Data Protection Policy

Announcement Wattanaphaet Hospital Samui

Subject: Data Protection Policy

Watthanapat Hospital Samui “Hospital”) is committed to protecting your privacy. The following information is the method the hospital uses to protect personal information provided by service recipients to the hospital, including collection, use, and disclosure, collectively (" Processing ") , and during the visit. Visit the website or use the hospital application or request services from the hospital This Privacy Policy includes information. that can identify the service recipient, whether directly or indirectly and whether received directly from the service recipient or forwarded from a third party “information”) or “personal information”) for the personal health information of the service recipient In addition to complying with this policy The hospital will adhere to the provisions of laws, rules, announcements, orders or regulations of relevant regulatory agencies. or there will be additional amendments Hospital as the controller of personal information of service recipients Has created this privacy policy. This is considered part of the terms and conditions for providing hospital website services. Including the service recipient's service. Each time you use the said service, it is considered that the service recipient has read and agreed to accept this privacy policy. which has the following details

Collection of personal information

  1. The hospital collects personal information of service recipients. that can be identified both directly and indirectly For the benefit of service recipients in a reasonable period of time necessary to provide services. In the case where the service recipient provides information to the hospital or request services from the hospital Through the website channel applications or Any other channels of the hospital, such as making an appointment with a doctor online transactions Newsletter subscription Requesting special assistance Including offline transactions such as registering patients at hospital registration counters. or from the voluntary nature of service recipients Completing questionnaires (Survey) or correspondence via electronic mail (E-mail) or filling out/providing information to support job applications. or other communication channels between the hospital and service recipients
  2. The hospital may receive personal information about service recipients from third parties, such as affiliated businesses. Dealer or hospital service provider Government agencies

Personal information collected by the hospital

The type of personal information that hospitals collect from service recipients depends on the circumstances of collection. and the type of service that the recipient requests from the hospital The personal information of service recipients will be used to complete online or offline transactions. or the requested service has been completed. which personal information the hospital collects directly from service recipients or from third parties as follows:

  • Identification information such as name, photo, gender, date of birth passport ID card number or other personally identifiable number
  • Contact information such as address, telephone number, and email address
  • Payment information, such as billing information Credit or debit card information and bank account details
  • Service information such as doctor appointment information Personal information of relatives, needs regarding rooms, meals, and other additional services
  • Information on participation in marketing activities, such as registration information to participate in activities with the hospital.
  • Statistical information such as number of patients and website visits
  • Data from access to hospital websites such as Online Appointment System, Health Checkup, Contact Us
  • health information Reports related to physical and mental health, health care of service recipients Test results from the laboratory laboratory and diagnosis
  • Information related to the service user's drug use and drug allergies.
  • Feedback information and treatment results provided by service recipients

The hospital will not collect and use sensitive information of service recipients such as race, religious beliefs. Criminal history Except as required by regulations and laws. or with the consent of the service recipient

Use of personal information

The hospital will use personal information of service recipients. according to the following objectives

  • Providing services or delivering hospital services
  • Make an appointment with a doctor, send news, recommend hospital services.
  • Coordinating and forwarding information that will help speed up patient referrals.
  • Verifying the identity of the patient
  • Send doctor appointment reminder messages or offering help from the hospital
  • Facilitate and present a list of various benefits to service recipients
  • Marketing objectives Promotion and customer relations, such as sending information about promotions Products and services Promotional items and partner businesses
  • To be a channel for communication, answering questions or responding to complaints.
  • Customer satisfaction surveys, market research, statistical analysis Process and display results as information for improving products and services. or create new products and services for service users to receive more benefits
  • Accounting or financial purposes, such as verifying credit card payments. Billing and Verification Refunds
  • maintain security Including safety while staying in the hospital
  • For the purpose of applying for a job Being an employee or any other related purposes
  • Follow hospital rules
  • Comply with any laws, regulations, rules, or requests. from government agencies, such as complying with witness subpoenas or court order or other requests That is legal
  • Other purposes that supports the implementation of the above objectives or with the consent of the service receiver from time to time

Disclosure of personal information

          The hospital will not allocate, disclose and/or transfer data and personal information of service users or caregivers to the entity. any person or persons both in Thailand and abroad for the purpose of independent use, except

  1. The service user or caregiver has requested and given authority to the hospital or
  2. The information provided is to facilitate the successful initiation of a transaction by the user or administrator, or
  3. Information allocated to any legal entity or individual that the hospital is a contracting party For the purposes of analysis, information and/or service improvement or
  4. It is the disclosure of information as permitted by law. Disclosure of information as required by law Disclosing information according to court orders and/or disclosing information according to orders of relevant government agencies. For the benefit of investigation or trial The service provider can disclose such information legally.

Links to Third Party Websites

          Hospital website and mobile application May contain links to third party websites. If the service recipient follows these links This Privacy Policy does not apply to third-party websites. Please note that the hospital cannot accept any responsibility. to the use of the service recipient's personal information by such third parties Because it is outside of the hospital's control.

Storage of personal information and safety

          The hospital recognizes the importance of maintaining the security of personal information of service recipients. The hospital has therefore established measures to maintain the security of personal information appropriately. and in line with maintaining the confidentiality of personal information to prevent loss, access, destruction, use, alteration, or disclosure of personal information without right or against the law in accordance with the policies and guidelines for maintaining security. Hospital information technology

Rights of the owner of personal data

  1. Right to withdraw consent: The service recipient has the right to withdraw consent to the processing of personal data that the service recipient has given consent to the hospital. Throughout the period that the service recipient's personal information is with the hospital.
  2. Right of access to personal information (right of access): Service recipients have the right to access personal information of service recipients and Request the hospital to make a copy of such personal information for the service recipient. Including asking the hospital to disclose the acquisition Personal information that the service recipient has not given consent to the hospital
  3. Right to rectification of personal information: Service recipients have the right to request the hospital to correct incorrect information. or adding incomplete information
  4. Right to erasure: The service recipient has the right to request the hospital to erase the service recipient's information for certain reasons.
  5. Right to restriction of processing: The service recipient has the right to suspend the use of the service recipient's personal information for certain reasons.
  6. Right to data portability: The service recipient has the right to transfer the personal data of the service recipient that the service recipient has provided to the hospital to another data controller. or the service receiver himself for some reason
  7. Right to object to the processing of personal data (right to object): The service recipient has the right to object to the processing of the service recipient's personal data for any reason.

Service recipients can request access or request updates and corrections to their personal information. including any other rights above or rights under applicable personal data protection laws, such as requesting a copy of the service recipient's personal data or request to suspend the use or disclosure of the service recipient's personal information In the case where it is seen that the personal information of the service recipient has been used beyond the scope of the purposes of use notified above. or without consent from the service recipient The service recipient must do so in writing. Along with attaching a copy of evidence to show your identity, such as a copy of your national ID card, a copy of your passport, details of making a doctor's appointment. and contact information By sending postal mail to the following address: “Wattanapat Samui Hospital Public Company Limited 555 Village No. 1, Bophut Subdistrict, Koh Samui District. Surat Thani Province 84320” The hospital will consider and notify the results of the consideration according to the service recipient's request within 30 days from the date of receiving the said request.

Changes to Personal Data Protection Policy

The hospital will regularly review the personal data protection policy to ensure compliance with guidelines. Relevant laws and regulations. If there is a change in the personal data protection policy, the hospital will notify. Let the service recipient know by Update information on the hospital website. as soon as possible. However, if service recipients have questions, suggestions, and complaints regarding the Personal Data Protection Policy, please contact us at email.


Personal Data Protection Policy Effective from 31 May 2022