Skip to Content

Privacy Policy

1.  Personal Data2.  Collection of Personal Data3. Purposes for the Collection, Use and Disclosure of Your Personal Data4. Security and Protection of Personal Data5. Disclosure of Personal Data6. Use of Cookies7. Contacting Us – Withdrawal of Consent, Access and Correction of your Personal Data8.  Governing Law

Data Protection Policy

The purpose of this document (“Data Protection Policy”) is to inform you of how  “IT as a Service Co., Ltd” which are established in Thailand (“ITAAS” or “we”), manages Personal Data which is subject to the Thailand Computer Crime Act (2007) (“the Act”). 

By interacting with us, submitting information to us, or signing up for any Products and Services offered by us, you agree and consent to IT as a Service Co., Ltd. The "Companies" collecting, using, disclosing your Personal Data, and disclosing such Personal Data to the Companies' authorised service providers and relevant third parties in the manner set forth in this Data Protection Policy.

This Data Protection Policy supplements but does not supersede nor replace any other consents you may have previously provided to ITAAS in respect of your Personal Data, and your consents herein are additional to any rights which to any of the Companies may have at law to collect, use or disclose your Personal Data.

ITAAS may from time to time update this Data Protection Policy to ensure that this Data Protection Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. Subject to your rights at law, you agree to be bound by the prevailing terms of the Data Protection Policy as updated from time to time. Please check back regularly for updated information on the handling of your Personal Data.

1.  Personal Data

1.1 In this Data Protection Policy, “Personal Data” refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.

1.2 Examples of such Personal Data you may provide to us include (depending on the nature of your interaction with us) your name, passport or other identification number, telephone number(s), mailing address, email address, network data and any other information relating to any individuals which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you.

2.  Collection of Personal Data

2.1 Generally, we collect Personal Data in the following ways:

(a) when you submit an application form or other forms relating to any of our Products and Services (defined below);

(b) when you interact with our customer service officers, for example, via telephone calls, letters, face-to-face meetings and emails;

(c) when you use some of our services, for example, websites and apps including establishing any online accounts with us;

(d) when you purchase or obtain third party services through us;

(e) when you request that we contact you, be included in an email or other mailing list;

(f) when you respond to our promotions, initiatives or to any request for additional Personal Data;

(g) when you are contacted by, and respond to, our marketing representatives and customer service officers;

(h) when we receive references from business partners and third parties, for example, where you have been referred by them;

(i) when we seek information from third parties about you in connection with the  Products and Services you have applied for; and

(j) when you submit your Personal Data to us for any other reasons.

2.2 When you browse our website, you generally do so anonymously but please see the section below on cookies. We do not at our website automatically collect Personal Data unless you provide such information or login with your account credentials.

2.3 If you provide us with any Personal Data relating to a third party (e.g. information of your spouse, children, parents, and/or employees), by submitting such information to us, you represent to us that you have obtained the consent of the third party to provide us with their Personal Data for the respective purposes.

2.4 You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with the Products and Services you have requested.

3. Purposes for the Collection, Use and Disclosure of Your Personal Data

3.1 Generally, ITAAS collects, uses and discloses your Personal Data for the following purposes:

(a) responding to your queries and requests;

(b) managing the administrative and business operations of ITAAS and complying with internal procedures;

(c) matching any Personal Data held which relates to you for any of the purposes listed herein;

(d) resolving complaints and handling requests and enquiries;

(e)  preventing, detecting and investigating crime and analyzing and managing commercial risks;

(f) providing media announcements and responses;

(g) monitoring or recording phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation and identity verification purposes;

 (h) legal purposes (including but not limited to obtaining legal advice and dispute resolution);

(i) conducting investigations relating to disputes, billing, suspected illegal activities or fraud;

(j) purposes which are reasonably related to the aforesaid.

3.2 In addition, ITAAS collects, uses and discloses your Personal Data for the following purposes:

(a)  If you are a customer or an employee of an organisation which is a customer of ITAAS (including but not limited to Mobile, Broadband, Television, Voice and International Direct Dialing and/or Cloud Computing products and services (“Products and Services”)):

(i) opening or continuation of accounts and establishing or providing you with the  Products and Services you subscribe to (including but not limited to service activation, service operations, service delivery and order processing);

(ii) facilitating the continuation or termination of your subscription to our Products and Services (including but not limited to administering subscription arrangements, account maintenance, account closure, processing renewal of contracts and customer relationship management);

(iii) facilitating the daily operation of the Products and Services (including but not limited to billing, customer service, customer verification, technical support, network maintenance and troubleshooting);

(iv) facilitating third party services if purchased, obtained, administered or processed through us;

(v) managing and executing our service-level agreements with you;

(vi) processing of payment instructions, direct debit facilities and/or credit facilities requested by you;

(vii) enforcement of repayment obligations (including but not limited to debt collection, filing of claims and retrieval of payments from losses made by service partners);

(viii) administering and processing any insurance claims and payments arising under the respective policies;

(ix) credit and internal risk management (including but not limited to performing credit checks and disclosures to law enforcement agencies);

(x) generating internal reports (including but not limited to annual, operational and management reports);

(xi) processing referral payments and commission fees to our external partners;

(xii) analysing your use of our Products and Services so as to help us improve, review, develop and efficiently manage the Products and Services offered to you; and

(xiii) purposes which are reasonably related to the aforesaid.

