Business Operation and Operating Results Corporate Governance Financial Statements Attachments
● Privacy policy
The Company recognizes the importance of personal data and other information about individuals
(collectively referred to as the "Data") and is committed to securing Data as well as privacy of Data, so
that the data subject can be confident that the Company will collect, compile, use, disclose or transfer
Data of the data subject transparently and responsibly pursuant to the Personal Data Protection Act, B.E.
2562 (2019) and other relevant laws. Therefore, in order to comply with the applicable law, the Company
has prepared a Personal Data Protection Notice to clarify to the data subject on details about collection,
compilation, use, and disclosure of Data of the data subject including channels and processes for handling
complaints regarding personal data issues as per details in the Personal Data Protection Policy publicized
on the Company's website. This covers material issues on information system security, data access control
and encryption control by preparing a practical manual on data security and information system, as well
as arranging a cyber security protection training to the employees to cultivate their awareness.
!
DPO
Since 2022, the Company has appointed the Personal
Data Supervisory Committee, the Data Controller, the Data
Protection Officer, and the Personal Data Working Group to
ensure that the operations relevant to personal data protection
of the Company shall be efficiently and securely conducted and
conformed to the Personal Data Protection Act B.E. 2562 (2019)
and the relevant and additional notifications. Moreover, during
2022-2023, the Company applied the t-reg PDPA Platform to
facilitate the management of personal data of customers, business
partners and persons who are interested in the Company’s business by searching information via the
Company’s website including training on personal data awareness for employees in the organization. The
Company assigned the Assistant Manager of Legal Department as the Data Protection Officer (DPO) to
supervise and maintain all personal data within the organization, whether it is internal or external information
of the organization, as well as to give advice, inspect and supervise usage of personal data pursuant to
the personal data protection laws.
In 2025, the Company did not have any complaints or incidents related to personal data at all.
● Internal Control System
The Company realizes the importance of the internal control system in both executive and
operation levels. In order to control the shareholders’ capital and the Company’s protect assets, the
Company has set up the operational guidelines to increase the efficiency of the internal control system.
These guidelines become the operational policy and identify the duties and operational power of the
operators and the executives in writing. The duties of operators, supervisors and assessors are segregated.
The policy also controls the Company’s assets deployment to maximize its benefits.
120
Annual Registration Statement / Annual Report 2025
(Form 56-1 One Report)