Skip to content
Greener Bangkok
กทม
สสส
menu
Greener Bangkok

Waste and Recycling

Go to the trash and recycle page

Information and Services

project

Your participation

Waste disposal guide

Green Spaces

Go to the green area page

Information and Services

project

Your participation

PM2.5 Dust

Entering the PM2.5 dust season

Information and Services

project

Your participation

Climate Change

Go to the Climate Change page

Information and Services

project

Your participation

Popular Pages

Privacy Policy

Introduction

    Bangkok (hereinafter referred to in this policy as "Bangkok" Recognizing the importance of personal data and other information about you (collectively referred to as “information”) so that you can be confident that Bangkok is transparent and responsible in collecting, using or disclosing your information in accordance with the Personal Data Protection Act B.E. 2562 (“Personal Data Protection Act”) including other relevant laws, Personal Data Protection Policy (“policy”) This has been prepared to provide you with details regarding the collection, use or disclosure (collectively referred to as “Processing”) Personal information processed by the BMA, including officials and related persons acting on behalf of or on behalf of the BMA, with the following contents:

    Scope of policy enforcement

      This policy applies toPersonal information of individuals who are related to BMA, currently and in the future, whose personal data is processed by BMA, its officers, contract employees, business units or other entities operated by BMA, including contractors or third parties who process personal data on behalf of or on behalf of BMA (“Personal data processor”) under the participation in various activities and operations such as websites, systems, applications, documents or other services that are controlled and supervised by the Bangkok Metropolitan Administration (collectively referred to as "serve”)

      Persons who have a relationship with Bangkok as stated in the first paragraph, including:

      1. Individual
      2. Officer or operator, employee
      3. Directors, attorneys, representatives, agents, employees or other persons who have a similar relationship with a juristic person related to the BMA.
      4. Participants of the Bangkok event
      5. Visitors or users of the website www.50ปีกทม.com, including systems, applications, devices or other communication channels controlled and supervised by the Bangkok Metropolitan Administration.

      Items 1) to 5) are collectively referred to as “You"

      In addition to this policy, Bangkok may determine that:Privacy Statement ("announce”) for products or services of the BMA to clarify to the owner of personal data who is the service user about the personal data that is processed, the purpose and lawful reasons for the processing, the period for keeping personal data, including the rights in personal data that the owner of personal data should have in that specific service or activity.

      In the event of any material conflict between the contents of this Privacy Notice and this Policy, the Privacy Notice of that service shall prevail.

      Definition

        • Bangkok means Bangkok.Personal information Refers to information about a natural person which enables the identification of that person directly or indirectly, but does not include information specifically about a deceased person.
        • Sensitive personal data means personal data as prescribed in Section 26 of the Personal Data Protection Act B.E. 2562, which includes data on race, ethnicity, political opinions, religious or philosophical beliefs, sexual behavior, criminal history, health information, disability, trade union information, genetic information, biometric data, or any other information that affects the owner of personal data in a similar manner as announced by the Personal Data Protection Committee.
        • Processing of personal data Refers to any action with personal data, such as collecting, recording, copying, organizing, storing, updating, changing, using, retrieving, disclosing, forwarding, publishing, transferring, merging, deleting, destroying, etc.
        • Owner of personal data Refers to a natural person who is the owner of personal data that the BMA collects, uses or discloses.
        • Personal Data Controller Refers to a person or legal entity who has the authority to make decisions regarding the collection, use or disclosure of personal data.
        • Personal data processor Refers to a person or legal entity that performs actions related to the collection, use or disclosure of personal data at the instruction of or on behalf of a personal data controller, provided that such person or legal entity is not a personal data controller.

        Sources of personal data collected by Bangkok

          Bangkok collects or obtains various types of personal data from the following sources:

          1. Personal data that the BMA collects directly from the owner of personal data through various service channels, such as application procedures, documents, photos, surveys, services or other service channels controlled by the BMA, or when the owner of personal data contacts the BMA at the office or through other contact channels controlled by the BMA, etc.
          2. Information that the BMA collects from the owner of personal information accessing the website or other services under the contract or mission, such as tracking the behavior of the use of the BMA website or services by using cookies or from software on the owner of personal information's device, etc.
          3. Personal data that the BMA collects from sources other than the owner of the personal data, where such sources have the authority, have a lawful reason, or have received consent from the owner of the personal data to disclose the data to the BMA, such as linking digital services of government agencies to provide comprehensive public services to the owner of the personal data themselves, receiving personal data from other government agencies as the BMA has a duty under the mission to establish a central data exchange center to support the operations of government agencies in providing services to the public through the digital system, including from the necessity to provide services under contracts that may exchange personal data with contracting agencies.

