Individual Business Agents and Partners
About Us

Privacy Notice

Privacy Notice of Allianz Ayudhya for Vendors and Business Partners

Allianz Ayudhya Assurance Public Company Limited and Allianz Ayudhya General Insurance Public Company Limited and Allianz Ayudhya Capital Public Company Limited (“the Company”, “we”, “us”) realize the important of your personal data protection.  We want you to read and understand this “Privacy Notice” explaining how and type of personal data will be collected, used or disclosed, the objectives of collection, use or disclosure and who we will disclose or share such data including your rights in this regards.
What personal data will be collected and processed?

  • Basic personal data such as name, surname, gender, nationality, marriage status, date of birth, passport number, identification number or other identification number issued by a government authority, photo on identification card or other document issued by the government authority;
  • Contact details such as house registration, current address, phone number or mobile phone number, email address or other contact information;
  • Job-related information such as education, work experience, training record, work permit professional license, performance-related information e.g. performance or behavior evaluation or disciplinary action;
  • Financial information such as remuneration, bank account number, tax information and payment information;
  • Legal status such as status relating to laws on Anti-Money Laundering, Terrorism and Proliferation of Weapons of Mass Destruction Financing, Bankruptcy or Foreign Account Tax Compliance Act (FATCA);
  • Other personal data such as information relating to use of our information technology system and website, your photo in an event organized by us, CCTV record, voice record from meeting;
  • Sensitive Data according to personal data protection law such as criminal record.
If you provide us the personal data of other people, you acknowledge and affirm that you have the authority to act on their behalf regarding the processing of their personal data and provide this privacy notice for their acknowledgement.

How will we obtain and process your personal data?

2.1 The Company obtains your personal data from:

  • The Company collects personal data directly from you or juristic person which is our contractual parties or business partners as you are its director, authorized director, employee, contractor;
  • We may also obtain your personal data from other sources such as reference from other person, public database, social media, business or commercial database.

2.2 We will use your personal data for the following purposes:

  • To fulfill contractual obligations such as to perform duties and responsibility stipulated in a contract, identification verification, invoice and payment of remuneration, communication between the parties, business cooperation, or establishment of claims under existing contracts;
  • To legitimate our interest such as considering, evaluating or selecting vendors or business partners in bidding process, criminal record checking before entering into an agreement or during term of the agreement, prevention or protection or investigation of fraud or criminal activities, evaluation of your performance, security for a building or place by CCTV, internal audit or business plan, and statistical analysis;
  • To comply with legal obligations such as a compliance with a lawful order of an authorized officer or rules of regulations of government agencies or a law enforcement agency or regulators e.g. the Office of Insurance Commission, the Data Protection Commission, the  Anti-Money Laundering Commission or the Revenue Department;
  • To process sensitive data to the extent necessary within the scope of consent given such as the Company may process sensitive personal data only to the extent necessary within the scope of consent given, unless such processing of sensitive personal data is exempted by law from consent requests. In the event that the Company cannot process sensitive personal data or does not receive enough accurate and complete sensitive personal data to fulfill contractual or legal obligations, we may not able to perform our contractual obligations under existing contracts;
  • To disclose or share your personal data as necessary to perform contractual obligations, to complete your request, for the benefit of the Company, to comply with relevant laws and regulations, or for specific purposes according to your consent (where consent is required) to group companies, third parties, authorities, or individuals acting on behalf of the Company, whether inside or outside Thailand;
  • For any other purposes where consent is given from time to time, unless the Company can process for such purposes lawfully under applicable law or data protection law.

Who will have access to your personal data? or who do we share your personal data with?

The Company may disclose your personal data to other data controller or data processor both inside and outside Thailand in a manner that is compatible with the purposes indicated as follow;

  • Allianz SE or Allianz group companies;
  • Third parties such as external advisers, counter parties or service providers or cloud computing service providers
  • Government authorities such as the Revenue Department, the law enforcement agency, regulators e.g. the Office of Insurance Commission (OIC);
  • Our assignees or successors in case of merger or acquisition of partial or entire of business of the Company or group companies;

Where will my personal data be processed?

Your personal data may be processed both inside and outside of Thailand by the parties specified in section 4 above, subject always to contractual restrictions regarding confidentiality and security in line with applicable data protection laws and regulations. We will not disclose your personal data to parties who are not authorized to process them.

Whenever we transfer your personal data for processing outside of Thailand by another Allianz Group companies, we will do so on the Binding Corporate Rules (BCRs) of Allianz which establish adequate protection for personal data.

The BCRs and List of Allianz Group companies that comply with the BCRs can be accessed under www.allianz.com/en/privacy-statement.html#bindingcorporaterules

Where the BCRs do not apply, we will instead take steps to ensure that the transfer of your personal data outside of Thailand receives an adequate level of protection as it does in Thailand e.g. Standard Contractual Clauses

What are your rights in respect of your personal data and which channel can you use your rights?

Under the Personal Data Protection Act, you have the right on your personal data to:

  •  Access or request a copy of your personal data and the request for the disclosure of data source;
  • Cancel or withdraw your consent at any time where your personal data is processed with your consent;
  • Update or revise your personal data to be current, accurate, completed and not to make any misleading;
  • Delete, destroy or anonymize your personal data from our records if it is no longer needed for the purposes indicated above;
  • Restrict the processing of your personal data in circumstances where you have contested the accuracy of your personal data, for the period enabling us to verify its accuracy;
  • Object to the collection, use, and disclosure of your personal data in certain circumstances, including the case where personal data is being processed for direct marketing;
  • Obtain your personal data in an electronic format for you or for your new data controller; and
  • File a complaint with us and/or the relevant data protection authority if you believe that there is violation under the Personal Data Protection Act.

Your withdrawal of any previously given consent, your request to delete, destroy and anonymize your personal data, your request to restrict or your objection to the processing of your personal data could mean that the Company is unable to perform our obligations under an existing contract with you and there may be restrictions on certain transactions or services.

The Company may refuse to comply with your request in the circumstances where there are legal restrictions, or the Company has compelling legitimate grounds for the processing of your personal data as permitted by applicable laws. The Company reserves the right to charge a reasonable fee to complete your request.

How long is personal data retained for?

We will retain your personal data for at least 10 (ten) years from the date the business relationship ends. However, the Company may continue to retain your personal data after such period if it is necessary to store your data longer for the purpose for which it is collected, or for other reasons deemed appropriate e.g. to enforce our legal or contractual rights.

We will not retain your personal data for longer than is necessary and we will hold it only for the purposes for which it is obtained.

How can you contact us?

If you wish to exercise your rights, you can contact us as detailed below

    A) contacting our representative staff who you contact with at the present or;

    B) sending a mail to the below address;

 Allianz Ayudhya Assurance Pcl. / Allianz Ayudhya General Insurance Pcl. /Allianz Ayudhya Capital Pcl.

898 Ploenchit Tower, Ploenchit Road, Lumpini, Pathumwan, Bangkok 10330

If you have any queries about this privacy notice or would like to lodge a complaint relating to personal data protection, you can contact Data Protection Officer (DPO) at email: DPO_report@allianz.co.th

This privacy notice is made in both English and Thai language. In the event of any conflict or discrepancy between the Thai and English versions, the Thai version shall prevail.

This privacy notice was last updated on 20 October 2023