PRIVACY STATEMENT

MJets and Affiliated Companies (MJets) respect your privacy and is committed to protecting your personal data. This Privacy Statement will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.

By using any of the functions on this website and/or by agreeing to this Statement, e.g. in the context of registering for information on our businesses, onboarding as a vendor/supplier etc., you understand and acknowledge that we will collect and use personal information as described in this Statement.

It is important that you read this Statement together with any other Privacy Statement or Fair Processing Statement we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Statement supplements other notices and privacy policies and is not intended to override them. Each of our individual business units within our portfolio may use your data differently. It is important that you consult the privacy statements and notices of those individual businesses you interact with.

This Privacy Statement is primarily intended for stakeholders with a commercial relationship (such as suppliers & vendors), investment relationship (such as business partners & investors, shareholders and equity analysts), and more general interactions (media partners, whistleblowers, and the general public).

This Privacy Statement is provided in a layered format, so you can click through to the specific areas set out below.

1. Data controller

This Privacy Statement is issued on behalf of MJets and Affiliated Companies (MJets) so when we mention "we", "us" or "our" in this Privacy Statement, we are referring to the relevant entity within MJets responsible for processing your data.

This Website
The Data Controller of this website is MJets, with registered address at 88 The Parq Building, 12th Fl. Ratchadaphisek Road, Klongtoey Subdistrict, Klongtoey District, Bangkok Metropolis 10110, Thailand. If you have any questions regarding this Privacy Statement you can reach us via dpc@mjets.com

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy statement of every website you visit.

2. How is your personal data collected?
This Privacy Statement also aims to give you information on how MJets collects and processes your personal data through your use of this website, and other services provided by MJets (“Services”) from which you are accessing this Privacy Statement, including any data you may provide when you use our:

● Online services, such as websites owned or controlled by MJets and Affiliated Companies, web and mobile applications, social media pages, HTML-formatted email messages; or
● Offline interactions, when you visit our offices, reach out via phone, or through other offline interactions.
We use different methods to collect data from and about you including through this website:
● Direct interactions. You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide online when you register through our supplier portal, sign up for a newsletter or submit an online form. We collect personal data offline, when you visit our offices, use services within our portfolio of businesses, or submit an online form.
● Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, and other similar technologies. To learn more, please see our cookie statement for further details.
● Security Systems. When you visit our offices, information may be collected about you through such properties’ closed-circuit television systems, electronic key cards and other security systems.
● Third parties or publicly available sources. We will receive personal data about you from various third parties and public sources including business partners, and social media and networking platforms.

3. Purposes for which we will use your personal data    
This Privacy Statement informs you of how we collect, use or disclose your personal data, what and why we collect, use or disclose your personal data, how long we hold it, your rights, what steps we will take to make sure your personal data stay private and secure, and how you can contact us.

4. The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (“Aggregate Data”).

We may collect, use, store and transfer different kinds of personal data about you which we have arranged according to the different purposes as follows:

● Contact information (such as name, email address, mailing address, and phone number);
● Identity data (such as username or similar identifier, nationality, and supporting documents when entering into contracts to fulfill our contractual obligations.)
● Financial information (including company registration information, investments, billing address, and bank account information);
● Demographic data (such as age, gender, country, marital status, dependents, and preferred language);
● Information necessary to fulfill your requests;
● Prior activity participation (such as workshops, and training);
● Copies of your correspondence if you contact us;
● Feedback and survey responses;
● Information collected through closed-circuit television systems, card key and other security systems;
● Information related to your use and interaction with our website and network; and
● Information as requested by government authorities to fulfill our legal obligations.

We do not collect the following special categories of Personal Data about you: religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, and genetic and biometric data. We may collect information about criminal convictions and offences as part of our internal risk auditing processes. We may collect data about your health such as occupational safety incidents or other information that you provide to us. We may collect information about race or ethnicity for reporting purposes.

