Privacy Policy

RAX Interdiagnostic Co., Ltd. (“Company”, “we”, “us”) recognizes the importance of personal data and is committed to conducting business ethically while respecting and protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and/or transfer your personal data in a transparent and responsible manner in accordance with the Personal Data Protection Act B.E. 2562 (2019) of Thailand (“PDPA”) and other applicable laws.

1) Personal Data We Collect, Use, and Disclose

• Identity data: name, surname, gender, age, date/place of birth, marital status, nationality, ID/permit numbers, education and employment history, licenses, bank account numbers.
• Contact data: registered and current address, phone numbers, email, LINE ID and other social media information.
• Employment data: occupation, position, workplace.
• Financial data: salary and account/payment details, remittance details.
• Medical history.
• Vehicle information (e.g., chassis number, license plate).
• Land title deed.
• Signature (including electronic signature).
• Online identifiers: username/password, cookies, IP address, GPS location.
• Business partner codes and banking/payment information (e.g., account holder, bank, account type/number, beneficiary, payment date/method, currency, domestic/overseas transfer details).
• Relationship/transaction data such as data appearing in contracts, forms, surveys, and transaction records with us.
• Personal data of third parties you provide to us (e.g., spouse, joint account holder, guarantor).
• Security data such as CCTV footage.

Sensitive Personal Data: race, political opinions, religious or philosophical beliefs, sexual behavior, criminal records, health data, disability, trade union data, genetic data, and biometric data, etc. We will collect, use, and disclose such data only with your explicit consent or where permitted by law.

2) How We Collect Personal Data

Customers

• Sales and marketing channels.
• Online channels such as our mobile applications, websites, or social platforms (e.g., LINE, Facebook).
• Other sources such as public sources or government agencies.

Business Partners

• Directly from you when doing business with us, signing contracts, completing forms, or interacting via our online platforms, website, mobile apps, email, phone, surveys, name cards, post, meetings, events, or during site visits.
• Through your agents/representatives; our affiliates.
• From our internal systems, shared drives, databases, transport software, and/or electronic files.

3) Purposes of Collection, Use, and Disclosure

Customers

• To provide services, verify identity before using products/services or entering into transactions, and to receive and handle complaints.
• To manage customer relationships and communications (e.g., service application results, requests for information, product/service offers).
• To improve service quality through analysis and evaluation, and to develop products/services for the best user experience.
• To comply with applicable laws.
• To contact and coordinate with your affiliated business partners.

Business Partners

• Business communications relating to our products, services, and projects.
• Business partner selection and due diligence: suitability/qualification assessments, identity/status verification, background checks, risk assessments (including checks against public/enforcement lists), requests for quotation/bids, contracting, and performance evaluations.
• Partner data management: creating partner accounts, recording data in systems, maintaining and updating records, and administering contracts/documents (which may contain your personal data).
• Relationship administration under contract: appointment/termination/authorization, purchasing, payment processing, shipping/logistics, support, accounting/audit/invoicing/collection.
• Business research, analytics, assessments, surveys, and reporting; developing and improving marketing strategies and our products/services.
• IT systems and support: access control, account maintenance/removal, identifying and fixing issues, ensuring system security; developing, deploying, operating, and maintaining IT systems.
• System monitoring and security: identity verification and access control, device/internet monitoring, IT security, crime prevention, risk management, anti‑fraud, and incident reporting.
• Dispute management and legal compliance: dispute resolution, contract enforcement, establishment/exercise/defense of legal claims, granting authority to legal advisors.
• Internal communications and operations: procurement, expenses, internal management, training, audit, reporting, document handling, data processing, risk control, statistical analysis, and planning.
• Compliance with internal policies and applicable laws, regulations, and procedures; liaison with government agencies/courts (e.g., Revenue Department, Royal Thai Police, State Audit Office).
• Record retention for audit/reference and internal/external audits.

If certain data are required by contract or law and you do not provide them, we may be unable to provide services or achieve the stated purposes.

4) Data Retention

We retain your personal data for as long as necessary for the relevant purposes, such as throughout your use of our products/services, the duration of your relationship with us, or as required by law.

5) Disclosures of Personal Data

• Within our corporate group to enhance operational efficiency and quality of service.
• Professional advisors such as lawyers, banks, auditors, accountants, and insurers.
• Service providers that provide IT and system maintenance services to us.
• Government authorities and regulators where required by law, regulations, or procedures.
• Independent external auditors.
• Third parties in the event of a sale/transfer/merger or acquisition of our business or assets. In such cases, recipients will be required to keep your data confidential, secure, and process it in compliance with applicable laws.

6) Cross‑Border Transfers

We may disclose or transfer personal data to countries outside Thailand which may have higher or lower levels of data protection, for example when data are stored in cloud platforms or servers located outside Thailand or when obtaining IT support services.

7) Your Rights

• Right of access to your personal data.
• Right to rectification.
• Right to erasure (deletion/destruction).
• Right to restriction of processing.
• Right to object to the collection, use, or disclosure of personal data.
• Right to withdraw consent.
• Right to data portability (receive, send, or transfer your personal data).
• Right to lodge a complaint with the supervisory authority.

8) Changes and Review of This Policy

We may amend this Policy from time to time without prior notice. Please refer to the last‑updated date. Your continued use of our services constitutes acknowledgement and acceptance of the updated Policy.

9) Contact Us / Data Protection Officer (DPO)

RAX Interdiagnostic Co., Ltd. 326/2 Soi Charan‑Sanitwong 67, Bangplad, Bangkok 10700 Thailand Website: http://www.raxinterdiag.com Data Protection Contact: Ms. Chaweewan Thabtanee Email: chaweewan@raxinterdiag.com Tel: +66 2 096 2002