

  • 8.1. Hitachi Transport System Vantec (Thailand) Limited and TST Sunrise Service Limited on https://www.hitachi-tstv.com/en/privacypolicy
  • 8.2. Eternity Grand Logistics Public Company Limited, Pands Group Logistics Company Limited and Eternity Consulting and Service Company
    • Limited on a href="https://www.eternity.co.th/en/privacypolicy">https://www.eternity.co.th/en/privacypolicy

However, if revision has an effect on you as the Data Subject, the Company will notify you in advance of the revision as appropriate before it becomes effective.


9. Contacting the Company.

If you have any questions about any aspect of the Company’s practices in relation to your Personal Data, the Company appreciate to advise, provide data, suggestions and resolve your complaints by contacting Personal Data Protection Officer (DPO), Corporate Group Compliance Department. By using the contact data provided below:

  • 9.1. By phone: 02 337-2086-99 Ext. 3111
  • 9.2. By E-mail: TST-Corporate-Compliance@hitachi-tstv.com
  • 9.3. By registered mail or express mail, sending a letter to:
    • Personal Data Protection Officer (DPO).
    • Corporate Group Compliance Department.
    • No. 11/8-11/9, Moo 9, Bangchalong, Bangplee, Samut Prakan10540.


..........................................................................



ISD-BLC1-LC-04_Privacy Notice for Customer_01-Jul-2021_Rev00