5. Disclosures of personal data
Our goal is to provide you with the highest level of Services, and to do so, we share Personal Data with the following parties:

● MJets and Affiliated Companies. We disclose Personal Data to other companies, affiliates and subsidiaries, such as for addressing feedback, requests for information, maintaining our services, and our business purposes. MJets Limited is the party responsible for the management of the jointly controlled Personal Data.
● Strategic Business Partners. We disclose Personal Data and Other Data to business partners such as corporate sustainability assessors and potential investors.
● Service Providers. We disclose Personal Data to third-party service providers for the purposes described in this Privacy Statement. Examples of service providers include companies that provide website hosting, data analysis, information technology and related infrastructure provision, human resource management companies, accounting and external auditing firms, consultants, insurance brokers and banks.
● Public administrations and polices bodies. We disclose Personal Data to public administrations and polices under requirement in order to comply with obligations under the regulations and cooperate with these entities in the performance of their duties.

We require all third parties to respect the security of your personal data and to process it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6. International transfers
We may transfer your Personal Data to another jurisdiction, insofar as it is necessary to fulfill the purpose for which Personal Data was collected. 

Where Personal Data is transferred to a country with a lower level of data protection as compared to the country in which the information was collected, we take all reasonable steps to ensure that your information and privacy are protected in line with the applicable legal obligations. Whenever we transfer your personal data, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

● Where we use certain service providers, we may use data processing contractual clauses that provide sufficient protection measures and enable the enforcement of the data subject’s rights.
● MJets could use the consent of the data subjects as well as any other legal basis that the applicable law provides.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data.

7. Data retention
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you according to any applicable law guidelines. 

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements of the applicable country.

MJets would like to inform you about the following retention period:

● Your personal data involved in the processing under lawful grounds the contractual relationship will be stored for the entire duration of the contractual relationship and once it has ended until the responsibilities for both parties expire.
● Your personal data involved in the processing under lawful grounds of legal obligation, will be stored until the completion of this obligation.
● Your personal data involved in the processing under lawful grounds of legitimate interest, will be stored until the end of this interest.
● Your personal data involved in the processing under lawful grounds of consent, will be until this consent is withdrawn. In the case of communications, you may opt-out through the means provided in each of these communications.

Details of retention periods for different aspects of your personal data are available in our Data Retention Policy which you can request by contacting us.

8. Your rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data as followings;.
● The right to be informed about the purpose of collecting and processing the data.
● The right to withdraw the given consent.
● The right to access and obtain the data collected from you.
● The right to object the collection, use, and disclosure of your data.
● The right to restrict the use of your data.
● The right to correction of your data.
● The right to transfer your data to another data controller.
● The right to have your data erased, destroyed, or anonymized. 

Contact Us
If you wish to exercise any of the rights set out above, please contact us.
Email: dpc@mjets.com; or
Post: 88 The Parq Building, 12th Fl. Ratchadaphisek Road, Klongtoey Subdistrict, Klongtoey District, Bangkok Metropolis 10110, Thailand

Under certain circumstances where applicable law permits, you also have the right to lodge a complaint with a competent data protection supervisory authority.

What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond
We try to respond to all legitimate requests within one month or within the timeframe as specified by the applicable data protection legislation. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. In any event that the data controller requires additional information/documents from the Data Subject, time to respond shall be paused and once all required information/documents are received, time to respond shall be resumed.

9. Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

10. Cookies
We use cookies (small text files stored in your browser) and other techniques such as web beacons (small, clear picture files used to follow your movements on our website). These collect information that tells us how you use our website and web-related services. We use these to compile statistical reports on website activity.

This helps us make our website relevant to your interests and needs. We may use a persistent cookie (a cookie that stays linked to your browser) to record your details so we can recognize you if you visit our website again.
You can choose to refuse cookies or set your browser to let you know each time a website tries to set a cookie. For further information on cookies, visit www.aboutcookies.org or www.allaboutcookies.org where you can also find information on how to turn them off.

The type of cookies we use on this site include:

● Strictly Necessary Cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

● Analytics Cookies: We use these cookies to analyse and identify the behavior of our web visitors. We will track the IP address on the device you are using to identify you when visiting our website. When possible, we combine your online web behavior data with the personal data that you have previously supplied to us. This data will be used to analyse behavior on our website and to personalise your experience.

You may disable any of these cookies via your browser settings.

