Personal Data Protection Policy Notice
For the Use of CCTV of KASIKORNBANK PCL
Updated October 2022
Whereas KASIKORNBANK (“KBank”) is required to collect, use and disclose your personal data recorded by the cameras of the closed-circuit television (CCTV) system, which is KBank’s security system and equipment installed inside and around the premises and/or any areas of KBank for the purposes of inspection, surveillance and others as mentioned below, KBank has prepared this Personal Data Protection Policy Notice for Usage of CCTV of KBank (“Policy”) to inform you of the objectives and details about the collection, use and/or disclosure of your personal data recorded by the CCTV cameras, as well as legal rights in connection with your personal data, with details as follows.
KBank shall collect, use and disclose your personal data when you are inside and around the premises and/or any other areas of KBank. Your personal data shall be recorded by the CCTV cameras, as follows
KBank shall collect, use and disclose the following categories of your personal data recorded by the CCTV cameras
KBank shall collect, use and/or disclose your Personal Data as necessary and under KBank’s legitimate objectives, for example, for legitimate interest, for performance of duties as required by law, for operations according to your consent and / or for operations under other lawful bases. Objectives for collection, use and / or disclosure of your Personal Data under this Policy are, as follows
KBank shall keep your Personal Data confidential and shall disclose such Personal Data only to other companies within KASIKORNBANK FINANCIAL CONGLOMERATE, KBank’s service providers, courts of justice, supervisory agencies, public agencies, legally competent entities or other third parties as required by law and/or for achievement of objectives as specified in this Policy.
KBank may find it necessary to send or transfer your Personal Data to companies within KASIKORNBANK FINANCIAL CONGLOMERATE in other countries, or to other data recipients, as part of KBank’s normal business operations. For instance, Personal Data may be sent or transferred for storage on cloud platforms or servers in various countries, sending or transfer of international fund transfer transaction to a financial institution located in another country via international funds transfer management intermediaries, a trade partner which is a private banker in another country, business partners including those jointly providing products and/or services and co-branding business partners and online social media service providers, etc.
If the destination country fails to meet the given standards for data protection, KBank must ensure that Personal Data will be sent or transferred in accordance with legal requirements, while Personal Data protection measures will be put in place, appropriate for and consistent with the confidentiality standards. For instance, an agreement must be entered into with the data recipient in that country to ensure that your Personal Data will be protected under the personal data protection standard equivalent to that in Thailand. If the data recipient is a company within KASIKORNBANK FINANCIAL CONGLOMERATE, KBank may ensure that binding corporate rules verified and certified by relevant competent authorities are in place, and shall send or transfer Personal Data to the company within KASIKORNBANK FINANCIAL CONGLOMERATE abroad in accordance with said binding corporate rules.
In order to achieve related objectives of this Policy, KBank shall keep your Personal Data as necessary for the period of up to one year from the date of your entry into the premises and/or any areas of KBank. In case of litigation or disciplinary cases, your Personal Data may be kept until such cases have been resolved, including any periods for appeal or in accordance with legally stipulated periods.
KBank shall undertake appropriate processes to erase or destroy your Personal Data, or to convert it into unidentifiable data upon the termination of necessities or the abovementioned periods.
KBank shall apply technical, administrative and physical measures for safekeeping your Personal Data in order to maintain confidentiality, accuracy and completeness, and availability of Personal Data to prevent unauthorized or illegitimate access, collection, revision, rectification, use and/or disclosure of Personal Data, in accordance with legal requirements.
KBank has put in place appropriate measures that safeguard against Personal Data breaches. KBank has therefore established policy, procedures and criteria for Personal Data protection. These include measures to control access to Personal Data, and secure and proper use of devices for storing and processing Personal Data, restriction of access to Personal Data, determination of right to access users’ Personal Data, authorization for employees assigned to access data, and users’ responsibilities. All of these measures are intended to prevent unauthorized access to Personal Data, unauthorized disclosure or copying of Personal Data, or theft of devices used in the storing or processing of Personal Data. Measures have thus been put in place for tracking back of access, change to, deletion or transfer of Personal Data, which are appropriate for and correspond to the methods and tools for collection, use or disclosure of Personal Data, including examination for assessing the effectiveness of compliance with policies, procedures and regulations for Personal Data protection.
KBank’s executives, employees, personnel, contractors, representatives, and advisors, and recipients of data from KBank, shall maintain the confidentiality of Personal Data in accordance with the confidentiality measures determined by KBank.
Your rights under this item are legal rights that you should be aware of. You may exercise your rights under legal requirements and policies currently available or to be amended in the future, including criteria determined by KBank. If you are younger than 20 years old, or have limited capacity to perform juristic acts under the law, you may have your father or mother, guardian or authorized person express the intention to exercise these rights on your behalf.
Your exercising of the aforementioned rights may be restricted by applicable laws, and in certain cases, there may be compelling reasons that may cause KBank to deny your request or may prevent KBank from complying with your request. For instance, KBank may have to comply with laws or court orders for the public benefit, or your request may potentially violate other persons’ rights or freedoms. If KBank opts to deny said request, KBank shall provide you the reason(s) for such denial.
You may submit your request to exercise your rights via the following channels
Download form for exercising your rights here
KBank may consider adding to, rectifying or revising this Policy from time to time, as deemed appropriate and permitted by law. In case of addition to, rectification or revision of this Policy, KBank will announce the current policy on our website.
If you have any suggestions or want to inquire regarding details of the collection, use and/or disclosure of Personal Data, or want to exercise your rights under this Notice, you may contact KBank via K PLUS, KBank branches