In addition, where permitted under the Act and subject to the provisions of any applicable law, your Personal Data may be disclosed, for Partners' Additional Purposes, to the vendors or other third party service providers in connection with promotions and services offered by ITAAS’s partners. However, please be assured that we do not disclose your Personal Data to our partners for the purposes of the above unless your consent is expressly obtained.

3.3 If you have provided your Thailand telephone number(s) and have indicated that you consent to receiving marketing or promotional information via your Thailand telephone number(s), then from time to time, ITAAS may contact you using such Thailand telephone number(s) (including via voice calls, text, fax or other means) with information about our Products and Services or those products and services offered by our partners (including discounts and special offers).

3.4 In relation to particular Products and Services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your Personal Data. If so, we will collect, use and disclose your Personal Data for these additional purposes as well, unless we have specifically notified you otherwise.

3.5 You have a choice to withdraw your consent for receiving marketing or promotional materials/communication. You may contact us using the contact details found below.

3.6 Please be aware that once we receive confirmation that you wish to withdraw your consent for marketing or promotional materials/communication, it may take up to 30 working days for your withdrawal to be reflected in our systems. Therefore, you may still receive marketing or promotional materials/communication during this period of time. Please note that even if you withdraw your consent for the receipt of marketing or promotional materials, we may still contact you for other purposes in relation to the Products and Services that you hold or have subscribed to with ITAAS.

4. Security and Protection of Personal Data

4.1) General Policy

We have implemented generally accepted standards of technology and operational security to protect the personal data in our possession or under our control and to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. All ITAAS personnel follow a network-wide security policy. Only authorised ITAAS personnel are provided access to personally identifiable information and these personnel have agreed to ensure confidentiality of this information. 

4.2) Communication

We have also implemented internal communication to employees who related to any service to understand their individual roles and responsibilities and to communicate significant events in a timely manner. These methods include orientation and training programs for newly hired employees; regular management meetings for updates on business

4.3) System Security

Database Security

  • Customer data is stored in a dedicated database - no sharing of data between clients
  • Data access control rules implement complete isolation between customer databases running on the same cluster, no access is possible from one database to another

Password Security

  • Customer passwords are protected with industry-standard encryption 
  • Staff does not have access to customer password, and cannot retrieve it for, the only option if you lose it is to reset it
  • Login credentials are always transmitted securely over HTTPS

Employee Access

  • ITAAS support staff may sign into customer account to access settings related to customer support issue (using special staff authorization, not with customer password)
  • We do our best to respect your privacy as much as possible, we only access files and settings needed to diagnose and resolve your issue

5. Disclosure of Personal Data

5.1 ITAAS will take reasonable steps to protect your Personal Data against unauthorized disclosure. Subject to the provisions of any applicable law, your Personal Data may be disclosed, for the purposes listed above (where applicable), to the following:

(a) ITAAS and employees to provide content, Products and Services to you, address your questions and requests in relation to your customer accounts, subscription and billing arrangements with us as well as our Products and Services, to activate, deactivate, install, maintain and operate our systems and/or services;

(b) companies providing services relating to internet, virtual private server and consultancy to ITAAS;

(c) vendors or third party service providers in connection with marketing promotions and services offered by ITAAS or partners;

(d) other telecommunications, content or other service providers to facilitate their provision of content or services, or for interconnection, inter-operability, system operation and maintenance and billing between service providers;

(e) collection and repossession agencies in relation to the enforcement of repayment obligations for debts;

(f) credit bureaus for the purpose of preparing credit reports or evaluation of creditworthiness;

(g) external banks, credit card companies and their respective service providers;

(h) our professional advisers such as auditors and lawyers;

(i) relevant government regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority; and

(j) any other party to whom you authorise us to disclose your Personal Data to.

6. Use of Cookies

6.1 A cookie is a small piece of information that is placed on your computer when you visit certain websites.

6.2 ITAAS uses cookies on its websites for the following purposes:

(a) enabling certain features and functions on our websites, eg. remembering your user-id, favourite channel selections, browsing and other service preferences;

(b) building up a profile of how you and other users use the website;

(c) improving the efficiency of our website;

(d) administering services to you and to advertisers; and

(e) establishing usage statistics

6.3 Most internet browsers provide you the option of turning off the processing of cookies (please see the “help” section of your browser), but this may result in the loss of functionality, restrict your use of the website and/or delay or affect the way in which it operates.

7. Contacting Us – Withdrawal of Consent, Access and Correction of your Personal Data

7.1 If you:

(a) have any questions or feedback relating to your Personal Data or our Data Protection Policy;  

(b) would like to withdraw your consent to any use of your Personal Data as set out in this Data Protection Policy; or

(c) would like to obtain access and make corrections to your Personal Data records, please contact ITAAS as follows:

Email: info@itaas.co.th

7.2 Please note that if your Personal Data has been provided to us by a third party (e.g. a referrer), you should contact that organisation or individual to make such queries, complaints, and access and correction requests to ITAAS on your behalf.

7.3 If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, ITAAS may not be in a position to continue to provide its Products and Services to you, administer any contractual relationship in place, which in turn may also result in the termination of any agreements with ITAAS, and your being in breach of your contractual obligations or undertakings. ITAAS’s legal rights and remedies in such event are expressly reserved.

8.  Governing Law

8.1 This Data Protection Policy and your use of our website and service shall be governed in all respects by the laws of Thailand.