          This also includes cases where you provide personal data of a third party to the BMA as follows: You are responsible for informing such person of the details of this Policy or the announcement of the activity or service, as applicable, and obtaining their consent if such consent is required to disclose their data to the BMA.

          In this case, if the owner of personal data refuses to provide necessary information for the BMA to provide services, it may result in the BMA being unable to provide the services to the owner of such personal data in whole or in part.

          Legal basis for collecting personal data

            BMA considers determining the legal basis for collecting your personal data as appropriate and in accordance with the context of the service. The legal basis for collecting personal data that BMA uses includes:

            Legal basis for data collectiondetails
            To carry out missions for public benefit or to exercise state power that the BMA has received.To enable Bangkok to exercise state power and carry out missions for public benefit in accordance with the Bangkok mission that is Bangkok is a sustainable livable city, strong communities, and warm families through efficient, transparent, and participatory management from all sectors of society.
            To perform legal dutiesTo enable Bangkok to comply with the laws that control Bangkok, such as: - Collection of computer traffic data according to the Computer Crime Act B.E. 2560 - Official Information Act B.E. 2540 - Public Organization Act B.E. 2542 - Tax laws, including the implementation of court orders, etc.
            It is necessary for legitimate interests.For the legitimate interests of the BMA and other persons, which are no less important than the fundamental rights of the personal data owner in personal data, such as for the security of BMA buildings or the processing of personal data for the internal affairs of BMA, etc.
            For the performance of the contractTo enable the BMA to perform its duties under the contract or to take actions necessary for entering into a contract to which you are a party, such as hiring, hiring for work, making a memorandum of understanding or other forms of contract, etc.
            For the preparation of important historical documents, research or statistics.To enable BMA to prepare or support the preparation of historical documents, research or statistics as may be assigned by BMA, such as the preparation of a list of directors or committee members, the preparation of statistics on the use of government digital services, the work of monitoring the implementation of digital government policies, etc.
            Your consentFor the collection, use or disclosure of personal data in cases where Bangkok needs to obtain your consent and has informed you of the purpose of the collection, use or disclosure of personal data before requesting consent, such as the collection of sensitive personal data for purposes that do not comply with the exceptions of Section 24 or 26 of the Personal Data Protection Act B.E. 2562 or the presentation or promotion of products and services of a contractor or business partner to you, etc.

            In the event that BMA needs to collect your personal data for the performance of a contract, performance of legal duties or necessity for entering into a contract, if you refuse to provide personal data or object to the processing according to the purpose of the activity, it may result in BMA being unable to perform or provide the services you have requested, in whole or in part.

            Types of personal data collected by Bangkok

              The BMA may collect or obtain the following information, which may include your personal information, depending on the services you use or the context of your relationship with the BMA, including other considerations affecting the collection of personal information. The types of information listed below are only a general framework for the collection of personal information by the BMA. However, only information related to the products or services you use or have a relationship with will be applicable.

              Types of personal dataDetails and examples
              Personal InformationInformation indicating your nickname or information from official documents that identify you personally, such as title, first name, last name, middle name, nickname, signature, ID card number, nationality, driver's license number, passport number, house registration information, business license number, professional license number (for each occupation), insured person identification number, social security number, etc.
              Information about personal characteristicsPersonal details such as date of birth, gender, height, weight, age, marital status, military service status, photograph, spoken language, behavioral information, preferences, information on bankruptcy, information on being disabled or quasi-disabled, etc.
              Contact informationContact information for you, such as home telephone number, mobile telephone number, fax number, email, home mailing address, social media usernames (Line ID, MS Teams), accommodation location map, etc.
              Information about work and educationEmployment details, including work history and education history, such as employment type, occupation, rank, position, duties, expertise, work permit status, reference information, taxpayer identification number, job position history, work history, salary information, start date, end date, evaluation results, welfare and benefits, materials in the worker's possession, achievements, bank account numbers, educational institutions, educational qualifications, educational results, graduation date, etc.
              Information about social relationshipsYour social relationship information, such as political status, political position, directorship, relationship with BMA employees, information on being a contractor with BMA, information on being a stakeholder in business with BMA, etc.
              Information about using Bangkok's servicesDetails regarding activities or services of the BMA, such as user account name, password, PIN number, Single Sign-on (SSO ID) information, OTP code, computer traffic information, location information, photos, videos, audio recordings, usage behavior information (websites under the care of the BMA, such as www.50ปีกทม.com or various applications), browsing history, cookies or similar technologies, device ID, device type, connection details, browser information, language used, operating system used, etc.
              Sensitive personal dataYour sensitive personal data, such as race, religion, disability, political opinions, criminal history, biometric data (facial image data), health information, etc.

