29 Sept 2023
One Stop Real Estate Group Co Ltd
Data Protection Policy
1. Introduction
This Data Protection Policy outlines our commitment to data protection and the principles and practices we follow to ensure compliance with Thailand’s Personal Data Protection Act BE 2562 (PDPA).
2. Scope
This policy applies to all personal data collected, processed, and stored by One Stop Real Estate whether in electronic or physical format. It covers data related to clients, employees, suppliers, and any other individuals whose data we may process.
3. Data Collection and Use
3.1. We collect and process personal data only for legitimate purposes, such as providing real estate services, managing client relationships, and fulfilling legal obligations.
3.2. Personal data collected may include names, contact information, property details, financial information, and other relevant information necessary for the provision of our services.
3.3. We obtain consent from individuals when required by law or when processing personal data for purposes not covered by the original consent.
4. Data Security
4.1. We implement appropriate technical and organizational measures to safeguard personal data from unauthorized access, disclosure, alteration, or destruction.
4.2. Access to personal data is restricted to employees and authorized personnel on a need-to-know basis.
5. Data Retention
5.1. Personal data will be retained for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations.
6. Data Subject Rights
6.1. We respect data subjects' rights under the PDPA, including the right to access, rectify, delete, and object to the processing of their personal data.
6.2. Data subjects can exercise their rights by contacting our Data Protection Officer. (
7. Data Transfers
7.1. We may transfer personal data to third parties, including service providers and partners, as necessary for the provision of our services. We ensure that appropriate data protection measures are in place when such transfers occur.
8. Data Breach Notification
8.1. In the event of a data breach that poses a risk to individuals' rights and freedoms, we will notify the relevant authorities and affected individuals in accordance with applicable laws.
9. Compliance and Training
9.1. We regularly review and update our data protection policies and practices to ensure compliance with relevant data protection laws.
9.2. Employees and relevant personnel are trained on data protection principles and their responsibilities in protecting personal data.
10. Contact Information
For inquiries, requests, or concerns related to data protection or this policy, please contact our Data Protection Officer (DPO) at [email protected]