​​​​​​​​​​​​​​​​​​​This Privacy Notice presents the reason for and the processing of personal data of data subjects and describes how the SEC Office processes your personal data, the rights to which data subjects are entitled, and the contact channels of the SEC Office in the case of any problems or queries concerning the processing of personal data.

Glossary

The processing of personal data is divided according to the missions of the SEC Office.  Please click the following links for more details:

• Use of Cookies by the SEC​

• Privacy Policy for Fundraising

• ​Privacy Policy for Investment Management

• Privacy Policy for Business Operators

• Privacy Policy for Trading in Secondary Market

• Privacy Policy for Internal Administration (website)

• Complaints and Information

Personal data that the SEC Office collects:

The personal data that the SEC Office collects includes both direct and indirect data, for example, identification number/passport number, title, name, surname (Thai/English), date of birth, citizenship, mobile phone numbers, email, addresses on identification cards, and gender, etc.  The types of personal data the SEC Office will collect depends on the necessity of the SEC Office in the carrying out of activities in each operating system.  More details of personal data that the SEC Office collects can be found in the link to Privacy Policies above.

Sources of personal data

1. The SEC Office receives your personal data from you directly.

2. The SEC Office receives your personal data from a company or agent that you have delegated to proceed by using the system.

3. The SEC Office receives your personal data from the data cooperation  with government agencies.

4. The SEC Office receives your personal data from other sources, for example, searching other websites.

Purposes of the processing of personal data

The SEC Office retains your personal data for the following purposes:

1. Approving the establishment and management of funds, and granting approval for the issue and offer for sale of securities under the supervision of the SEC Office;

2. Approving the persons in the capital market business under the supervision of the SEC Office;

3. Analyzing and reviewing the overview of investment and studying investment behavior, as well as considering the operation, compliance with the law, rules, and regulations, investigating and inquiring, and any other act in accordance with the missions of the SEC Office so as to ensure compliance with the law;

4. Considering complaints and wrongdoings, monitoring risks, considering wrongdoings on the issue and offer for sale of securities, as well as the wrongdoing of the relevant professionals;

5. Disseminating, researching, hearing, exchanging and promoting knowledge;

6. Internal administration in the SEC Office and other activities as specified by the SEC Office.

For more details of the purpose of the processing of personal data collected by the SEC Office, please click the link to the Privacy Policies above.

Retention and the Period of Retention of Personal Data

Data subjects have the rights under the Personal Data Protection Act 2562 as follows:

1. Right to withdraw consent: You have the right to withdraw your consent to the processing of personal data given to the SEC Office during the period your personal data has been retained by the SEC Office.

2. Right to be informed: You have the right to be informed of the personal data that the SEC Office will process before or at the time of the collecting of personal data.

3. Right to access: You have the right to access or obtain a copy of your personal data, and to request the disclosure of the source of your personal data.

4. Right to rectification: You have the right to request the SEC Office to rectify any incorrect or incomplete personal data.

5. ​Right to erasure: You have the right to request the SEC Office to erase your personal data for certain reasons.

6. Right to the restrict of processing: You have the right to restrict the processing of personal data for certain reasons.

7. Right to data portability: You have the right to request the SEC Office to transfer your personal data to other controllers or to you in certain cases.

8. Right to object to processing: You have the right to object to the processing of your personal data in certain cases.

Data subjects are entitled to the rights stated above.  Therefore, data subjects may request the SEC Office to comply with the rights stated above by requesting the SEC Office via the link   Request to Exercise the Rights as Data Subjects.  

In requesting the exercise of these rights, data subjects will not be required to pay any expenses, provided, however, that whether or not the SEC Office will comply with any request of a data subject will depend on the basis of the process of personal data, and the reason given by the data subject.  When a data subject makes a request to exercise his or her right, the SEC Office will approve or deny his or her request and inform the data subject of its decision within 30 days from the date on which the SEC Office receives a complete set of the request documents.  In the case that the SEC Office cannot reply to the data subject within 30 days, the SEC Office will inform the reason for the delay to the data subject.  In the case that the SEC Office refuses your request, the SEC Office will inform you of the reason using the contact channel provided by you.  If any data subject has any question concerning the SEC Office's decision, the data subject shall address his or her question to the Data Protection Officer at dpo@sec.or.th.

Notice of obtaining personal data

In the case that the SEC Office obtains your personal data, the SEC Office will inform you of the following matters in the Privacy Policies:

1. Definitions of personal data;

2. Personal data that the SEC Office collects;

3. Sources of personal data;

4. Purposes of the processing of personal data;

5. Processing of personal data;

6. Retention and period of retention of personal data;

7. Rights of data subject;

8. Marketing and marketing promotion activities (if any);

9. Amendment of the Privacy Policies;

10. Contact channels.

Use of Cookies

The SEC Office collects information of the visit to our website from every visitor via cookies or similar technology.  The SEC Office uses cookies for the purpose of developing the performance in accessing and using the services of the SEC Office.  The SEC Office uses the following cookies.

Privacy Policies of other websites

The Privacy Policies apply to the services of the SEC Office and the use of the SEC Office's website only.  If you click a link to other websites (even through the SEC Office's website), you are required to read and comply with the privacy policies of those new websites.

Amendment of the Privacy Notice

The SEC Office reviews the Privacy Policies on a periodic basis in accordance with the SEC Office's policy in ensuring that they will be in line with the relevant guidelines, laws, and rules.  In case of any change to the Privacy Policies, the SEC Office will inform you of such change.  This Privacy Notice will also be updated on our website at the same time.  The Privacy Policies on the SEC Office's website will be the latest version.  If you want to read any previous Privacy Policies, please click here.  

Data Protection Officer

The SEC Office has appointed a Data Protection Officer of the SEC Office as required by law.  The Data Protection Officer has the duty of giving advice to the SEC Office on the processing of personal data within the SEC Office; ensuring that the operations of the SEC Office on the processing of personal data are in compliance with the SEC Office's relevant policies and related laws: as well as acting as the coordinator between data subjects, the Personal Data Committee, and the SEC Office.

Contact Channels

If you have any question or queries concerning your personal data or the SEC Office's Privacy Policy, you may contact or address your questions to the SEC Office via the following channels: