Introduction And General Terms
Bangkok Dusit Medical Services Public Company Limited, as a healthcare provider on behalf of Bangkok Hospital (“we” refers to “Bangkok Hospital”), we are committed to protecting your personal information, including data collection, data manipulation and disclosure (known as data processing) whilst visiting https://www.bangkokhospital-chiangrai.com/en/
or using our authorized applications or receiving our services.
Personal Data Collection
Your personal information will be only collected if necessary. This given information can be directly derived from you through several channels which include our websites, applications and other authorized channels e.g. making medical appointment, E-commerce or online transaction processing, E-newsletters and requesting of medical assistance service as well as offline transactions such as patient registration at hospital counters. Besides information obtained from you, we might receive your information from third parties which include your family members, friends or someone who are close to you, hospitals or companies which belong to Bangkok Dusit Medical Services Public Company Limited which also including Bangkok Dusit Medical Services Public Company Limited and government institutes that you provided them a legal approval for data disclosure in accordance with law enforcement. We keep your information confidential except where disclosure is required or permitted by law (for example to government bodies and law enforcement agencies).
Types Of Data
Among several types of data, your collected data will be manipulated based primarily on objectives of data usage. This information obtained from you or any third party refers to here as:
- Information that identifies personal identity, such as photo, gender, date of birth, passport number, national identification number or other numbers that can be used to define personal identity;
- Information that indicates contact details, such as address, telephone number and email account;
- Information for making payment, such as invoice and credit or debit card details as well as bank account and bank statement;
- Information of healthcare services, such as doctor appointment details, personal information of relatives, personal requirement for accommodation, food and other services;
- Information obtained during registration of newsletters and other marketing events or activities such as public seminars;
- Information related to statistical figures, such as number of patients and number of website visitors;
- Information related to website visiting, such as IP address, Cookies and Online Appointment System;
- Information of personal health, such as medical history, physical health and mental health reports, laboratory results and diagnostic results;
- Information of drug usage and history of allergic reactions; and
- Information related to given personal feedbacks or treatment responses.
- Personal information revealing sensitive issues, including racial or ethnic origin, religious or philosophical beliefs and criminal records will not be collected unless it is allowed by you or directed by law enforcement agencies.
Purposes Of Data Processing
Once your consent is obtained, data processing will be conducted in accordance with legal agreements or statements. We shall process the data for these particular purposes:
- Medical Purposes:
- Delivering our medical services and enhancing service accessibility through both online and offline channels;
- Making doctor appointments or other medical appointments, including promoting our updated news and services;
- Coordinating with other hospitals in BDMS network to optimize the efficacy of referral process;
- Identifying patient’s identity;
- Delivering messages to remind medical appointments or offering medical assistance;
- Financially defining transactional status, such as credit card payment, invoicing and refunding;
- Safeguarding you during hospitalization;
- Following the instructions made by our hospitals;
- Complying with the laws, regulations and legal announcements ruled by government institutes, such as subpoena compliance, official proclamation or court order or other forms of legal enforcements; and
- Other objectives may include any action that supports mentioned purposes with your consent.
- Marketing Purposes:
- Data processing for marketing objectives will be performed only we are permitted to utilize your information. Marketing purposes may include:
- Offering privileged benefits and promotions to members of Chivawattana program;
- Providing marketing information, promoting sales and customer relationship, such as packages and promotions, products and services as well as business partnership;
- Surveying customer satisfaction as well as developing marketing researches and analysis to be used for marketing improvement and initiation of new products or services that fulfill customers’ needs and expectations; and
- Serving as communication channel in order to respond medical and service enquiries including compliments, comments and complaints e.g. lost items and damages.
- Data Disclosure
We reserve the rights to disclose or transfer your personal information to certain third parties, located in or out of Thailand, in line with relevant laws, regulations concerning the protection of personal information ruled by regulatory authorities or government agencies. Information disclosure are allowed for third parties, including:
- Hospitals or companies in BDMS group and BDMS’s business partners;
- Representatives, service providers, business partners or anyone else who represent Bangkok Hospital such as IT service providers;
- Business partners, such as hotels, car rental companies, insurance companies and partners with mile redemption programs. These also refer to other companies that provide you services and fulfill your needs;
- Banks and other financial companies e.g. credit cards and debit cards
- Government officers or parties for security and safety;
- Immigration and customs enforcement; and
- Government institutes, departments or units that are authorized by laws.
Websites And Third Parties
Our websites and applications might contain certain hyperlinks which are technically connected with other websites. Since these websites are owned and operated by third parties, thus these third party websites have their own Privacy Policies, including Cookies. They govern the use of personal information you submit or are collected by cookies whilst visiting these websites. We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.
Data Confidentiality And Security
Your personal information will be confidentially kept in our system as long as it is required, either for our purposes mentioned previously or indications of laws and legal execution. In case that you do not allow us to process your given data, you reserve the rights to withdraw your consent anytime. Subsequently, your personal information will be automatically disposed of safely and securely according to our information disposal policy.
We utterly intend to protect the privacy of individuals concerning collected personal information by using security system along with implementing safety protocol, known as “Secure Sockets Layer or SSL”. SSL encrypts all the information stored and used on our site. It is considered secure channel to transmit the data securely while dealing with sensitive data such as IDs and passwords to access internet. Data accessibility, online data storage via internet or personal files, is strictly restricted to authorized users for the purpose of data processing only.
Individual Rights For Personal Data Protection
You are entitled to contact us, personal data protection agencies and other relevant parties to proceed these following actions:
- Obtaining access to the personal data held about you. This also refers to receiving verifying copies of original document and making a request for data transferring from us to other data controllers or yourself;
- Objecting to the collecting and restricting of the manipulating and disclosure of personal data;
- Requesting for incorrect, inaccurate or incomplete personal data to be corrected. This also refers to a request for data deletion or data disposal when your consent cannot be obtained;
- Objecting to revoke consent which was previously given for data processing. Consent can be withdrawn at any time unless specified by legal contracts or agreements;
- However, consent withdrawal for data processing might result in inadequate data to deliver services or achieving certain objectives that are mentioned previously. You may receive delayed services with a certain degree of inconvenience.