Privacy Policy

NSL Foods Public Company Limited (“the Company”) respects and prioritizes the protection of personal data belonging to employees, customers, business partners, and stakeholders. The Company is committed to safeguarding personal data against misuse and ensuring its security in compliance with applicable laws. This Personal Data Protection Policy has been established to provide clear and appropriate guidelines, measures, and management practices for handling personal data, as outlined below:

1.Scope of Application

This policy applies to the collection, use, disclosure, or transfer of personal data by the Company concerning the following groups:

    • 1.1 Employees, Job Applicants, and Their References Including family members or individuals referenced by employees or applicants.
    • 1.2 Business Partners and Contractual Parties
      • 1.2.1 Individuals who are current, past, or potential business partners or contractual parties.
      • 1.2.2 Employees, personnel, officers, representatives, authorized persons, directors, and others associated with corporate contractual parties of the Company.
    • 1.3 Visitors and External Parties Individuals entering Company premises whose personal data is collected for security purposes.
    • 1.4 CSR Stakeholders and Related Individuals Personal data collected from or about individuals for corporate social responsibility (CSR) or other activities.
    • 1.5 Activity Participants Individuals participating in marketing events, seminars, or other activities.

2. Definitions

      • 2.1 Personal Data: Information about an individual that can identify them directly or indirectly, excluding data of deceased persons.
      • 2.2 Sensitive Personal Data: Personal data inherently sensitive and susceptible to unfair discrimination, such as race, ethnicity, political opinions, religious beliefs, health data, criminal records, disabilities, or other similarly sensitive information.
      • 2.3 Processing: Operations involving the collection, use, disclosure, deletion, or destruction of personal data.
      • 2.4 Data Subject: An identifiable natural person who owns the personal data.
      • 2.5 Data Controller: A person or entity with authority to decide on the collection, use, or disclosure of personal data.
      • 2.6 Data Processor: A person or entity that processes personal data on behalf of the Company, under the Company’s instructions.

3. Personal Data Collection

      • 3.1 The Company collects personal data lawfully, fairly, and only to the extent necessary for operational purposes.
      • 3.2 The Company assigns controllers, processors, and data protection officers to ensure data usage aligns with stated purposes and to prevent misuse or harm to data subjects.
      • 3.3 Sensitive personal data will be collected, used, or disclosed only with explicit consent and handled with strict confidentiality.

4. Purpose of Personal Data Collection and Use

The Company will inform data subjects of the purposes of data collection, use, or disclosure and obtain consent. Data collection and use are for business operations, such as procurement, contracts, transactions, communication, process improvement, or legal compliance. Data will be retained only as necessary for the stated purposes or as required by law.

      • 4.1 New purposes will require additional consent.
      • 4.2 Data may be processed in compliance with the Personal Data Protection Act or relevant laws.

5. Personal Data Disclosure

      • 5.1 Personal data will not be disclosed without consent and only for stated purposes.
      • 5.2 The Company may disclose data under legal requirements, such as to government agencies or regulators.

6. Data Security

      • 6.1 The Company implements measures to protect personal data against unauthorized access, alteration, or disclosure, consistent with its information security policies. Third parties processing data must adhere to confidentiality and security requirements.
      • 6.2 Employees are trained and encouraged to understand their roles in ensuring data protection compliance.

7. Data Subject Rights Data subjects have the following rights:

      • 7.1 Access and obtain a copy of their personal data.
      • 7.2 Be informed of data sources if not consented.
      • 7.3 Request corrections or updates.
      • 7.4 Request deletion or anonymization of data as permitted by law.
      • 7.5 Transfer data to another controller.
      • 7.6 Restrict data processing as allowed by law.
      • 7.7 Object to data collection, use, or disclosure.
      • 7.8 File complaints regarding data misuse.

To exercise your rights,click here
To report data breaches, download the form here and submit it to dpo@nslfoods.com

8. Policy Review and Amendments

The Company may update this policy periodically to reflect legal requirements, operational changes, or stakeholder feedback. Changes will be clearly communicated.

9. Contact Information

Data Protection Officer
Email: dpo@nslfoods.com
NSL Foods Public Company Limited
55/22 Moo 3, Bang Bua Thong-Sapan Nonthaburi Road (345), Lam Pho, Bang Bua Thong, Nonthaburi 11110, Thailand
Tel: +66 (0)2 525 8520-1 Fax: +66 (0)2 525 8538