Privacy statement/Privacy policy for our websites
1.Introduction
This Privacy Statement forms part of the Term of Use and Terms and Conditions of Booking of Tesoltree Courses.
This Privacy Statement provides information about the different types of personal data that we collect and the ways in which we use it and your data protection rights, including a right to object to some of the processing which we carry out.
It applies to all those who visit our Sites and interact with us online through our websites:
-
and any other website run by us from time to time
This Privacy Statement also applies to personal data collected in connection with course booking process by means of a printed form which you (or the person who fills it on your behalf) has downloaded from the Sites or has obtained by participating in a Tesoltree event.
Access to each Site and the use of information contained in each Site is governed by the relevant Terms of Use. If you register for training, you will also be subject to specific terms and conditions of booking which are for the protection of both you and Tesoltree, so we advise that you please take the time to read them carefully. In addition, you are advised to read our Data Protection Policy. The contents of the Sites, including their terms and conditions, are subject to change by us without notification to you. We accept no responsibility or liability for keeping the information in the Sites up to date or for any failure to do so.
We are not responsible for the content or privacy practices of other websites. Any external links to other websites are clearly identified as such.
2.Our role
Tesoltree is the data controller in respect of any personal information we collect about you.
As a data controller, we are committed to protecting your privacy at all times in accordance with all applicable laws and regulations governing the use or processing of personal data, including (where applicable) Thailand Personal Data Protection Act 2018 (“PDPA”), the General Data Protection Regulation (“GDPR”) and any subsequent data protection legislation, whichever is in force in Thailand at the relevant time.
By simply visiting our Sites, you do not disclose, nor do we collect, personal data about you.
3.When and what personal information do we collect?
(a) When you visit our Site(s)
The information collected about your visits to our Site(s) is limited to technical data such as for example:
-
the Internet address (or IP address) of the device you used to access the Sites;
-
whether you reached the Sites using a search engine or if you clicked a link on another website;
-
the type of web browser you used; and\
-
the type of device you used to access the Internet.
We use this data for administrative and statistical purposes as well as to help us improve our Sites. More information about the technical information we collect about your visits to our Sites and the purposes for which we collect it can be found in our Cookie Policy.
Most websites use cookies in order to improve the visitor experience by enabling that website to ‘remember’ you, either for the duration of your visit (using a ‘session cookie’) or for repeat visits (using a ‘persistent cookie’). Cookies may be set by the website you are visiting (‘first party cookies’) or they may be set by other websites who run content on the page you are viewing (‘third party cookies’). For further information on Internet browser cookies please see our Cookie Policy.
(b) Information you give to us directly
We will collect certain personal information about you when you interact with us, for example when you complete an online form on one of our Sites (including our online “Contact Us” forms and/or when you subscribe to our newsletter), or a printed form which you (or the person who fills it on your behalf) have downloaded from the Sites or obtained by participating in a Tesoltree event or webinar, when you respond to a survey, when you register as a user on our Site(s), where you post entries on our online forums and every time you send us an email of contact us by other means.
We may collect the following information from you:
-
Your full name and contact details, including email address, postal address, telephone number;
-
Other information about your application provided on your application form;
-
Information necessary to verify your identity, such as the details and/or a copy of your passport, ID card or other identity documentation;
-
Profile information if you register on our Site(s);
-
Information about your communication preferences;
-
Payment information, when you make a payment through our Site(s), by telephon;
(c) Information we obtain indirectly
Your personal information may be shared with us by third parties. For instance, we may receive it from your training provider.
4.Special categories of data
Data protection law recognises certain categories of personal information as sensitive and therefore requiring more protection. These categories of data include information about health, ethnicity, and political opinions.
We may collect and/or use special categories of data in connection with the provision of our services, for example in order to make adjustments for any disabilities you may have. We may also collect ethnicity data from you (should you choose to provide it) to identify and keep under review the existence or absence of equality of opportunity or treatment.
5.How we use your personal information
We may use your personal information for one or more of the following purposes (depending on the nature of our relationship, and whether you are just visiting our Sites, interacting with us online or registering a training course):
-
providing, improving and personalising our services and our Sites;
-
providing you with information and news about our products and programmes of events, such as our syllabuses, publications, webinars or conferences, if you have requested to receive our newsletters or if you are our existing or former customer.
-
dealing with your enquiries and requests or those made on your behalf by anyone who bought one of our products on your behalf;
-
considering and processing your application for one of our training courses or services, and communicating with you in connection with your registration and training results, including by providing you a copy of your training certificate if you successfully qualify your training course;
-
carrying out necessary checks to verify your identity, as may be necessary as part of our training course registration process;
-
fulfilling an order you make to purchase any products or services from us;
-
preventing or suppressing a danger to your life, body or health during training;
-
providing booking services when you register for our events;
-
promoting or advertising the company’s products or services under the agreement or express consent of you;
-
retaining a record of incoming and outgoing communications (e.g. e-mail, telephone call). Information in the e-mail we receive and send will not be disclosed to any third party without the permission of the sender unless otherwise in accordance with the applicable data protection laws;
-
providing you access to downloadable support resources (if available on the relevant Site);
-
inviting you to participate in marketing and academic surveys, if you have specifically consented to receive such communications or if you are our existing of former customer;
-
administering registered user records;
-
verifying and carrying out financial transactions in relation to payments made by you;
-
administering our online forums (when such functionality is available on our Site(s));
-
generating anonymous reports about the use of our Sites and our services (including about qualifications);
-
to further our charitable aim in general;
-
to satisfy legal obligations which are binding on us;
-
for the prevention of fraud or misuse of service; and
-
for the establishment, defence of enforcement of legal claims.