11. Liability
You guarantee that you have informed any third parties whose data you are providing, if you have done so, of the points covered in this Privacy Statement. In addition, you guarantee that their authorization has been obtained to provide their data to MJets for the indicated purposes.
You will be liable for any false or inaccurate information provided and for direct or indirect damage caused to MJets or to third parties.

12. Changes to this Privacy Statement
We keep our Privacy Statement under regular review as per the requirements of applicable laws and regulations at least annually, and whenever changes to such laws and regulations are made, privacy policies and procedures are revised to conform with the requirements of applicable laws and regulations. Your use of the Services following these changes means that you accept the revised Privacy Statement. If you would like to review the version of the Privacy Statement that was effective immediately prior to this revision, please contact us at dpc@mjets.com.  

It is also important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

1. Data controller

This Privacy Statement is issued on behalf of MJets and Affiliated Companies (MJets) so when we mention "we", "us" or "our" in this Privacy Statement, we are referring to the relevant entity within MJets responsible for processing your data.

This Website
The Data Controller of this website is MJets, with registered address at 88 The Parq Building, 12th Fl. Ratchadaphisek Road, Klongtoey Subdistrict, Klongtoey District, Bangkok Metropolis 10110, Thailand. If you have any questions regarding this Privacy Statement you can reach us via dpc@mjets.com

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy statement of every website you visit.

2. How is your personal data collected?
This Privacy Statement also aims to give you information on how MJets collects and processes your personal data through your use of this website, and other services provided by MJets (“Services”) from which you are accessing this Privacy Statement, including any data you may provide when you use our:

● Online services, such as websites owned or controlled by MJets and Affiliated Companies, web and mobile applications, social media pages, HTML-formatted email messages; or
● Offline interactions, when you visit our offices, reach out via phone, or through other offline interactions.
We use different methods to collect data from and about you including through this website:
● Direct interactions. You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide online when you register through our supplier portal, sign up for a newsletter or submit an online form. We collect personal data offline, when you visit our offices, use services within our portfolio of businesses, or submit an online form.
● Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, and other similar technologies. To learn more, please see our cookie statement for further details.
● Security Systems. When you visit our offices, information may be collected about you through such properties’ closed-circuit television systems, electronic key cards and other security systems.
● Third parties or publicly available sources. We will receive personal data about you from various third parties and public sources including business partners, and social media and networking platforms.

3. Purposes for which we will use your personal data    
This Privacy Statement informs you of how we collect, use or disclose your personal data, what and why we collect, use or disclose your personal data, how long we hold it, your rights, what steps we will take to make sure your personal data stay private and secure, and how you can contact us.

4. The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (“Aggregate Data”).

We may collect, use, store and transfer different kinds of personal data about you which we have arranged according to the different purposes as follows:

● Contact information (such as name, email address, mailing address, and phone number);
● Identity data (such as username or similar identifier, nationality, and supporting documents when entering into contracts to fulfill our contractual obligations.)
● Financial information (including company registration information, investments, billing address, and bank account information);
● Demographic data (such as age, gender, country, marital status, dependents, and preferred language);
● Information necessary to fulfill your requests;
● Prior activity participation (such as workshops, and training);
● Copies of your correspondence if you contact us;
● Feedback and survey responses;
● Information collected through closed-circuit television systems, card key and other security systems;
● Information related to your use and interaction with our website and network; and
● Information as requested by government authorities to fulfill our legal obligations.

We do not collect the following special categories of Personal Data about you: religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, and genetic and biometric data. We may collect information about criminal convictions and offences as part of our internal risk auditing processes. We may collect data about your health such as occupational safety incidents or other information that you provide to us. We may collect information about race or ethnicity for reporting purposes.

5. Disclosures of personal data
Our goal is to provide you with the highest level of Services, and to do so, we share Personal Data with the following parties:

● MJets and Affiliated Companies. We disclose Personal Data to other companies, affiliates and subsidiaries, such as for addressing feedback, requests for information, maintaining our services, and our business purposes. MJets Limited is the party responsible for the management of the jointly controlled Personal Data.
● Strategic Business Partners. We disclose Personal Data and Other Data to business partners such as corporate sustainability assessors and potential investors.
● Service Providers. We disclose Personal Data to third-party service providers for the purposes described in this Privacy Statement. Examples of service providers include companies that provide website hosting, data analysis, information technology and related infrastructure provision, human resource management companies, accounting and external auditing firms, consultants, insurance brokers and banks.
● Public administrations and polices bodies. We disclose Personal Data to public administrations and polices under requirement in order to comply with obligations under the regulations and cooperate with these entities in the performance of their duties.