              cookie

                BMA collects and uses cookies and other similar technologies on websites under the supervision of BMA, such as www.50ปีกทม.com or on your device depending on the service you use. This is to ensure the safety of BMA’s services and to provide you, the user, with convenience and a good experience in using BMA’s services. This information will be used to improve BMA’s website to better meet your needs. You can set or delete cookies yourself from your web browser settings.

                Personal information of minors, disabled persons and quasi-disabled persons

                  In the event that the BMA learns that personal data that requires consent for collection belongs to the owner of the personal data who is a minor, an incompetent person or a quasi-incompetent person, the BMA will not collect such personal data until it has received consent from the person exercising parental authority who has the authority to act on behalf of the minor or the guardian or custodian, as the case may be, in accordance with the conditions stipulated by law.

                  In the event that BMA did not know in advance that the owner of personal data was a minor, an incompetent person, or a quasi-incompetent person, and later discovered that BMA had collected the owner's data without receiving consent from the person exercising parental authority who has the authority to act on behalf of the minor, or the guardian or custodian, as the case may be, BMA will promptly delete and destroy such personal data if BMA has no other lawful reason other than consent to collect, use, or disclose such data.

                  Purpose of collecting personal data

                    BMA collects your personal data for various purposes, which depend on the type of service or activity you use, the nature of your relationship with BMA, or considerations in each context. The purposes stated below are only a general framework for BMA's use of personal data. Only purposes related to the services or activities you use or have a relationship with will be applicable to your data.

                    1. To perform as necessary to carry out public benefits that the BMA has been assigned to accomplish, or as necessary to exercise legal powers that the BMA has the authority and duty to carry out the BMA's mission.
                    2. To provide services and manage activities of the BMA, both services under contracts with you or according to the missions of the BMA.
                    3. For the transaction operations of Bangkok
                    4. Control, operate, monitor, inspect and manage services to facilitate and meet your needs.
                    5. To maintain and update information about you, including documents that refer to you.
                    6. Analyze data and resolve issues related to BMA services and activities.
                    7. To carry out necessary actions for internal management of the organization, including recruitment, selection of directors or persons holding various positions, and evaluation of qualifications.
                    8. Prevent, detect, avoid and investigate fraud, security breaches or prohibited or illegal activities that may cause damage to both Bangkok and the owner of personal data.
                    9. Identity verification Verify your identity and verify your information when you apply for BMA services or contact us to use our services or exercise your rights under the law.
                    10. Improve and develop the quality of services and activities to be up-to-date.
                    11. Risk Assessment and Management
                    12. Send notifications, order confirmations, communicate and inform you.
                    13. To prepare and deliver relevant and necessary documents or information.
                    14. Verify your identity to prevent spam or unauthorized or illegal activities.
                    15. To examine how personal data owners access and use BMA services, both in general and individually, and for research and analysis purposes.
                    16. Take action as necessary to comply with the duties owed by the BMA to regulatory authorities, tax authorities, law enforcement, or the BMA's legal obligations.
                    17. Take action as necessary for the legitimate interests of the BMA or of any other person or any other juristic person involved in the operations of the BMA.
                    18. Prepare historical documents for public benefit, research, or compile statistics that the BMA has been assigned to do.
                    19. To comply with applicable laws, notices, orders or legal proceedings, to process information in response to a subpoena, including exercising your rights regarding your information.
                    20. Types of persons to whom BMA discloses personal data

                    Under the purposes specified in Section 9 above, BMA may disclose your personal data to the following persons. The types of data recipients specified below are only a general framework for BMA's disclosure of personal data. Only data recipients related to the products or services you use or have a relationship with will be applicable.

