Announced on 17 June 2024.
Ignite Education Co., Ltd. ("the Company") is an international tutoring school with the aim of providing comprehensive educational services. Our curriculum includes English, Science, and Mathematics, as well as activities that develop Academic Skills and Life Skills ("Services"). In the course of providing these services, it may be necessary for the Company to collect personal data from individuals ("you"). The Company is responsible for ensuring the security of personal data under its control and is committed to managing this data in a secure, reliable manner.
For such data management, this Privacy Policy ("Policy") explains how the Company handles your personal and sensitive information, including the manner of collection, storage, use, and disclosure. This Policy, which outlines your rights, forms part of the terms and conditions of our services. We recommend that you understand this Policy before using our services. Each time you use our services, it is considered that you have read and acknowledged the details of this Policy.
Refers to information about an individual that enables the identification of that person, whether directly or indirectly. This does not include data of deceased persons; corporate data; business contact information that does not identify an individual, company name, company address, company registration number, work telephone number, work email address, and group email addresses of the company; and anonymous data or pseudonymous data which cannot be used to identify an individual through technical means.
Refers to information that is sensitive and may carry a risk of unfair discrimination, such as race, ethnicity, political opinions, religious or philosophical beliefs, sexual behavior, criminal records, health information, disabilities, union membership, genetic data, biometric data, or any other information that affects the data subject in a similar manner as defined by the Personal Data Protection Committee.
Refers to the individual who owns the personal data. This does not include cases where the individual owns, creates, or collects the data themselves. The data subject refers only to natural persons and does not include legal entities established under the law, such as companies, associations, foundations, or other organizations.
Refers to any operation performed on personal data, whether by automated means or not, such as collection, recording, systemization, storage, alteration, retrieval, consultation, use, disclosure (by transmission, transfer, dissemination, or otherwise making available), organization, compilation, blocking, restriction, deletion, or destruction.
Refers to a natural or legal person who has the authority to make decisions regarding the collection, use, or disclosure of personal data.
Refers to a natural or legal person who processes personal data on behalf of the data controller according to their instructions or on their behalf.
Refers to small computer files that temporarily store necessary personal data on the data subject's computer to facilitate and speed up communication while using the website.
Refers to a person appointed by the company to carry out duties under the Personal Data Protection Act B.E. 2562 (2019).
The Company processes personal data according to the specific Privacy Notice for each type of data subject and activity involved in the processing of personal data as follows:
Refers to individuals who purchase products and/or use services from the Company, apply for membership, and includes individuals related to, representing, or authorized to act on behalf of the customer. Please refer to the Privacy Notice for Customers and Service Recipients.
Refers to natural persons and representatives of legal entities, such as directors, authorized signatories, agents, subcontractors, employees and workers of legal entities who engage or intend to engage in transactions with the Company, and those whose personal data appears in relevant documents. This includes individuals submitting bids to sell products and/or provide services to the Company, such as service providers, consultants, experts, academics, speakers, business project participants, contractors, or others with similar relationships with the Company.
Please refer to the Privacy Notice for Business Partners.
Refers to employees or individuals who work or perform duties for the Company and receive salaries, wages, benefits, or compensation from the Company, such as executives, managers, staff, personnel, or similar persons. It also includes individuals related to the Company personnel and those whose personal data appears in documents related to the recruitment process, such as family members, parents, spouses, children, emergency contacts, reference persons, and beneficiaries.
Please refer to the Privacy Notice for Employees.
Refers to individuals who have submitted job/internship applications or other personal details to the Company for the purpose of applying for a job/internship, whether as permanent employees or contract workers. This includes employees under employment from an outsourcing service, freelance workers, interns, scholarship applicants who have not yet been selected by the Company, and individuals related to the applicants whose personal data appears in relevant application documents, such as family members, reference persons, and emergency contacts.
Please refer to the Privacy Notice for Job Applicants.
Refers to individuals who pass by or enter the Company's premises and those in areas monitored by the Company's CCTV cameras. Please refer to the Privacy Notice for CCTV.
Refers to models, presenters, those hired or compensated for photo shoots, Company personnel, award/scholarship recipients, and individuals consenting to the Company’s recording, whether as still or moving images, during interviews, training, learning sessions, activities, or group photos.
Please refer to the Privacy Notice for Photography and Animation.
Refers to individuals participating in the Company's activities or campaigns, including those organized by the Company, registrants, training and seminar attendees, and other similar persons.
Please refer to the Privacy Notice for Event Participation.
Refers to individuals who have legal relations or contact with the Company, such as website/application users, those contacting the Call Center, individuals requesting information from the Company, and respondents to surveys about the Company's products and/or services.Please refer to the Privacy Notice for General Public.
The Company may use automated technology to collect personal data when you use the website and application through computers and mobile devices, including IP address, browser, operating system, visited web pages, and referral websites. This automated technology may include the use of cookies or similar technologies. Please refer to the Cookie Policy.
In compliance with the legal requirements for personal data protection, the Company will issue the relevant Privacy Notice detailing the collection of personal data. This notice will inform the data subjects electronically, via short messages, or by other methods determined by the Company. The Company will notify the data subjects before or at the time of personal data collection including at least the following details, unless the data subjects are already aware of such details:
The Company implements appropriate measures to ensure the security and confidentiality of your personal data to prevent loss, unauthorized access, destruction, misuse, alteration, modification, or disclosure. The collection of your personal data by the Company or its assigned external parties will adhere to the following conditions:
In cases where the Company needs to process the personal data of minors, incompetent persons, or quasi-incompetent persons, the following procedures will be adhered to:
If the data subject is a minor, an incompetent person, or a quasi-incompetent person, consent must be obtained from the parent, guardian, custodian, or legal representative, as applicable (unless otherwise permitted by law). The Company may process your data to provide you with services for which you have given consent, complying with personal data protection laws and ensuring the highest level of data protection under the following conditions.