We require all third parties to respect the security of your personal data and to process it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6. International transfers
We may transfer your Personal Data to another jurisdiction, insofar as it is necessary to fulfill the purpose for which Personal Data was collected. 

Where Personal Data is transferred to a country with a lower level of data protection as compared to the country in which the information was collected, we take all reasonable steps to ensure that your information and privacy are protected in line with the applicable legal obligations. Whenever we transfer your personal data, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

● Where we use certain service providers, we may use data processing contractual clauses that provide sufficient protection measures and enable the enforcement of the data subject’s rights.
● MJets could use the consent of the data subjects as well as any other legal basis that the applicable law provides.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data.

7. Data retention
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you according to any applicable law guidelines. 

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements of the applicable country.

MJets would like to inform you about the following retention period:

● Your personal data involved in the processing under lawful grounds the contractual relationship will be stored for the entire duration of the contractual relationship and once it has ended until the responsibilities for both parties expire.
● Your personal data involved in the processing under lawful grounds of legal obligation, will be stored until the completion of this obligation.
● Your personal data involved in the processing under lawful grounds of legitimate interest, will be stored until the end of this interest.
● Your personal data involved in the processing under lawful grounds of consent, will be until this consent is withdrawn. In the case of communications, you may opt-out through the means provided in each of these communications.

Details of retention periods for different aspects of your personal data are available in our Data Retention Policy which you can request by contacting us.

8. Your rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data as followings;.
● The right to be informed about the purpose of collecting and processing the data.
● The right to withdraw the given consent.
● The right to access and obtain the data collected from you.
● The right to object the collection, use, and disclosure of your data.
● The right to restrict the use of your data.
● The right to correction of your data.
● The right to transfer your data to another data controller.
● The right to have your data erased, destroyed, or anonymized. 

Contact Us
If you wish to exercise any of the rights set out above, please contact us.
Email: dpc@mjets.com; or
Post: 88 The Parq Building, 12th Fl. Ratchadaphisek Road, Klongtoey Subdistrict, Klongtoey District, Bangkok Metropolis 10110, Thailand

Under certain circumstances where applicable law permits, you also have the right to lodge a complaint with a competent data protection supervisory authority.

What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond
We try to respond to all legitimate requests within one month or within the timeframe as specified by the applicable data protection legislation. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. In any event that the data controller requires additional information/documents from the Data Subject, time to respond shall be paused and once all required information/documents are received, time to respond shall be resumed.

9. Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

10. Cookies
We use cookies (small text files stored in your browser) and other techniques such as web beacons (small, clear picture files used to follow your movements on our website). These collect information that tells us how you use our website and web-related services. We use these to compile statistical reports on website activity.

This helps us make our website relevant to your interests and needs. We may use a persistent cookie (a cookie that stays linked to your browser) to record your details so we can recognize you if you visit our website again.
You can choose to refuse cookies or set your browser to let you know each time a website tries to set a cookie. For further information on cookies, visit www.aboutcookies.org or www.allaboutcookies.org where you can also find information on how to turn them off.

The type of cookies we use on this site include:

● Strictly Necessary Cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

● Analytics Cookies: We use these cookies to analyse and identify the behavior of our web visitors. We will track the IP address on the device you are using to identify you when visiting our website. When possible, we combine your online web behavior data with the personal data that you have previously supplied to us. This data will be used to analyse behavior on our website and to personalise your experience.

You may disable any of these cookies via your browser settings.

11. Liability
You guarantee that you have informed any third parties whose data you are providing, if you have done so, of the points covered in this Privacy Statement. In addition, you guarantee that their authorization has been obtained to provide their data to MJets for the indicated purposes.
You will be liable for any false or inaccurate information provided and for direct or indirect damage caused to MJets or to third parties.

