WEBSPLASH Privacy Statement
Date: November 10th, 2019
On this page you can find the WEBSPLASH Co. Ltd. (Thailand) (“WEBSPLASH”) privacy statement. This privacy statement applies to all the services we offer you (e.g. via the www.websplash.co, www.websplash.eu, www.websplash.co.th) website. WEBSPLASH is concerned about protecting your personal details. In this privacy statement, the following aspects are described:
- The types of personal information which we collect about you,
- How and why we use this information,
- Who we share this information with and why,
- How long we keep this information for,
- How we protect your details,
- Your rights, including how you can contact us with any additional questions about how your personal details are processed,
- How we will apply any updates to this statement.
WEBSPLASH Company Limited, 138 Soi Sukha 1, Fueang Nakhon Road, Wat Ratchabopit, Phra Nakhon, Bangkok 10200, Thailand. Chamber of Commerce: 0105562171774. Contactable via firstname.lastname@example.org and in its “data controller and processor” roles responsible for processing your personal details in the sense of the European GDPR regulations.
You can also find us via the following social media channels:
Which personal information do we collect?
We collect and save the following data:
Your name, address, email and/or telephone number, which you provide to receive information from us: when you request information from us,
When you place an order with us: Your contract and delivery information and other information that might be needed to check and deliver your order.This also includes the payment details, which you supply to us. We use this financial information to be able to invoice the order to you,
If you deliver a service or product to us (suppliers): Your contract and order confirmation information and other information that may be needed to check and process the order we have placed with you.This also includes any payment details that you supply to be able to invoice us.
Where and how you surf on the site, such as the pages you visit and the time you spend on each page: if you visit our digital services and websites(s). Our analysis software (Google Analytics) uses this information only to map the number of visitors from different geographic regions. We have no access to data that can identify you. We do register an IP-address when you visit our website.
Use of your personal details
We base our data processing on the following legal grounds.
In relation to the use of the website and our digital services:
|Why are we processing your personal data?||What are the legal grounds for such processing?|
|To provide you with the information which you have requested.||Legitimate interest
We would like to help you. To do that we need your contact details. That’s why we have a legitimate interest in processing this data.
|To set up and manage your account (by sending you, for example, password reminders or notifications about changes to your account details).||Legitimate interest
If you would like to place an order with us, you will need an online account. You then won’t need to enter your details again with a subsequent order. We do need your details to be able to offer you this service. We have a legitimate interest in processing these details to be able to offer you an optimum service in this way.
|To log on using your social media account.||Legitimate interest
You can log on using your Facebook account. In order to be able to facilitate this we need account data. The use of your personal data is necessary here to set up your online account via your social media account.
|To be able to deliver your order, to contact you about sales and as part of our client relationship procedures.||Carrying out an agreement
Use of your personal details is required in this case so that we can meet our contractual obligations towards you.
|To keep your payments safe and guarantee the security of our website.||Legitimate interest
We want to provide our customers with a secure environment for payments. We have a legitimate interest in processing personal details to protect our customers’ payments, prevent fraud and protect our digital services from cyber-attacks.
|To perform statistical analyses about the use of the website, to gain more insight into how our website is being used and to be able to make improvements to it.||Legitimate interest
We have a legitimate interest to look at this information to gain insight into how our website is being used, so we can manage and improve it. As no sensitive personal data is being processed and the processing itself is limited, we have concluded that our legitimate interest in being able to carry out improvements and analyses takes precedence over your privacy concerns.
|To be able to offer you targeted sales tools and to assist you in selecting the right product or the right service.||Legitimate interest
We like to help when selecting your products. The use of your personal data in this way is necessary to answer your request.
|To have a better understanding of your interests and preferences, in order to offer you an experience tailored to these interests and preferences, for example through the use of behavioural analysis and marketing automation.||Legitimate interest
We like to show you marketing material that is in line with your interests. To be able to do this, we need to have insight into your preferences and interests. We have legitimate interest to collect this information, so we can personalize your user experience.
|To meet our legal obligations (such as fiscal or financial taxation demands).||Legal requirements
Usage of your personal details in this way is needed for us to be able to meet our legal requirements.
|To communicate with you about relevant solutions, products and services, which may be of interest to you, in accordance with your marketing preferences.||Legitimate interest/permission
We have a legitimate interest in keeping our regular customers up to date with our services. What if you are not (yet) one of our customers? Then we would only process your details in this way, if you have given us permission to do so. You can choose to withdraw your permission at any time, by sending a request to email@example.com
In relation to our customers
|Why are we processing your personal details?||What are the legal grounds for such processing?|
|To be able to send your proposals based on your enquiry.||Carrying out an agreement
You can request a proposal from us. We’ll need your (contact) details to be able to send you this proposal. Processing your details is required in this case to be able to establish an agreement.
|To communicate about your wishes and specification about one of our products and/or services.||Carrying out an agreement
We want to help you if you have any questions about your order and/or our products. To be able to answer your questions, we need your details. This processing is also needed to establish an (intended) agreement.
|To be able to send invoices.||Carrying out an agreement
Your personal details are used to ensure that invoices are sent correctly.
|To communicate about implementation aspects of the agreement (such as order details, delivery, quality, assembly, maintenance, complaints, etcetera).||Carrying out an agreement
Your personal details are used to be able to communicate with the correct people, so that the agreement can be managed efficiently.
|To send you emails about relevant solutions, products and services that are related to the contents of this agreement.||Legitimate interest
We like to keep you informed about relevant offers. We personalise these offers, so you will only receive the ones that are relevant to you. That’s why we need your details. We have a legitimate interest to process your details in this respect.