                    Type of data recipientdetails
                    Government agencies or authorities that the BMA must disclose information for the purpose of carrying out legal actions or other important purposes (e.g. operations for the public interest)Law enforcement agencies or agencies with supervisory authority or other important objectives, such as the Governor of Bangkok or his acting representative, Department of Provincial Administration, Revenue Department, Police Office, Court, Office of the Attorney General, Department of Disease Control, Ministry of Digital Economy and Society, Office of the Permanent Secretary to the Prime Minister, Department of Consular Affairs, Student Loan Fund, etc.
                    Various committees related to the implementation of the Bangkok Metropolitan Administration's lawsBangkok may disclose your information to persons who hold positions on various committees, such as the Selection Subcommittee, the Board of the Digital Government Development Agency, etc.
                    Contractual parties that carry out activities and projects of the BMA.External persons that the BMA has procured and hired to carry out BMA projects and activities.
                    Business partnersBMA may disclose your information to persons working with BMA for the purpose of providing services to you, such as service providers you contact through BMA services, marketing service providers, advertising media, financial institutions, platform providers, telecommunications service providers, etc.
                    Service ProviderBMA may assign other persons to provide services on its behalf or to support the operations of BMA, such as data storage service providers (e.g. cloud, document warehouse), system, software, application, website developers, document delivery service providers, payment service providers, internet service providers, telephone service providers, digital ID service providers, social media service providers, risk management service providers, external consultants, transportation service providers, etc.
                    Other types of data recipientsBMA may disclose your information to other types of data recipients, such as BMA contacts, family members, non-profit foundations, temples, hospitals, educational institutions or other agencies, etc., for the purpose of carrying out BMA services, training, receiving awards, participating in merit-making, making donations, etc.
                    Public disclosureThe BMA may disclose your information to the public in necessary cases, such as when the BMA requires an announcement in the Government Gazette or by Cabinet resolution, etc.

                    Period of collection of your personal data

                    BMA will keep your personal data for as long as it is still necessary for the purpose of collecting the data, as detailed in the policy, announcement or relevant law. However, when the period has passed and your personal data is no longer necessary for the aforementioned purpose, BMA will delete, destroy your personal data or make your personal data unidentifiable, in accordance with the format and standards for deleting personal data as announced by the committee or law or international standards. However, in the event of a dispute, exercise of rights or lawsuit related to your personal data, BMA reserves the right to continue to keep such data until the dispute has a final order or judgment.

                    Providing services by third parties or sub-service providers

                      BMA may assign or hire third parties (Personal Data Processors) to process personal data on behalf of or on behalf of BMA, which such third parties may offer services in various forms, such as hosting, outsourcing, or acting as a cloud computing service/provider, or as other forms of contract work.

                      In assigning a third party to process personal data as a personal data processor, BMA will arrange for an agreement specifying the rights and duties of BMA as a personal data controller and of the person assigned by BMA as a personal data processor, which includes specifying details of the types of personal data assigned by BMA to be processed, including the purposes, scope of personal data processing and other relevant agreements. The personal data processor is responsible for processing personal data only in accordance with the scope specified in the agreement and as instructed by BMA and cannot process for other purposes.

                      In the event that the personal data processor assigns a sub-service provider (sub-processor) to process personal data on behalf of or on behalf of the personal data processor, the BMA will direct the personal data processor to prepare a documented agreement between the personal data processor and the sub-processor in a format and standard that is not lower than the agreement between the BMA and the personal data processor.

                      Security of Personal Data

                        The BMA has measures to protect personal data by limiting access rights to personal data to specific officials or authorized or assigned persons who need to use such data for the purposes notified to the owner of the personal data. Such persons must strictly adhere to and comply with the BMA’s personal data protection measures and have a duty to maintain the confidentiality of personal data that they learn of from performing their duties. The BMA has measures to maintain data security, both organizationally and technically, that meet international standards and comply with the announcements of the Personal Data Protection Committee.

                        In addition, when BMA sends, transfers or discloses personal information to a third party, whether for the purpose of providing services under a mission, contract or other forms of agreement, BMA will establish appropriate personal information security and confidentiality measures in accordance with the law to ensure that personal information collected by BMA will always be secure.

                        Connecting to external websites or services

                          The BMA's services may contain links to third-party websites or services, which may have privacy policies that differ from this policy. BMA recommends that you study the privacy policies of such websites or services to learn more before using them. BMA has no involvement and has no control over the privacy measures of such websites or services and cannot be held responsible for the content, policies, damages, or actions resulting from third-party websites or services.

                          Data Protection Officer

                            The Bangkok Metropolitan Administration has appointed a Personal Data Protection Officer to perform duties of inspecting, supervising and providing advice on the collection, use or disclosure of personal data, including coordinating and cooperating with the Personal Data Protection Committee Office to comply with the Personal Data Protection Act B.E. 2562.