12. Changes to this Privacy Statement
We keep our Privacy Statement under regular review as per the requirements of applicable laws and regulations at least annually, and whenever changes to such laws and regulations are made, privacy policies and procedures are revised to conform with the requirements of applicable laws and regulations. Your use of the Services following these changes means that you accept the revised Privacy Statement. If you would like to review the version of the Privacy Statement that was effective immediately prior to this revision, please contact us at dpc@mjets.com.  

It is also important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

1. Data controller

This Privacy Statement is issued on behalf of MJets and Affiliated Companies (MJets) so when we mention "we", "us" or "our" in this Privacy Statement, we are referring to the relevant entity within MJets responsible for processing your data.

This Website
The Data Controller of this website is MJets, with registered address at 88 The Parq Building, 12th Fl. Ratchadaphisek Road, Klongtoey Subdistrict, Klongtoey District, Bangkok Metropolis 10110, Thailand. If you have any questions regarding this Privacy Statement you can reach us via dpc@mjets.com

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy statement of every website you visit.

2. How is your personal data collected?
This Privacy Statement also aims to give you information on how MJets collects and processes your personal data through your use of this website, and other services provided by MJets (“Services”) from which you are accessing this Privacy Statement, including any data you may provide when you use our:

● Online services, such as websites owned or controlled by MJets and Affiliated Companies, web and mobile applications, social media pages, HTML-formatted email messages; or
● Offline interactions, when you visit our offices, reach out via phone, or through other offline interactions.
We use different methods to collect data from and about you including through this website:
● Direct interactions. You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide online when you register through our supplier portal, sign up for a newsletter or submit an online form. We collect personal data offline, when you visit our offices, use services within our portfolio of businesses, or submit an online form.
● Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, and other similar technologies. To learn more, please see our cookie statement for further details.
● Security Systems. When you visit our offices, information may be collected about you through such properties’ closed-circuit television systems, electronic key cards and other security systems.
● Third parties or publicly available sources. We will receive personal data about you from various third parties and public sources including business partners, and social media and networking platforms.

3. Purposes for which we will use your personal data    
This Privacy Statement informs you of how we collect, use or disclose your personal data, what and why we collect, use or disclose your personal data, how long we hold it, your rights, what steps we will take to make sure your personal data stay private and secure, and how you can contact us.

4. The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (“Aggregate Data”).

We may collect, use, store and transfer different kinds of personal data about you which we have arranged according to the different purposes as follows:

● Contact information (such as name, email address, mailing address, and phone number);
● Identity data (such as username or similar identifier, nationality, and supporting documents when entering into contracts to fulfill our contractual obligations.)
● Financial information (including company registration information, investments, billing address, and bank account information);
● Demographic data (such as age, gender, country, marital status, dependents, and preferred language);
● Information necessary to fulfill your requests;
● Prior activity participation (such as workshops, and training);
● Copies of your correspondence if you contact us;
● Feedback and survey responses;
● Information collected through closed-circuit television systems, card key and other security systems;
● Information related to your use and interaction with our website and network; and
● Information as requested by government authorities to fulfill our legal obligations.

We do not collect the following special categories of Personal Data about you: religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, and genetic and biometric data. We may collect information about criminal convictions and offences as part of our internal risk auditing processes. We may collect data about your health such as occupational safety incidents or other information that you provide to us. We may collect information about race or ethnicity for reporting purposes.

5. Disclosures of personal data
Our goal is to provide you with the highest level of Services, and to do so, we share Personal Data with the following parties:

● MJets and Affiliated Companies. We disclose Personal Data to other companies, affiliates and subsidiaries, such as for addressing feedback, requests for information, maintaining our services, and our business purposes. MJets Limited is the party responsible for the management of the jointly controlled Personal Data.
● Strategic Business Partners. We disclose Personal Data and Other Data to business partners such as corporate sustainability assessors and potential investors.
● Service Providers. We disclose Personal Data to third-party service providers for the purposes described in this Privacy Statement. Examples of service providers include companies that provide website hosting, data analysis, information technology and related infrastructure provision, human resource management companies, accounting and external auditing firms, consultants, insurance brokers and banks.
● Public administrations and polices bodies. We disclose Personal Data to public administrations and polices under requirement in order to comply with obligations under the regulations and cooperate with these entities in the performance of their duties.

