Privacy Policy

The Ministry of Information and Communication Technology,  MICT (Government Organization) (“the Agency”) recommends that users of electronic transaction services or any other electronic services of the Agency have a clear understanding of its privacy policy, which explains how the Agency treats personal information, i.e., collection, preservation, use and disclosure of personal information, and individual rights. The public will be informed of the Agency’s policy on personal information protection. The Agency hereby declares its privacy policy as follows:

 

Respect of Users’ Privacy Rights

1) The Agency respects and gives significance to individual rights, personal information and personal information protection. The Agency realizes that users of its electronic transaction service or any other services would wish to be assured of security in using the services via the Agency’s website.

2) Personal information received by the Agency, such as name, address, telephone number, and e-mail address information that can be used to trace an identity, that is complete, accurate, up-to-date, and of good quality will be used only for the purpose of the Agency’s operations. The Agency shall use stringent security measures so that personal information may not be used without permission.

 

Limited Collection of Personal Information

1) In regard to collection and preservation of personal information, the Agency shall use lawful and fair means to limit collection and storing of personal information. It shall only be used for services stipulated in the objectives of the Agency.

2) The Agency shall obtain users’ consent prior to collecting personal information except in the case that:

  • It is an exception prescribed by law.
  • It is for users’ benefit but consent cannot be obtained at that time.
  • It is for the benefit of users’ life, health, or safety or the life, health, or safety of other service users.
  • It is for the purpose of legal investigation or inquiry by officials or court proceedings.
  • It is for study, research, or statistical data collection.

3) The Agency shall not collect personal information about genetic traits and sexual behavior, or information that may be detrimental to personal reputation, or information that may cause unfair discrimination to any person except in the case that:

  • Users’ written consent has been obtained.
  • It is an exception prescribed by law.
  • It is for users’ benefit and consent cannot be obtained at that time.
  • It is for the benefit of users’ life, health or safety or the life, health, or safety of other service users.
  • It is for the purpose of investigations by legal officials or court proceedings.
  • It is for study, research, or statistical data collection.

4) The Agency may integrate users’ personal information with information received from other sources only as necessary and with users’ consent, for the purpose of updating personal information and improving the quality and efficiency of the Agency’s services.

 

Objectives in Collecting Personal Information

1) The Agency collects personal information to be used for the Agency’s operations, studies, research, or statistical data collection in accordance with the Agency’s operational objectives, and for the improvement of the quality and efficiency of the Agency’s electronic services.

2) In the event of subsequent changes in the collection of personal information, the Agency shall notify users and ask for their consent. Any amendment made to personal information shall be recorded.

3) In the event that the Agency collects, stores, uses or discloses personal information for purposes other than the stated objectives, the User have the right to privacy and can choose whether they will allow the Agency to collect, store, use or disclose such personal information.

4) For the purpose of analysis of the use of services via a website and for traceability in the event of problems in service usage, the Agency automatically uses log files for record keeping by which at least the following data is saved:

  • IP Address
  • Type of Browser

Moreover, the Agency also uses the services of external agencies/organizations that keep log files in providing services via websites as prescribed by law.

5) The Agency shall not perform any act not mentioned in the above objectives except:

  • When users have been informed of the new objectives and given their consent.
  • In the case that it is prescribed by law.

 

Limited Use of Personal Information

1) The Agency may use and disclose personal information only with users’ consent and when it is in accordance with the Agency’s objectives.

2) The Agency shall ensure that it shall not disclose, show, or cause to appear the users’ personal information in any other manner other than that specified in the Agency’s objectives or to a third party except in the event that:

  • It is prescribed by law.
  • It is with the users’ consent.
  • It is for the benefit of life, health or safety or the life, health, or safety of other service users.
  • It is for the purpose of investigations by officials or court proceedings.
  • It is for study, research, or statistical data collection.

3) In certain cases, the Agency may allow other persons or agencies/organizations to have access to or use users’ personal information as necessary, for the purposes of and under the authority of the Agency, and with prior consent of users.

 

Security Measures

The Agency recognizes the importance of personal information security and has set up security measures that are appropriate and consistent with keeping confidentiality of personal information. The measures aim at preventing loss, accessibility, destruction, use, modification, amendment or disclosure of personal information unlawfully or without authority. These measures shall comply with the Agency’s policy and guideline on IT security.

 

Users’ Rights to Personal Information

1) In the event that users’ wish to obtain their own personal information, they may send a request according to the criteria and methods set forth by the Agency. Upon receipt of such request the Agency shall take prompt action to inform users of the existence or details of such personal information within a reasonable time.

2) If any personal information is found to be incorrect, users may notify the Agency and request that such information be corrected, changed, or deleted. In that case the Agency shall prepare a memorandum of objections regarding storage and accuracy of personal information.

3) Users have the right to check the existence and the nature of personal information, and the use of such information at the business premises of the Agency. In addition,users have the right to request:

  • certified copies of documents relating to their personal information
  • rectification or change of personal information so that it is accurate and complete
  • discontinuation of the use or disclosure of their personal information
  • deletion or destruction of their personal information
  • information about the method of acquisition of their personal information in the case that information has been collected or stored without their consent.

Nevertheless, the Agency may deny the request if required by law or if identifiable personal information has already been deleted.

 

Linking Personal Information with Other Persons or Agencies/Organizations

1) The Agency may link personal information to other persons or organizations. Prior to such linkage, the Agency shall notify users and request their consent, with at least the following details given:

  • The name(s) of the person(s) or agency (agencies) to which that personal information will be provided
  • The objective in linking personal information
  • Personal information linking methods
  • Personal information to be linked to other parties
  • The names of parties having the right to access personal information.

2) In linking personal information to other persons or agencies/organizations, the Agency shall clearly inform the user of the name of the information collector and any party having the right to collect information. Moreover the Agency shall keep records of information linkages.

3) If there is any change in information linkage, the Agency shall notify the user thereof and request prior consent.

 

Change in Privacy Policy

1) The Agency may revise this privacy policy occasionally to be consistent with changes in service provision, the Agency’s operations, and public suggestions/comments. The Agency shall make a clear announcement before proceeding with any changes or may deliver the notification of change directly to the users.

2) For additional information on the policy and practical guidelines on personal information protection, reference could be made to the full version of the Policy and Practical Guideline for Personal Information Protection. If you have further questions, please contact the Agency.