                            Your rights under the Personal Data Protection Act B.E. 2562

                              The Personal Data Protection Act B.E. 2562 provides for several rights of data owners. These rights will come into effect when the law on these rights comes into force. Details of these rights include:

                              1. Right to request access to personal data You have the right to request access, receive a copy and request disclosure of the source of personal data that the BMA has collected without your consent, except in cases where the BMA has the right to deny your request for legal reasons or court orders, or in cases where the exercise of your rights will have an impact that may cause damage to the rights and freedoms of other persons.
                              2. The right to request correction of personal data to be accurate, complete and up-to-date. If you find that your personal data is incorrect, incomplete or out-of-date, you have the right to request correction to make it accurate, up-to-date, complete and not misleading.
                              3. Right to delete or destroy personal data You have the right to request that Bangkok delete or destroy your personal data or make your personal data unidentifiable. However, the exercise of this right to delete or destroy personal data must be subject to the conditions as prescribed by law.
                              4. Right to request suspension of use of personal data You have the right to request suspension of use of your personal data in the following cases:
                              5. When the BMA is conducting an inspection at the request of the owner of personal data to correct personal data to be correct, complete and current.
                              6. The personal data of the data subject is collected, used or disclosed unlawfully.
                              7. When the personal data of the data owner is no longer necessary to be kept for the purposes that the BMA has informed in the collection, but the data owner wishes the BMA to continue to keep such data for the purpose of exercising rights under the law.
                              8. When the BMA is proving a legitimate reason to collect personal data of the owner of personal data or to examine the necessity of collecting, using or disclosing personal data for public benefit due to the owner of personal data exercising the right to object to the collection, use or disclosure of personal data.
                              9. Right to object to the processing of personal data You have the right to object to the collection, use or disclosure of personal data about you, except where the BMA has lawful grounds to refuse the request (e.g., the BMA can demonstrate that there are stronger lawful grounds for the collection, use or disclosure of your personal data, or for the establishment of legal claims, the exercise or enforcement of legal claims, or in the public interest of the BMA).
                              10. Right to withdraw consent In the event that you have given consent to the BMA to collect, use or disclose personal data (regardless of whether such consent was given before or after the Personal Data Protection Act B.E. 2562 came into force), you have the right to withdraw your consent at any time during the period that your personal data is kept by the BMA, unless there is a legal restriction requiring the BMA to continue to keep the data or there is still a contract between you and the BMA that benefits you.
                              11. Right to receive, send or transfer personal data. You have the right to receive your personal data from BMA in a format that is generally readable or usable by automated tools or devices and can be used or disclosed by automated means, including requesting BMA to send or transfer data in such format to another personal data controller. However, the exercise of this right shall be subject to the conditions prescribed by law.
                              12. Penalties for non-compliance with the Personal Data Protection Policy

                              Failure to comply with this policy may result in offences and disciplinary action under the BMA's rules (for BMA officials or operators) or under the Personal Data Processing Agreement (for personal data processors), depending on the case and your relationship with BMA, and may be subject to penalties as prescribed by the Personal Data Protection Act B.E. 2562, including subordinate laws, rules, regulations and related orders.

                              Complaints to regulatory authorities

                                In the event that you find that the BMA has not complied with the Personal Data Protection Act, you have the right to lodge a complaint with the Personal Data Protection Committee or a supervisory authority appointed by the Personal Data Protection Committee or under the law. Before making such a complaint, the BMA would like you to contact the BMA so that the BMA has the opportunity to be informed of the facts and to clarify various issues, including addressing your concerns at the earliest opportunity.

                                Amendments to the Personal Data Protection Policy

                                  The BMA may consider revising, amending or changing this policy as it deems appropriate and will notify you via the website www.50ปีกทม.com with the effective date of each revised version. However, the BMA recommends that you check regularly to be aware of the new policy via the application or specific channels for activities that the BMA operates, especially before you disclose personal information to the BMA.

                                  Access to the BMA's products or services after the enforcement of the new policy is considered as an acknowledgement of the terms of the new policy. Please stop using if you do not agree with the details in this policy and please contact the BMA to clarify the facts.

                                  Contact to inquire or exercise rights

                                    If you have any questions, suggestions or concerns about the BMA’s collection, use and disclosure of personal data or this Policy, or if you wish to exercise your rights under the Personal Data Protection Act, you may contact us at:

                                    Data Controller

                                      Name: Bangkok (BKK)

                                      Data Protection Officer (DPO)

                                        Last updated on [January 4, 2023]

                                        Do you like the content of this page?
                                        likedo not like