Mahidol University International Geoscience Conference (MUIGC) Participants Personal Data Protection Policy

 

MUIGC organizing committee (hereinafter we) takes the protection of your personal information very seriously.  We ensure that your personal data will be protected according to the Personal Data Protection Act enacted by the Royal Government of Thailand.  Therefore, we have established this personal data protection policy to notify you, a participant of MUIGC.  You are entitled to know the details of how we process your personal data such as collect, use, or disclose of your personal data, to know your rights to access your personal data and how to contact us.  The following sections contain the information.

 

  1. Collection and Processing of Personal Data

In general, we collect your personal information by asking for such information from you directly and indirectly by various methods such as online application forms, paper application forms and acknowledgment letters sent from your department/agency/organization etc.

The detail of the types of personal data is as follows.

  1. Identity data e.g. title, first name, last name, type of participant and a photo
  2. Contact data e.g. home address, personal phone number, work phone number, email address
  3. Data obtained during your participation of MUIGC, such as photos, videos during activities, etc.
  4. Data of your job, such as job position, departments, other affiliations, etc.
  5. Data regarding opinions, expectations and satisfaction of participating in MUIGC
  6. Other personal data, such as preference of food (in case of catering for meals and breaks), the make of your vehicle and registration number (in case of reserving parking spaces for participants), etc.
  7. Screening information regarding the COVID-19 pandemic prevention measures

In some cases, we require a copy of your passport or national identity card to verify your identity.  Those identification cards might include sensitive personal data such as religion, philosophical beliefs and health data e.g. blood type.

Generally, we do not intend to collect and use these sensitive personal data for any specific purpose. If you have given us copies of your passport or national identity card contain such data, please direct us to exclude them and sign with your signature indicating that you entrust us to protect them with mutual knowledge from both parties.

 

  1. Purpose of Collecting and Usage of Personal Data

During the MUIGC, we may process your personal data for various purposes based on the following legal bases as follows

No. Objective Type of personal data Legal basis
1 To use for creating registration database as participants of MUIGC. Identity information, contact information, work information, payment information and convenience information Contractual Basis
2 To use for preparing the certificates, e-certificates, and conference proceeding. Identity information, contact information, event participation information and work information Contractual Basis
3 To manage and facilitate event participants, such as designing and arranging activities appropriately, liaising with participants, announcing names, preparing meals and snacks, reserving parking spots, recording videos, screening for COVID-19 pandemic prevention, organizing activities, etc. Identity information, contact information, event participation information, work information, convenience information, screening information according to epidemic prevention measures 1. Contractual Basis

2. Legitimate Interests
4 To use in legitimate interests such as photo/video recording during the event for posting on the website of MUIGC. To submit information to the department responsible for the internal audit process (Internal Audit) of MUIGC,

To improve the quality and process of organizing conferences. To analyze the data in the form of reports or statistical analysis for quality assurance of MUIGC. We will take steps to anonymize personal data before analyzing it.

 Identity information, contact information, event participation information, work information, information about opinions, expectations and satisfaction, convenience information, screening information according to epidemic prevention measures Legitimate Interests
5 To comply with relevant laws, such as when there is a request or a necessity to forward information to government agencies in case of legal investigation. Identity information, contact information, affiliated information Legal Obligation
6 To publicize and inform news to MUIGC participants via methods indicated by participants who can subscribe or unsubscribe at any time. Identity information, contact information Consent

 

  1. Duration of the Storage of Personal Data

We only store your personal data for a limited duration necessary for fulfilling purposes stated in section 2. In general, after the completion of MUIGC, we keep the data in the cloud service platforms for an additional 2 years.

 

  1. Personal Data Disclosure

We shall not disclose your personal data without your consent and shall disclose it solely for the above-mentioned purposes.  We use some cloud service platforms such as Google forms and Microsoft forms as data collection tools for registration and evaluation. After the completion of MUIGC, we keep the data in the cloud service platforms for an additional 2 years.

 

  1. Rights of Data Subject

          You, the data subject, can exercise your rights of your personal data by following the guidelines stated in the Personal Data Protection Act, B.E. 2562 (2019) enacted by the Royal Thai Government.  You can contact us regarding this matter by writing our data protection officer (DPO) with the address in section 8 of this document.  You are entitled to request any actions regarding your personal data as per the following:

5.1 Right to withdraw consent; however, any consent which was obtained earlier shall not be affected.

5.2 Right to access; to request access to and obtain a copy of the Personal Data related, including to request the disclosure of the acquisition of personal data obtained without your consent.

5.3 Right to data portability; to obtain and reuse your personal data for your own purposes across different services.

5.4 Right to object

5.5 Right to erasure

5.6 Right to restriction of processing;

5.7 Right to rectification

 

  1. Direction of Personal Data Protection

Our personal data protection officers assure that your personal data will be kept securely and appropriately.  We restrict the access of these data to prevent loss of data, modification and unauthorized use of the data.  This protocol is identical to information security policy of our country.

Furthermore, we promote and encourage employees to learn and recognize the duties and accountabilities in the collection, storage, usage, and disclosure of personal data. All employees are required to follow this policy and all guidelines regarding personal data protection in order for us to remain in compliance with the Personal Data Protection Act accurately and effectively.

 

  1. Review and Changes of Policy

          We may review this policy to ensure that it remains in adherence to laws, significant changes, and suggestions and opinions from other organizations.  We shall announce on our website and review amended policies thoroughly before implementing all the changes.

 

  1. Contact Information

If you have questions regarding our personal data protection policy, please contact our data protection officer (DPO) via the following address.

Mr.Tharathon Eakkajit

MUIGC Mahidol University Kanchanaburi Campus

199 Moo 9, Lumsum, Saiyok, Kanchanaburi 71150

Phone. +66 34 585058

E-mail: tharathon.eak@mahidol.edu