6.Marketing communications and your rights
Tesoltree operates a strict ‘opt-in’ policy for individuals. That means we will not send you any information unless you have requested to receive email/text/social media message updates from us.
For legal entities, such as companies, limited liability partnerships and other incorporated organizations, Tesoltree operates, in compliance with the relevant data protection laws, an ‘opt-out’ policy. This means that we will continue to contact such businesses with news and information of our goods and services until we are informed that this communication is no longer required.
You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by clicking on the unsubscribe link in the relevant email or message or by emailing us at nitisak@tesoltree.com. Once this information is received we will remove you from our direct marketing database.
The above rights may be limited in some instances, for example if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are included in both the GDPR and in the PDPA. We will inform you of relevant exemptions we rely upon when responding to any request you make.
​
7.Lawful processing
We are required to rely on one or more lawful grounds to collect and use the personal information that we have outlined above. The following are applicable, depending on the context:
(a) Consent
Where you have provided your consent for our use of your personal information in a certain way, for example where we ask for your consent to send you our newsletter.
(b) Legal obligation
Where the processing of your personal information is necessary for us to comply with a legal obligation to which we are subject e.g.to comply with our obligation to provide reasonable adjustments to candidates with disability.
(c) Contractual relationship
Where it is necessary for us to process your personal information in order to perform a contract to which you are a party (or to take steps at your request prior to entering a contract), for example to provide our training/academic services to you.
(d) Legitimate interests
We rely on this basis where applicable law allows us to collect and use personal information for our legitimate interests and the use of your personal information is fair, balanced, and does not unduly impact your rights. For instance, it is in our legitimate interest to process personal data of any person who contacts us with an enquiry, in order to respond to such enquiry.
For the data processing based on our legitimate interests described above, you can obtain information by contacting us using the details set out later in this notice.
8. Sharing your Personal Data
We will not sell, rent or lease your personal information to others.
We will only share personal information we collect from you with:
-
our national and local representatives who deliver information and services in relation to our training courses in your locality;
-
the schools, colleges, education centres, local authorities and any other entity that provide training courses preparing for a qualification awarded by us, to the extent necessary to provide them with information about your results;
-
those persons or bodies contracted by us to carry out the roles of examiner, marker, advisor, moderator, tutor, consultant, representative or other similar roles on our behalf in the context of our provision of qualifications;
-
the service providers we engage to process results data and produce qualification certificates on our behalf;
-
our marketing automation tool service providers, for the purpose of managing email lists and issuing communications on our behalf;
-
as required by law any government bodies or agencies.
We may disclose your personal information to selected third party processors (such as agents and our suppliers) but only in connection with our own processing purposes, as outlined above in paragraph 5. Any such third party will be required to use any personal data they receive from us in accordance with our instructions and the applicable PDPA and GDPR.
We reserve the right to disclose your personal information to third parties:
-
in the event that we buy or sell any business or assets, in which case we will disclose your personal information to the prospective buyer or seller or such business or assets;
-
if substantially all of our assets are acquired by a third party, personal information held by us may be one of the transferred assets;
-
for auditing purposes e.g. finance audits where we employ chartered accountants;
-
if we are under any legal or regulatory obligation to do so; and
-
in connection with any legal proceedings or prospective legal proceedings, in order to establish, exercise or defend our legal rights.
9.Payment transactions
Credit card online payment transactions from www.trinitytesolthailand.com is either handled via Paypal. We are not responsible for the contents of the privacy policies, which can be found at:
Paypal: https://www.paypal.com/en/webapps/mpp/ua/privacy-full
10.International data transfers
As we sometimes use third parties to process personal information, it is possible that personal information we collect from you will be transferred to and stored in a location outside the Thailand.
Please note that certain countries outside of Thailand have a different standard of protection for personal information, including lower security protections. Where your personal information is transferred, stored, and/or otherwise processed outside Thailand in a country which does not offer an equivalent standard of protection to Thailand, we will take all reasonable steps necessary to ensure that the recipient implements appropriate safeguards designed to protect your personal information. If you have any questions about the transfer of your personal information, please contact us.
11.Security of Data
Tesoltree takes seriously its security obligations in respect of your personal data under the PDPA in order to prevent unauthorised access to, or alteration or destruction of personal data in our possession.
We will endeavour to take all reasonable steps to protect your personal information. All the personal information we collect is stored securely on servers and we use secure internet protocols and secure networks to protect data collection and processing.
Any payment transaction from our Sites will be encrypted. While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason, we cannot guarantee the security or integrity of any personal data that are transferred via the internet. If you have any particular concerns about your information, please contact us.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
12.How long do we keep your personal information?
We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Information which is necessary to verify or confirm exam results may be kept by us indefinitely. For further detail about the periods for which we retain personal data and the criteria determined for setting these periods, please see our Data Protection Policy.
13.Your rights
Where we rely on your consent to use your personal information, you have the right to withdraw your consent, please see our Data Protection Policy.