In relations to our suppliers:
|Why are we processing your personal details?||What are the legal grounds for such processing?|
|To be able to contact you so that we can let you know which specifications or wishes a certain item or service needs to meet as far as we are concerned.||Carrying out an agreement
Your personal details are used to be able to contact your so that we can explain our request. Processing your details is required to be able to establish an agreement.
|To be able to send you a request for proposal.||Carrying out an agreement
Your personal details are used to be able to contact you so that we can send you a request for proposal. Processing your details is required to be able to establish an agreement.
|To be able to place an order with you.||Carrying out an agreement
Your personal details are used to be able to place an order with the correct person.
|To be able to pay your invoices.||Carrying out an agreement
Your personal (payment) details are used to be able to carry out invoice payments.
|To be able to communicate with you about implementation aspects of the agreement (such as order details, delivery, quality, any complaints, etcetera).||Carrying out an agreement
Your personal details are used to be able to contact you with any questions or issues within the scope of the agreement.
Transferring your personal details
We will only transfer your details to a third party, if this is necessary for our service provision or if we are legally obliged to do so. We may transfer your details to the following parties:
- Other companies in the ASSA ABLOY Group.
- Third parties who supply services in relation to our digital services or functions, but only to the extent that this is necessary to supply these services. For example: our digital marketing agency, our hosting supplier, our customer service teams or the developers of this digital service.
- Third parties such as suppliers and subcontractors, but only to the extent in which it is necessary to be able to carry out our products and services within the scope of our agreement. For example: suppliers such as haulage companies or installation and maintenance companies who function as subcontractors.
- Government bodies, if we are legally obliged to do so.
- A buyer or potential future buyer of our company.
Some recipients are outside the countries in the EU/European Economic Area (EEA). As these countries have, in some cases, a lower level of protection than we practice for the EU/EEA, we make use of standard contract clauses approved by the European Commission to ensure a sufficient level of protection to your personal details when transferring details to countries outside the EU/EEA. You can find these standard contract clauses via the following link: https://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm
We have made provisions to protect all personal details that are transferred to a third party or to other countries, in accordance with the applicable data protection laws and as stated above.
How long do we keep your personal details?
We keep personal details as long as is necessary to meet the aim for which they have been collected. This means that we delete your personal details when such details are no longer needed to process a request or order, or to manage your account, your marketing preferences or our relationship. Anonymised statistics may be kept for longer.
|Types of details stored||How long are they kept?|
|Contact information that you provide us with, such as your name, email address, region/country and company name.||We delete these details after 12 months after our last contact. These details are also deleted after 3 email bounces.|
|Your answers to researches which you take part in.||We delete these details 12 months after the end of the research period. Consolidated details can no longer be linked to an individual and are kept for longer.|
|Marketing preferences, such as subscribing to or unsubscribing from receiving information about newsletters via email.||We save these details at all times. We are obliged to respect your preferences.|
|Information about our business relationship, such as details in orders and proposals, demands which you require us to meet and delivery information.||For the duration of the business relationship and up to 18 months after the last contact. Details may be kept for longer if we are legally obliged to do so.|
|Administrative details (your invoice, payment and ordering details).||We are legally obliged to keep these details about you for 7 years. Your details may be kept in an anonymous form for longer than this.|
|Customer account.||Inactive customer accounts are deleted after 7 years. Your details may be kept in an anonymous form for longer than this.|
How we protect your details
Your privacy is important to us and we ensure that your details are treated confidentially and with the greatest possible care. That’s why we have taken suitable technical and organisational protection measures against loss, theft or other unlawful processing of these details.
You have the right, in relation to the personal details that we keep about you to:
- Request a copy of your personal details in our files. This is free of charge,
- Request that we correct or delete your personal details (this means however that we will be unable to carry out any more requests or orders for you, or that your account will expire),
- Ask us to stop processing your personal details (for example, regarding the use of details to improve our website) or to limit how we process them (for example, if you think that the details are incorrect),
- Request the personal details used to provide you with the requested information, process an order or to maintain your account or our relationship, in a layout legible by a machine and which you may transfer to another data controller,
- Withdraw your permission for us to process your details for marketing purposes at any time.
Requests to exercise your rights should be directed to “WEBSPLASH Data Protection Manager” via firstname.lastname@example.org . We request you send a copy of your identity documents to be able to process your request or, if relevant company information.
Changes to this Privacy Statement
We may update this privacy statement from time to time, in reaction to changing legal, regulatory or operational demands. We will inform users about any such changes (including when they will come into effect). The most recent version of our privacy statement is available on our website. We would therefore advise you to check this page regularly.
Continuing to make use of our digital service following such an update coming into effect will be seen as an acceptance of any such changes. If you don’t accept the updates to our privacy statement, you will have to stop using this digital service/we will no longer be able to offer you this digital service.