For the purposes of this the Policy, please note that:
- “Bytecrunch” refers to Bytecrunch Technologies Co., Ltd.
- “We / Our / Ours / Us” refers to Bytecrunch and its respective employees, officers, servants, agents or contractors whether situated in or outside of Thailand.
- “Services” refers to the Bytecrunch products and services you have viewed, clicked on, applied for or use, including but not limited to ByteHR software, ClassicHR software, software training, software setup and implementation, data upload service, sales demos, requirements gathering sessions, marketing videos, corporate bytecrunch websites, advertisements, webinars, email/chat/phone support, etc. provided by Bytecrunch.
- “Personal Data” refers to any data about an employee who can be identified from that data, whether directly or indirectly, but not including information of deceased persons. Examples of personal data include but are not limited too employee’s name, identity card number, passport number etc.
- “Sensitive Personal Data” refers to the categories of Personal Data which are specified in Section 26 of the PDPA, i.e. Personal Data pertaining to ethnicity, race, political opinions, doctrinal, religious or philosophical beliefs, sexual behavior, criminal records, health records, disability, labour union, genetic data, biometric data or any other data which may affect the data subject in the same manner as prescribed by the Personal Data Protection Commission.
- “Customer(s)” / “Company” refers to clients of Bytecrunch who have subscribed to Bytecrunch services.
- “Employee(s)” refers to all individuals who are associated with the customer and whose personal data and sensitive personal data is stored, managed and processed in Bytecrunch software.
- “PDPA” refers to the Personal Data Protection Act B.E. 2562 (2019) and any regulations, rules, guidelines, notifications and orders issued by virtue thereof, as may be amended, supplemented or replaced from time to time.
- “Affiliate(s)” / “Partner(s)” refers to any third party individual, group, organization or vendor that Bytecrunch has entered into a contract with to provide its services effectively to customers.
Data Processor vs Data Controller
- Bytecrunch acts as a data processor whose software is used to store, manage and process employee data owned by customers.
- Bytecrunch acts as a data controller to collect personal data to provide its services optimally without disruptions.
Collection of Personal Data (Data Processor)
- Customers store both personal data and sensitive personal data of their employees in Bytecrunch software.
- As the data processor, Bytecrunch assumes that all customers (data controllers) have taken explicit consent from their employees to store manage and process both personal and sensitive personal data in Bytecrunch software.
- Bytecrunch is not responsible for how employee personal data and sensitive personal data is stored, managed and processed by its customers.
Collection and Use of Personal Data (Data Controller)
- Bytecrunch strongly advises employees to review your profile and remove any identity documents or sensitive personal data such as religion, race, or health details from ByteHR software and ClassicHR software.
|Type of Personal Data||Reason for Collection|
|Identification Data 1:|
First name, last name, email, phone number
|To provide services such as software demos, software training, email marketing, email notifications and other marketing and advertising.|
|Identification Data 2:|
Username, password, GPS location, picture
|To login to ByteHR web and mobile apps. To check in/out online (e-checkin) for shift employees.|
|Automatically Collected Data:|
Information on the accessing and visiting the bytecrunch website, pages which have been visited, search history on the website, IP Address, browser types and forms, reference page, operation system, date and time stamps and clickstream data retained in the log files
|To improve website experience and provide visitors with additional marketing and advertising data.|
Other Uses of Personal Data
- We may collect, use and disclose Personal Data of employees, directors, beneficial owners, shareholders and authorised representatives for one or more of the following purposes:
- to establish their identity and background
- processing an application for any products or services offered or distributed by us (including but not limited to third party products)
- providing products and services requested by you or employees associated with your company
- generating marketing, regulatory, management, statistical or other related reports and performing analytics
- meeting or complying with our (or our third party affiliates) internal policies and procedures and any applicable laws or court orders
- legal purposes
- handling complaints or feedback
- facilitating proposed or actual assignment, transfer, participation or sub-participation in an of our rights or obligations in respect of your relationship with us
- for any insurance claim or proposal that requires disclosure of your personal information
- for our direct marketing and business development to you and your employees (including but not limited to third party products)
- for other internal business purposes to allow us to improve our services to you and employees associated with your company
- conducting market research, surveys and data analysis relating to any service or product provided by us (whether or not conducted jointly with another party) which may be relevant to you or employees associated with your company
- other purposes which are reasonably related to the purposes above.
