Privacy Notice
Smart Finder Co., Ltd.

Smart Finder Co., Ltd. has announced its personal data protection policy on June 1, 2022, to comply with the Thailand Personal Data Protection Act 2019. The company is required to provide a privacy notice to potential customers and customers in accordance with Section 23 as follows:

Contact Information of the Data Controller

Smart Finder Company Limited
99/24 Rajchapreuk Road, Bangkrang, Nonthaburi 11000
Telephone: 02-422-6780
Fax: 02-422-6781
Email: support@smartfinder.tech

---

Personal Data Collected for Processing

General personal data includes:

• Full name, ID/passport details, and ID copies
• Address, phone number, and place of work
• Job position, department, or organization
• Digital communications (email, service desk, app conversations)
• Data shared through contact or activities with the company

---

Retention Period

1. Identifying information (e.g., name, address, contact):

• Retained during contract and 10 years post-termination
• If no agreement is reached: kept with consent until revoked

2. Online identifiers (e.g., IP, MAC, email, logs, browser, cookies):

• Retained for 90 days under the Computer Crimes Act

---

Purpose of Data Processing

1. Procurement or service provision
2. Financial and tax processing
3. Service/product analytics and marketing
4. Quality and operations improvement
5. Service usage tracking and auditing
6. Participation in company activities
7. Health/safety and security compliance
8. Legal and regulatory compliance

---

Legal Basis for Processing

• Performance of a contract – e.g., sales offers, quotations
• Consent – e.g., marketing via registration/email (withdraw anytime)
• Vital interest – e.g., emergency disclosure to hospitals
• Legal obligation – e.g., issuing tax invoices
• Public task – required duties under law
• Legitimate interest – e.g., CCTV, follow-ups, service logs

---

Source of Personal Information

1. Directly from you via forms, registrations, or platform input
2. From partners, customers, or lawful third-party disclosures

---

Processing of Personal Data

We may:

• Use contact info for quotations, deliveries, and service setup
• Contact you about related services/products
• Share data with processors (e.g., Google) and agencies (e.g., SSO, Revenue Dept.)
• Transmit data to international organizations with safeguards

Overseas Processors:

• Google
• Azure
• Microsoft DPA
• Zoho
• ITTS Service Desk

---

Data Retention

• Format: Digital and paper
• Location: Google Drive, Gmail, Zoho, ITTS, Gitlab, Jira, Azure
• Retention: See details above
• Destruction: Data will be deleted within 30 days after expiration or loss of legal grounds

---

Your Rights as a Data Subject

You have the right to:

1. Withdraw consent
2. Access your data
3. Request correction
4. Request deletion
5. Restrict processing
6. Data portability
7. Object to data processing

To exercise your rights, contact the DPO (below) with ID proof or use our request form (link pending). No fee will be charged. Response within 30 days.

---

Supervisory Authority

Office of the Personal Data Protection Board
Ministry of Digital Economy and Society
120 Village No. 3, 6–9th Floors, Ratthaprasatpakdee Building
The Government Complex, Chaengwattana Rd., Lak Si, Bangkok 10210
Email: pdpc@mdes.go.th
Tel: 02-142-1033 / 02-141-6993