Siam Refractory Industry Co., Ltd. (as specified in the annex hereto) (hereinafter referred to as the “Company” or “we”) respects the privacy rights of its customers, including natural persons acting on behalf of customers that are juristic persons (hereinafter referred to as “you”). To ensure that your personal data is adequately protected, this Privacy Policy has been established to inform you of details regarding the collection, use, disclosure (collectively referred to as “processing”), deletion, and destruction of your personal data through online channels and other channels, in accordance with applicable personal data protection laws, as follows:

 

1. Purposes of Personal Data Processing

1.1 For the purpose of taking steps at your request prior to entering into a contract or for the performance of a contract to which you are a party, such as the sale of goods and/or provision of services to you, or compliance with any contract to which you are a party. This includes, but is not limited to, managing your user account, product delivery, account and financial processing, after-sales services, product returns, and any actions necessary to ensure that you receive goods and/or services, or as requested by you, including actions related to the granting of franchise rights.

1.2 For our legitimate interests or the legitimate interests of third parties:

• (1) To enable us to manage, develop, and operate our business, including actions related to franchise rights, management and development of products and/or services (including websites and applications), fraud detection and prevention or other criminal activities, customer and prospective customer relationship management, and IT system maintenance and usage.
• (2) For security purposes, such as implementing security measures, including personal data protection, access to our premises, and login access to websites or applications.
• (3) For marketing and data analysis purposes, such as sending information and privileges via email, SMS, applications, social media, telephone, or direct mail, including market research activities such as surveys and interviews.
• (4) For the establishment, exercise, or defense of legal claims.

1.3 To prevent or suppress dangers to life, body, or health of you or other persons, such as emergency contact and communicable disease control and prevention.

1.4 To comply with legal obligations, including compliance with laws, regulations, and orders of competent authorities.

1.5 For the performance of tasks carried out in the public interest or the exercise of official authority vested in us.

1.6 Where you have given your consent, we may process your personal data for the following purposes:

• (1) To allow us, our affiliated companies, and partners to send information and benefits to you via email, SMS, applications, social media, telephone, and direct mail.
• (2) To conduct activities beyond those mentioned above, which may require the collection of additional personal data, in which case we will notify you and seek your consent on a case-by-case basis.

Details regarding consent are provided in Section 4.

 

2. Personal Data Collected

2.1 When you purchase goods and/or services, register as a member on our website or application, or apply for privileges or benefit cards (such as SCG Family), we may collect the following personal data:

• (1) Personal information, such as first name, last name, date of birth, marital status, address, information shown on national ID cards or passports, Facebook ID, Line ID, photographs of residence, house plans, chat history, and health history (only where health-related services are used).
• (2) Contact information, such as email address, telephone number, address, social media contact channels, and workplace.
• (3) Employment information, such as occupation, position, and work experience.
• (4) Purchase and service information, such as purchase history, product claim history, and complaints.
• (5) Financial information, such as bank account numbers, credit/debit card information, income data, benefits received, payment history.
• (6) Information provided when you contact us, receive after-sales services, participate in research, or interviews.

2.2 When you visit and/or purchase products online, or access our website or applications, we may collect:

• (1) Registration information, such as name, email address, mobile phone number, and password.
• (2) Device information, such as IP address, location data, and other device identifiers.
• (3) Browser type and version, including browser plug-in types and versions.
• (4) Time zone settings.

2.3 When you visit our stores or premises, we may collect visual data, images, or video recordings via CCTV cameras, which may identify you. We do not record audio via CCTV. Notice signs will be posted before entering CCTV-monitored areas.

2.4 When you contact us or participate in activities, such as contacting our Contact Center, customer satisfaction surveys, or promotional activities, we may collect:

• (1) Personal data, such as name, date of birth, photographs, national ID number, driver’s license number, passport number, and health information.
• (2) Contact information, such as email address, telephone number, and address.
• (3) Participation information, such as history of participation and photographs from activities.

2.5 We may need to collect and process special categories of personal data as defined by personal data protection laws for the purposes stated in this Privacy Policy, such as:

• (1) Biometric data (e.g., facial recognition, fingerprints) for security and identification purposes.
• (2) Information appearing on national ID cards (e.g., religion) used for identity verification or tax-related purposes, even where products or services are not directly related to such data.
• (3) Health data, such as food allergy information, for use in activities.