- Personal Data of employees is kept confidential. However to carry out the purposes listed above, Bytecrunch may share such Personal Data with its related or affiliated corporations, entities and contractors whether in Thailand or elsewhere. When doing so, we require them to ensure that the Personal Data disclosed is kept confidential and secure. Please note that technical or customer support involving access to personal data may be provided by Bytecrunch representatives located both in or outside Thailand.
- Where you or an employee associated with your company applies for or holds a product or service which is jointly offered by Bytecrunch and a co-brand partner, Bytecrunch may also collect, use and disclose Personal Data for the purpose of sharing it with the co-brand partner for offering, marketing and promoting to you any products, services, offers or events which the co-brand partner thinks may be of interest to you or that employee.
Disclosure of your Personal Data
- We may disclose Personal Data of employees associated with your company to:
- Co-branded partners of Bytecrunch and related or trusted third parties
- Our insurers
- A professional association or body that has a legitimate interest in the disclosure of that person’s Personal Data
- The Thai Social Security Fund, Revenue Department, Labour Department or any other equivalent Government body.
- Employees, officers, agents and contractors of Bytecrunch located within and outside Thailand to assist us in providing the Services
- We will otherwise treat such Personal Data as private and confidential and apart from the parties stated above, we will not disclose such data to any other party except:
- where permission has been given by the employee
- where we are required or permitted to do so by law
- where required or authorised by any court order
- where we are required to meet our obligations to any relevant regulatory authority
Storage & Security of Personal Data
- Bytecrunch takes breaches of privacy very seriously. Our employees and contractors are trained to handle the personal data securely and with utmost respect and confidentiality, failing which they may be subject to disciplinary action. Employees and contractors of Bytecrunch located in and outside Thailand are contractually obligated to keep secure any personal data they may handle.
- We store data in Microsoft Azure Singapore cloud storage facilities. For more details on data center security and audits, please visit Microsoft Data Center Security.
- We also store data on paper-based files and digital files. We take reasonable steps in the circumstances to protect the personal information we hold from misuse, interference and loss, unauthorised access, modification or disclosure. We may need to maintain records for a significant period of time. However, when we consider information is no longer needed, we will delete all details that identify the employee and/or destroy all records of such Personal Data.
- We ensure that Personal Data is managed in accordance with this Policy, with the PDPA and other similar legislation in the countries in which we operate.
Accuracy of Personal Data
- We take reasonable steps to ensure that all Personal Data is up-to-date and accurate and recognise that contact details and other data may change frequently.
- If an employee associated with your company wishes to delete their Personal Data held with us, please contact our team. Bytecrunch may retain certain information about employees where required to do so by law.
- An employee may request that we correct the Personal Data we hold about them if they deem it to be inaccurate, incomplete, out-of-date, irrelevant or misleading. We will take reasonable steps to correct the information as soon as practicable and send the corrected personal information to the respective company in accordance with the PDPA.
- If you do not agree with this Policy, please DO NOT continue to use or access our Services.
- All users of our services (company and employees) will need to agree to this policy to continue using our services.
- By disclosing or providing to us Personal Data relating to employees, the company represents and warrants that:
- the consent of those employees has been obtained for the collection, use and disclosure of the Personal Data for the purposes listed above;
- you agree with this Policy; and
- you have obtained the clear and unambiguous consent from such employees that they may be contacted by us or our affiliates in relation to marketing or other purposes.
- If an employee to which this Policy applies withdraws their consent, the company agrees to inform us in writing immediately. As a result of such withdrawal, Bytecrunch may not be in a position to continue to provide our services to you. The withdrawal may be considered a termination by you of any contractual relationship which you may have with us and a breach of your contractual obligations or undertakings, and our legal rights and remedies in such an event are expressly reserved.
- You can disable or enable cookies through your web browser settings. If you disable or block the cookies on our website, you may not be able to access the entire scope of functions ordinarily performed by our website.
- Personal Data that we collect from you through our cookies may be passed onto third party service providers (whether within or outside Thailand), for managing or improving our website and for collecting data.
Enquiries or requests
For enquiries or requests regarding Personal Data, please contact us at firstname.lastname@example.org or email@example.com. Alternatively you may telephone us on any of the contact numbers listed on our website, send us a chat message from our website or send mail to Bytecrunch Technologies, 22/40 Soi Latphrao 21 Lumpini Town Residence, Chom Phon, Chatuchak, Bangkok 10900.