Share this post

Privacy Policy

The policy on personal data protection, the use of cookies (Cookies) by Art of Surgery Co., Ltd. (“we”) values the protection of personal information of everyone (“you”) who visits/uses the website https://reviewtheart.com/ (“website”). The terms and conditions in this personal data protection policy (“policy”) are the guidelines that we follow regarding your personal data, including the collection, use, disclosure, as well as the protection and safeguarding of personal data obtained from the use of various types of cookies related to our website.

This policy will explain the meaning, benefits, operation, and types of cookies, including how to manage/delete cookies for your privacy, and also informs you of the presence of cookies on our website. By visiting/using our website, you consent and confirm that we can use cookies on our website.

What are Cookies?

Cookies are small text files used to store information, which are recorded on your computer or communication devices when you visit our website through the web browser of your choice.

Benefits of Cookies

We use cookies to store information about your website visits. This information allows us to remember your website usage preferences easily, and this data will be used to improve our website to better suit your needs. In addition, for convenience and speed in using our website, we may need to allow third parties to perform such actions, which may require the use of Internet Protocol addresses (IP Address) and cookies to analyze, link data, and process for marketing purposes.

Types and Operation of Cookies

We use 4 types of cookies on our website, which are used anonymously as detailed below:

  1. Essential Cookies: These cookies are crucial for our website, allowing you to access and use all parts of our website. These cookies are stored and deleted after your visit/use of our website.
  2. Analytics and Performance Cookies: These cookies help us measure our performance by processing the number of pages you visit and the number of specific characteristics of visitors. This information is used to analyze visitor behavior patterns, and we will use the results to improve the website to meet the needs and usage of visitors more. However, the processed data does not identify names or indicate personal identity, and no specific personal information such as names, emails, etc., is stored, but it is used for statistical purposes only.
  3. Preference Cookies: These cookies are used to remember various features that you have selected while visiting/using our website. The recorded information will be reused when you revisit/use our website, and the selections you have previously made will be displayed without the need to make new selections for your convenience. However, the processed data does not identify names or indicate personal identity, and no specific personal information, such as names, emails, etc., is stored but is used for statistical purposes only.
  4. Marketing Cookies: These cookies are used to remember your website visit, points of interest, and focal points. The obtained data will be used to adjust/improve the website and marketing policies that suit your needs going forward.

How to Manage/Delete Cookies

You can reject, accept, or remove cookies from the website at any time by activating or going into your browser settings and following the steps/methods specified in the different web browsers you use through the following links:

Note

If you choose to disable cookies on your browser or computer device at any time, you may find that some features of the website may not function or be available as intended, such as not being able to visit certain areas of the website, or you may not receive personalized information when you visit our website.

Security Measures for the Website

During the use of cookies, we will use appropriate and consistent physical, electronic, and organizational security measures for our website to protect your personal data from being destroyed or unlawfully acted upon, lost, altered, amended, disclosed, or accessed or used without authorization.

Policy Amendments/Changes

We may review and amend/change this policy occasionally to align with changes in our services and operations, including feedback and suggestions from you, as well as relevant legal provisions. The latest amended/changed policy will be announced on our website to inform you of the approach we use to protect and safeguard your personal data from the use of our cookies.

Data Protection Policy

Art of Surgery Co., Ltd. (“we”) values the protection of personal data of customers/data subjects (“you”), which the terms and conditions in this data protection policy (“policy”) are the guidelines we follow regarding your personal data, whether it is the collection, use, disclosure, as well as the protection and safeguarding of personal data that you have provided to us during visits to the website https://reviewtheart.com or receiving services from us. This policy covers information about any individual that can directly or indirectly identify you, regardless of whether the information is received directly from you or passed on from a third party (“personal data”). In addition to complying with this policy, we will adhere to the provisions of the personal data protection law, which consists of the Personal Data Protection Act, B.E. 2562 (2019), rules, announcements, orders, or regulations of the supervisory authorities involved, as well as any amendments/additions in the future.

As the data controller of your personal data, we have established this policy, which is part of the terms and conditions for using our website and application services, as well as receiving your services. By using the services each time, it is considered that you have read and agreed to this policy, which details as follows:

Collection of Personal Data

We will collect personal data from you as necessary for the purposes stated in this policy, as well as other legal purposes of ours only, whether received through the website, mobile application, or any other channels of ours. In addition, we may receive your personal data from third parties, such as government agencies or private entities, in cases where you have consented to disclose such information, or it is disclosed as required by law.

Types of Personal Data We Collect

The types of personal data or other information that we collect directly from you or from third parties include the following:

  • Identification information, such as name, surname, national ID card/passport number, date of birth, age
  • Contact information, such as address, phone number, email address
  • Payment information, such as bank account details, credit/debit card details, or online banking
  • Service usage information, such as medical procedures, medical appointment information, CCTV footage
  • Statistical information, such as the number of visits to our website or application
  • Website usage information, such as IP Address, Cookies
  • Health information, biometric data (e.g., facial recognition data), genetic information, health reports, medication usage, drug allergies, food allergies, and diagnosis
  • Opinions/reviews/feedback and treatment outcomes that you have provided

In cases where it is necessary to collect personal data or other information beyond what is specified above, we will inform you and may request your consent beforehand as stipulated by law.

