PRIVACY POLICY PRIVACY POLICY

Last Updated: January 4, 2025

OrbitInnotive Company Limited (“Company,” “we,” “us,” or “our”) is committed to protecting your personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), Personal Data Protection Act (PDPA), and other applicable privacy laws. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data.

1. DEFINITIONS AND LEGAL FRAMEWORK

1.1 Key Terms

  • “Company” refers to OrbitInnotive Company Limited
  • “Personal Data” means any information relating to an identified or identifiable natural person
  • “Processing” means any operation performed on personal data
  • “Data Subject” means the individual to whom the personal data relates
  • “Applicable Laws” includes GDPR, PDPA, and other relevant data protection regulations

1.2 Legal Bases for Processing
We process your personal data under one or more of the following legal bases:

  • Your explicit consent
  • Contractual necessity
  • Legal obligations
  • Legitimate interests
  • Vital interests protection
  • Public interest requirements

2. SCOPE AND APPLICATION

This Policy applies to all personal data processed by us, including:

  • Website visitors
  • Service users
  • Newsletter subscribers
  • Contact form submitters
  • Business contacts

3. PERSONAL DATA WE COLLECT

3.1 Directly Provided Information

  • Basic identification (name, contact details)
  • Account information
  • Communication preferences
  • Subscription details
  • Inquiry content

3.2 Automatically Collected Information

  • Device and browser information
  • IP address
  • Usage patterns
  • Cookies (as detailed in our separate Cookie Policy)

4. DATA PROCESSING PURPOSES

We process personal data for:

  • Service provision
  • Communication
  • Marketing (with consent)
  • Legal compliance
  • Business operations
  • Security purposes

5. YOUR RIGHTS UNDER DATA PROTECTION LAWS

5.1 Under GDPR and PDPA, you have the right to:

  • Access your data
  • Rectify inaccurate data
  • Erase your data (“right to be forgotten”)
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent
  • Lodge complaints with supervisory authorities

5.2 Exercise Your Rights:

  • Submit requests via email to info@orbit-people.com
  • Provide identification for verification
  • Receive response within 30 days
  • No fee charged (except for excessive requests)

6. INTERNATIONAL DATA TRANSFERS

6.1 We may transfer data internationally with appropriate safeguards:

  • Standard contractual clauses
  • Adequacy decisions
  • Binding corporate rules
  • Explicit consent when required

6.2 Protection Measures:

  • Data transfer impact assessments
  • Security protocols
  • Contractual protections
  • Regular compliance reviews

7. DATA PROTECTION MEASURES

We implement appropriate technical and organizational measures:

  • Access controls
  • Encryption
  • Regular security assessments
  • Staff training
  • Incident response procedures

8. RETENTION AND DELETION

8.1 We retain data only as long as necessary:

  • Active accounts: Duration of service
  • Marketing: Until consent withdrawal
  • Legal requirements: As mandated by law
  • Maximum period: 5 years unless legally required otherwise

9. THIRD-PARTY DISCLOSURE

We share data with:

  • Service providers (with data processing agreements)
  • Legal authorities (when required)
  • Business partners (with appropriate safeguards)
  • Third parties (with your consent)

10. CONTACT AND COMPLAINTS

Data Protection Officer, OrbitInnotive Company Limited
Tel: (66) 096-664-2364 
Email: info@orbit-people.com
Hours: Monday – Friday (09:00 – 17:00)

11. POLICY UPDATES

We reserve the right to update this policy. Material changes will be communicated appropriately.

12. GOVERNING LAW AND JURISDICTION

This Policy is governed by Thai law and applicable international regulations. Any disputes shall be subject to the exclusive jurisdiction of Thai courts.

13. LIABILITY LIMITATION

To the extent permitted by law, our liability shall be limited to direct damages arising from willful misconduct or gross negligence.

By using our services, you acknowledge this Privacy Policy and consent to the processing of your personal data as described herein.

Version 2.0
Original Effective Date: January 4, 2024 
Version 1.0 August 5, 2023