1. Minors
Refers to individuals who have not yet reached legal age but can independently perform actions appropriate to their status, such as educational activities, enrolling in extra courses for additional knowledge, or entering employment contracts related to business or activities they can legally undertake. For the purpose of providing consent, minors may be treated as if they have reached legal age, except where specific laws require the consent of a legal guardian. For minors under the age of 10, consent must be obtained directly from the guardian.
2. Quasi-Incompetent Persons
Refers to individuals declared by a court as quasi-incompetent due to physical disability, mental instability, habitual reckless behavior, addiction to intoxicants, or other similar reasons that prevent them from managing their own affairs or protecting their property and family interests. Consent must be obtained from the legal representative before processing personal data, except where specific laws allow certain actions without such consent.
3. Incompetent Persons
Refers to individuals declared by a court as incompetent due to mental illness. Consent must be obtained from the custodian before processing personal data.
In cases where consent from a parent, guardian, custodian, or legal representative is required, the Company will directly seek consent from the authorized individual and only proceed based on that consent. The Company operates under the good faith assumption that the information provided by these authorized individuals is accurate and that they have the right to disclose such information to the Company. The Company will follow the procedures outlined in the Privacy Notice specific to each type of activity.
The company will process personal data both as a data controller and data processor accurately and in compliance with the law, ensuring fairness, transparency, and data accuracy. This includes defining the scope and purposes of processing personal data, as well as the storage duration, to the extent necessary under legal objectives and the company's business guidelines.
We establish clear processes and controls to manage personal data at every stage, aligning with legal requirements and our company's data protection policies.
We create and maintain Records of Processing Activities (ROPA) to record all processing activities related to personal data, ensuring compliance with the law and updating ROPA as activities change.
We provide clear Privacy Notices detailing the purposes of data collection and processing, obtain consent from data subjects in accordance with the law, and implement measures for data protection and consent management.
We grant access to personal data only to individuals who need it for their roles or as specified in contracts, ensuring compliance with legal obligations and limiting access based on job responsibilities. In the cases where the Company processes personal data, the processing will only be done by adhering to written contracts and professional responsibilities while lawfully abiding by the protection of personal data pertaining to data processing.
In cases of data transfers to third parties, we establish agreements to define rights and responsibilities, ensuring legal compliance and alignment with our data protection policies.
For international data transfers, we adhere to legal requirements and standards.
We securely destroy personal data when it reaches the end of its retention period, following legal requirements and our business practices.
We assess risks and implement measures to mitigate risks and minimize the impact of data processing activities.
We regularly review and update policies, standards, guidelines, procedures, and related documents to ensure compliance with the law and adapt to changing circumstances.
The company will retain personal data of data subjects according to the type of activity and purposes of personal data processing as specified in the Privacy Notice on the company's website. After the specified retention period mentioned above, the company will delete or destroy such personal data from the company's systems and from any third parties providing services to the company (if applicable), anonymize the data to the extent that the data subject cannot be identified, or take any other actions as required by data protection laws to ensure the effective protection of personal data, unless the company is legally allowed to continue retaining such personal data under data protection laws or other relevant laws.
In any cases, the company may retain personal data of data subjects beyond the specified retention period if permitted by law or if such retention is necessary for the establishment of the company's legal rights, compliance with the law, or compliance with orders from authorized employees or government agencies, and for business purposes or as required by law.
The Company grants rights to data subjects as stipulated by data protection laws as follows:
The company respects your rights as a data subject and provides opportunities for you to select the method of control or communication methods used by the company. The company will act according to your requests to promote transparency, data quality, and data accuracy. Any requests to exercise your rights as stipulated by law must be in writing through the electronic system provided on the company's website, or if you wish to withdraw consent, you can access the settings in the application where you are a member or fill out the data subject rights request form.
The company recognizes the importance of maintaining the security of your personal data. Therefore, appropriate measures are in place to prevent loss, unauthorized access, destruction, use, alteration, modification, or disclosure of personal data unlawfully. This includes setting policies, regulations, practices, and procedures as follows:
The company’s website may contain links to third-party websites, which may collect certain information about your use of their services and personal data. The company cannot be held responsible for the security or privacy of any data collected by these third-party websites. Personal data owners should exercise caution and review the privacy policies of these third-party websites before using their services as follows:
If the company collected your personal data before the Personal Data Protection Act regarding the collection, use, or disclosure of personal data came into effect, the company will continue to collect and use your personal data for the original purposes. You have the right to withdraw your consent at any time by contacting the company through the consent withdrawal form or managing your consent in the personal data management settings in the company’s application where you are a member.
The Company has assigned Learn Corporation Public Company Limited as the coordinator for the Company’s personal data protection. If data subjects have any questions or wish to exercise their rights as outlined in this policy, they can contact:
Data Protection Officer (DPO)
The Company may occasionally update, modify, or amend this Privacy Policy to comply with legal guidelines. The Company will notify you of any changes through the its website and/or platform.