We require all third parties to respect the security of your personal data and to process it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6. International transfers
We may transfer your Personal Data to another jurisdiction, insofar as it is necessary to fulfill the purpose for which Personal Data was collected. 

Where Personal Data is transferred to a country with a lower level of data protection as compared to the country in which the information was collected, we take all reasonable steps to ensure that your information and privacy are protected in line with the applicable legal obligations. Whenever we transfer your personal data, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

● Where we use certain service providers, we may use data processing contractual clauses that provide sufficient protection measures and enable the enforcement of the data subject’s rights.
● MJets could use the consent of the data subjects as well as any other legal basis that the applicable law provides.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data.

7. Data retention
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you according to any applicable law guidelines. 

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements of the applicable country.

MJets would like to inform you about the following retention period:

● Your personal data involved in the processing under lawful grounds the contractual relationship will be stored for the entire duration of the contractual relationship and once it has ended until the responsibilities for both parties expire.
● Your personal data involved in the processing under lawful grounds of legal obligation, will be stored until the completion of this obligation.
● Your personal data involved in the processing under lawful grounds of legitimate interest, will be stored until the end of this interest.
● Your personal data involved in the processing under lawful grounds of consent, will be until this consent is withdrawn. In the case of communications, you may opt-out through the means provided in each of these communications.

Details of retention periods for different aspects of your personal data are available in our Data Retention Policy which you can request by contacting us.

8. Your rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data as followings;.
● The right to be informed about the purpose of collecting and processing the data.
● The right to withdraw the given consent.
● The right to access and obtain the data collected from you.
● The right to object the collection, use, and disclosure of your data.
● The right to restrict the use of your data.
● The right to correction of your data.
● The right to transfer your data to another data controller.
● The right to have your data erased, destroyed, or anonymized. 

Contact Us
If you wish to exercise any of the rights set out above, please contact us.
Email: dpo@mjets.com; or
Post: 88 The Parq Building, 12th Fl. Ratchadaphisek Road, Klongtoey Subdistrict, Klongtoey District, Bangkok Metropolis 10110, Thailand

Under certain circumstances where applicable law permits, you also have the right to lodge a complaint with a competent data protection supervisory authority.

What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond
We try to respond to all legitimate requests within one month or within the timeframe as specified by the applicable data protection legislation. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. In any event that the data controller requires additional information/documents from the Data Subject, time to respond shall be paused and once all required information/documents are received, time to respond shall be resumed.

9. Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

10. Cookies
We use cookies (small text files stored in your browser) and other techniques such as web beacons (small, clear picture files used to follow your movements on our website). These collect information that tells us how you use our website and web-related services. We use these to compile statistical reports on website activity.

This helps us make our website relevant to your interests and needs. We may use a persistent cookie (a cookie that stays linked to your browser) to record your details so we can recognize you if you visit our website again.
You can choose to refuse cookies or set your browser to let you know each time a website tries to set a cookie. For further information on cookies, visit www.aboutcookies.org or www.allaboutcookies.org where you can also find information on how to turn them off.

The type of cookies we use on this site include:

● Strictly Necessary Cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

● Analytics Cookies: We use these cookies to analyse and identify the behavior of our web visitors. We will track the IP address on the device you are using to identify you when visiting our website. When possible, we combine your online web behavior data with the personal data that you have previously supplied to us. This data will be used to analyse behavior on our website and to personalise your experience.

You may disable any of these cookies via your browser settings.

11. Liability
You guarantee that you have informed any third parties whose data you are providing, if you have done so, of the points covered in this Privacy Statement. In addition, you guarantee that their authorization has been obtained to provide their data to MJets for the indicated purposes.
You will be liable for any false or inaccurate information provided and for direct or indirect damage caused to MJets or to third parties.

12. Changes to this Privacy Statement
We keep our Privacy Statement under regular review as per the requirements of applicable laws and regulations at least annually, and whenever changes to such laws and regulations are made, privacy policies and procedures are revised to conform with the requirements of applicable laws and regulations. Your use of the Services following these changes means that you accept the revised Privacy Statement. If you would like to review the version of the Privacy Statement that was effective immediately prior to this revision, please contact us at dpo@mjets.com.  

It is also important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.