2.6 Special categories of personal data will be processed only with your explicit consent or as permitted by law, and we will implement appropriate security measures to protect such data.

2.7 In the case of franchise arrangements, we may collect relevant personal data (e.g., of directors, employees, operators, and customers of franchisees), including:

• (1) Personal information, such as name, nickname, date of birth, photographs, and information shown on national ID cards and/or driver’s licenses.
• (2) Contact information, such as telephone numbers, email addresses, physical addresses, social media contact channels, and business fax numbers.
• (3) Employment information, such as occupation, position, start date, type of work, factory affiliation, and work and training history.
• (4) Educational background information.

 

3. Cookies

We use cookies to collect personal data in accordance with our Cookie Policy.

 

4. Consent and Consequences of Consent Withdrawal

4.1 Where personal data processing is based on your consent, you have the right to withdraw your consent at any time. Such withdrawal will not affect the lawfulness of processing carried out prior to the withdrawal.

4.2 Withdrawal of consent or refusal to provide certain data may result in our inability to achieve some or all of the purposes set out in this Privacy Policy.

4.3 If you are under 20 years of age, please provide the details of your legal guardian so that we may obtain consent from such guardian before processing your personal data.

 

5. Retention Period of Personal Data

5.1 We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is permitted by law. Where a specific retention period cannot be determined, data will be retained for a period reasonably expected under collection standards (e.g., up to 10 years under general statutory limitation periods).

5.2 We have systems in place to review and delete or destroy personal data once the retention period has expired or where the data is no longer necessary.

5.3 Where processing is based on consent, we will process your personal data until your withdrawal of consent has been completed. However, we may retain limited information necessary to record your consent withdrawal for future reference.

 

6. Disclosure of Personal Data to Third Parties

6.1 We may disclose and share your personal data with:

• (1) Individuals and entities outside our corporate group for the purposes described in this Privacy Policy, such as distributors, logistics providers (e.g., postal services), service providers acting under our control, transactional and financial service providers (e.g., banks, payment processors), technology providers (e.g., cloud services, blockchain systems, SMS services, data analytics), IT system providers, auditors, insurance companies, consultants, government authorities (e.g., Revenue Department, Anti-Money Laundering Office), and other necessary parties.

6.2 We require recipients of personal data to implement appropriate data protection measures and to process personal data only as necessary, preventing unauthorized use or disclosure.

 

7. International Transfer of Personal Data

7.1 We may transfer your personal data to affiliated companies or other parties abroad where necessary for contract performance, fulfillment of pre-contractual requests, protection of vital interests, legal compliance, or performance of tasks in the public interest.

7.2 Your data may be stored on servers or cloud systems operated by third-party service providers or processed using third-party software or platforms, subject to strict access and security controls.

7.3 International transfers will be carried out in compliance with personal data protection laws, with appropriate safeguards to ensure adequate protection of your personal data and your rights.

 

8. Personal Data Security Measures

8.1 We implement appropriate technical and organizational security measures to protect personal data against loss, unauthorized access, use, disclosure, misuse, alteration, or destruction, including encryption and access controls.

8.2 Security measures are regularly reviewed and updated as necessary to maintain appropriate protection in line with technological developments.

 

9. Your Rights as a Data Subject

9.1 You have rights under personal data protection laws, including the right to:

• (1) Withdraw consent.
• (2) Access and obtain a copy of your personal data and information on its source.
• (3) Request data portability where applicable.
• (4) Object to processing.
• (5) Request deletion, destruction, or anonymization.
• (6) Request suspension of processing.
• (7) Request rectification of inaccurate or incomplete data.
• (8) Lodge a complaint with the Personal Data Protection Committee in the event of legal non-compliance.

We will respond to your request within 30 days of receipt, in accordance with applicable laws.

9.2 You may exercise your rights via the “Privacy Settings and Rights” section on the website www.siamrefractory.com where you provided your personal data.

 

10. Data Controller and Data Protection Officer

10.1 Data Controller :
Siam Refractory Industry Co., Ltd.
Address :  No. 1 Siam Cement Road, Bang Sue Subdistrict, Bang Sue District, Bangkok 10800

10.2 For inquiries regarding personal data protection, please contact:
Email :  sricmkt@scg.com

 

If there are any changes to this Privacy Policy, we will publish the updated version on this website. You are encouraged to review this Privacy Policy periodically. The revised Privacy Policy shall take effect immediately upon publication.