PERSONAL INFORMATION COLLECTION
What We Collect
What personal information we collect from you (“discloser”) depends on your relationship with us at the time of collection, i.e. insured, claimant, or prospect, as well as your request – the information of which may include the following:
Personal Details
This may include name, date of birth, age, gender.
Contact Information
This may include address, phone number, mobile number, email address, Line ID and Facebook ID.
Financial Information
This may include bank account number, and other financial details.
Other Information
Trip Information, other insurance policies held by you and other information you have given to us.
How We Collect
Your personal information will be collected and stored, directly or indirectly, when: (a) you enter our Website; (b) you disclose to us; (c) any persons related to you or appointed by you (including but not limited to your spouse or family member, a person whose name is under the same policy as yours, and any other persons under the purpose of validation of application, claim, and compensation) discloses to us, and (d) relevant third parties (including but not limited to Travel,Tourism Authority of Thailand, financial institutions, regulatory bodies e.g. Office of Travel Commission, Revenue Department (RD), Anti-Money Laundering Office (AMOL), and other reliable sources e.g. In the case of (c), when the information concerning about other persons (“data subject”) than the discloser is given to us, it is the sole responsibility of the discloser to ask for a consent from and notify the data subject of the disclosure of his/her personal information and the terms and conditions of this Privacy Policy.
Why We Collect and How We Use and Secure
Your personal information may be collected and used for the following purposes: (a) to provide you with our services and products which shall include performing our relevant contractual or regulatory obligations; (b) to enhance our existing services and products and develop new services and products; (c) to communicate with you about our existing or up-coming services or products, including but not limited to, terms and conditions, promotion, activities, and advertisement; (d) for Website administration and business operation and (e) to rely on the purpose or obligation which are subjected to us to collect your personal data stipulated by the laws such as insurance law, personal data protection laws and other related law.
For your security, we (a) use both encryption and tokenization technology to safeguard your sensitive information such as credit card number, which can only be accessed by an authorized person; (b) restrict the access of your personal information to only our employees who require such access; (c) prevent unauthorized access by regular update of technology; and (d) delete your personal information when it is no longer necessary for relevant aforementioned purposes.
How Long We Retain
We will retain your personal information as long as it is necessary for the purposes of collection and use, unless required or permitted by applicable law. For most of the cases, your personal information will be retained for five years after the date of termination or cancellation of your policy.
Third Party Access
In order to perform our contractual obligations towards you or our regulatory obligations towards regulators and authorities, your personal information may be disclosed, and/or disseminated to third parties for the relevant mentioned purposes only. These third parties may include insurers, reinsurers, our business partners, financial institutions, regulators e.g. OIC, authorities e.g. RD, other service providers e.g. data storage service providers, call centre service providers, First Notice of Loss service providers, and repair shops.
For our business operation, where our legitimate interest is not less important that the data subject’s fundamental rights, your personal information may be disclosed and/or disseminated to our group companies and third parties such as external auditors, advisors, survey/data analytics service providers, and investors.
In any case, your personal information will not be disclosed and/or disseminated to any other persons other than the cases of the above two paragraphs, without your consent, except for the following cases: (a) providing that it is required by any applicable law; (b) providing that it is necessary for preventing emergencies or protecting others from danger; and (c) for the public interest.
In case where we disclose and/or disseminate your personal information to any third parties, we shall notify the said third parties of its confidential nature and their obligations to restrict the use of such information to any person involved for the permitted purposes as necessary only, and to handle the information appropriately in accordance with this Privacy Policy and the Personal Data Protection Act B.E. 2562 (PDPA).
Cross-border Transfer
In order to provide you our services especially for documentation, your personal information will be stored in other countries. The privacy protection standard of which, might be different from the PDPA or ours. We will take any necessary step to ensure that your personal information is stored and secured appropriately.
YOUR RIGHTS AS A DATA SUBJECT
Subject to the PDPA, by using our Website, receiving our services and/or purchasing our products, you are entitled to the following rights in respect to personal information concerning about you and obtained by us:
Right for Withdrawal
You have the right to withdraw your consent given to us to retain, use or process your personal information, or allow our external service provider to do the same with your personal information.
Right to Access
You have the right to obtain confirmation of whether or not we hold personal information concerning about you, and if so, to obtain confirmation of where your personal information is being processed and/or for what purpose, as well as an electronic copy of such information.
Right to Rectification
In case you find out that the information concerning about you is inaccurate, incomplete, out of date, you have the right to request for rectification of such inaccuracy, incompleteness, and outdatedness.
Right to Portability
Where your personal information concerning about you is being processed via automated means, you have the right to request us to transmit such information to another data controller.
Right to Restrict Processing or be Forgotten
You have the right to request us to suppress or restrict the use or processing of your personal information or to permanently erase your personal information.
The withdrawal of your consent, restriction, suppression, or erasure of your personal information may inhibit our ability to provide you with our services and/or products.
COOKIES INFORMATION
What are Cookies?
Cookies are small pieces of data sent from a website to be stored in your personal devices. They allow the Website to recognize your devices and collect information to adjust the Website content to be in accordance with your preference. We use cookies through third-party service providers to improve your Website experience.
What Cookies do We Use?
We use the following types of cookies:
Strictly Necessary Cookies
These cookies track your Facebook profile identity and use them as references when you post on our Website for earning Ferry rewards after your purchase. The storage duration is one year (persistent).
Statistic Cookies
These cookies track your behaviour of usage in order to know how many times you access certain functions of or your customer journey on our Website. The storage duration is between 1-2 years (persistent).
In some cases we might use both types of cookies through third-party service providers.
Managing Cookies
You can manage, block, and delete cookies on your browsers. You can learn more about cookies and how to manage them from this link: Allaboutcookies.
EXTERNAL LINKS
This Website may contain links to other websites which we cannot ensure your privacy and security. The inclusion of such links does not guarantee that other websites will provide you with the same standard of personal data protection as per this Privacy Policy.
CHANGES TO THE PRIVACY POLICY
We reserve the right to make any change to the Privacy Policy in order to comply with any applicable law. Hence, we encourage you to check the “Updated Date” of the Privacy Policy.
CONTACT US ABOUT YOUR PERSONAL INFORMATION
If you have any query, comments, or recommendations about the Privacy Policy or if you would like to exercise your rights, please submit your query, comments, or recommendations or the PDPA Data Subject Request Form to booking@boonsiriferry.com. The process might take up to 30 days from the date of your submission.
You can download our PDPA Data Subject Request Form from
*Updated Date 1st March 2021