Purposes of Using Personal Data

We need to use the personal data and other information collected for the following purposes:

1. Provision of medical services including

  • Creating your medical history account, conducting and confirming your identity to access our services (online or offline), conducting online transactions, conducting offline transactions (e.g., registration at clinic registration counters), or requesting special services/assistance
  • Analyzing health problems and your ability to receive services
  • Providing suitable services, or delivering our services
  • Searching for and making medical appointments
  • Verifying your information and identity, coordinating and forwarding information to clinics in the network, which will help facilitate your convenience and faster service reception
  • Supporting and assisting service usage, answering questions and requests from you, and resolving various problems arising from accessing your services
  • Monitoring our treatment results and any health problems that may occur

2. Payment and accounting, including

  • Verifying payments through credit cards/online banking
  • Billing and verification of correctness
  • Requesting refunds
  • Maintaining security, including security while using services within the clinic
  • Complying with legal clinic rules
  • Complying with laws, regulations, rules, directives, or lawful requests from government agencies, such as complying with subpoenas, court orders, or other lawful requests

3. Marketing and advertising of products/services (for which we will obtain your explicit consent beforehand) including

  • Facilitating the search for products/services and presenting various benefits to you
  • Sending information about promotions, product and service introductions, clinic promotional events, and partner businesses
  • Surveying your satisfaction, market research, and statistical analysis to improve products and services, or create new products and services

Including other purposes that support the above objectives or that have received your consent from time to time

Parties to Whom Personal Data May Be Disclosed

We may disclose or transfer your personal data to third parties, which may be located within or outside Thailand, in countries that have adequate personal data protection standards and comply with personal data protection guidelines stipulated by law. We will take necessary and appropriate measures, or comply with regulations and laws, to achieve the purposes specified above, to the following parties:

  • Group companies, business partners, and business allies
  • Agents, service providers, or partners who provide services to us or act on our behalf, such as IT service providers or personal data processors
  • Banks, and payment service providers, such as credit or debit card companies
  • Security and safety officers or agencies
  • Immigration and customs authorities
  • Government agencies, regulatory bodies, and other agencies as permitted or required by law

Linking to Third-Party Websites/Applications

In cases where our websites and applications can link to third-party websites or applications, we wish to inform you that this policy does not cover such third-party websites or applications. Therefore, any collection, use, or disclosure of your personal information by third parties is beyond our knowledge and control, and we are not involved or liable for any actions of such third parties.

Furthermore, you should review the personal data protection policy of such websites or applications before visiting or using any services.

Data Retention and Security Measures

Your personal data will be retained for as long as necessary to fulfill the purposes outlined in this policy, under legal regulations, for the establishment, exercise, or defense of legal claims, or for legal compliance. Once the retention period expires, we will proceed to delete, destroy, or anonymize your personal data according to our procedures without undue delay.

We will implement appropriate technical and administrative measures to protect the personal data we collect from destruction, unlawful acts, loss, alteration, disclosure, or access without authority or unlawfully. For example, we use Secure Sockets Layer (SSL) protocols for data encryption over the internet, and we will restrict access to your personal data, whether stored in internet systems, computer systems, or in document form, to personnel who are necessary for collecting, using, or disclosing your personal data and will store it in locations/premises with access control systems.

Your Rights Regarding Personal Data

  • You have the right to access your personal data that we hold, including requesting a copy of your personal data, and to request the transfer of your personal data to another personal data controller or to yourself.
  • You have the right to object to or request the suspension of the collection, use, or disclosure of your personal data.
  • You have the right to request us to ensure your personal data is accurate, current, complete, and not misleading, and may request us to delete, destroy, anonymize, or disclose the source of your data if consent was not provided.
  • If you find that we or our personnel have used or disclosed your data not in accordance with your consent, or have not collected, used, or disclosed personal data as prescribed by law, you have the right to file a complaint with the Personal Data Protection Committee.
  • You have the right to withdraw your consent for us to collect, use, or disclose your personal data at any time during the period your personal data is with us, unless there are legal or contractual restrictions on your right to withdraw consent. However, withdrawing consent may result in us not having enough information to perform any actions for achieving the purposes stated, and you may not be able to receive any services from us.

In order to protect your privacy and security of your personal data, we will verify your personal data before responding to any requests mentioned above and will respond within an appropriate and legally specified period. You acknowledge that we may not be able to allow access to some of your personal data if it involves other people’s personal data or is prohibited by law. Additionally, we may refuse your request for deletion or modification of personal data due to various legal provisions, especially requests affecting our accounting processes, legal claims processes, or purposes for detecting or preventing fraud, and maintaining necessary personal data that cannot be deleted or anonymized.

Notification of Personal Data Breach

In the event of a personal data breach that poses a high risk to your rights and freedoms, we will inform you of the breach and remedies without undue delay through various channels such as our website/application, SMS, email, telephone, or letter, etc.

Contact Us

If you wish to exercise any rights under this policy, have questions, suggestions, or complaints regarding this policy, you can contact us at THE ART CLINIC at any branch or contact the head office as follows:

Art of Surgery Company Limited (Personal Data Protection Officer Team)

Head Office (between Soi Ladprao 85 and 87) 2571 Ladprao Road, Khlong Chaokhun Sing, Wang Thonglang, Bangkok 10310

Telephone: 02-096-4505

  • Every time you contact us, please prepare and provide your personal information as follows:
  • First and last name, National ID card number / Passport number
  • Details of the inquiry
  • Telephone number and address for contact, including email address (if available)

Amendments/Changes to the Policy

We may periodically review and amend/change this policy to reflect changes in our services, operations, feedback from you, and applicable laws. The most recent version of the policy will be announced on our website at https://reviewtheart.com to inform you of our practices in protecting and safeguarding your personal data.

This policy is effective from May 31, 2022 onwards. Announced on May 31, 2022.