For a website of the Faculty of Dentistry, Mahidol University
The Faculty of Dentistry has collected, used, and disclosed the personal information of personnel, students, service recipients, and other persons to perform various faculty tasks. Therefore, it is appropriate for the Faculty of Dentistry to set up Personal Data Protection Policy following the law on personal data protection for proper operation of the Faculty of Dentistry that ensures appropriate security of the personal data.
By virtue of Article 18 of the Mahidol University Announcement Re Personal Data Protection Policy B.E. 2563 in conjunction with section 37 of the Mahidol University Act B.E. 2550. Dean, with the approval of the Faculty of Dentistry Committee at the meeting no 12/2564 As of this date December 2, 2021, set the personal data protection policy as follows:
1. In this announcement
“Personal Information” means any information relating to a person, which enables the indication of such person, whether directly or indirectly.
“Cookies” means information stored on the user’s browser or hard drive in the user’s computer or mobile device containing the details of data and settings information to make it easier to use on the website.
“Faculty of Dentistry” means the Faculty of Dentistry, Mahidol University.
“Service user” means a government officer, employee of Mahidol University, staff (Faculty of Dentistry), budget money employees and income employees under the Faculty of Dentistry and other individuals who are not under the control of the Faculty of Dentistry.
2. Information on various fields of the Faculty of Dentistry consists of
2.1 Information of the Faculty of Dentistry, Mahidol University
2.2 Information of the Dental Hospital, the Faculty of Dentistry, Mahidol University
2.3 Information of the Maha Chakri Sirindhorn Dental Hospital
2.4 Information of the products owned by the Faculty of Dentistry, Mahidol University
2.5 Educational information of the Faculty of Dentistry, Mahidol University
2.6 Research of the Faculty of Dentistry, Mahidol University
2.7 Information on https://dt.mahidol.ac.th/
3. Purpose of collecting / using Personal Data
3.1 To proceed the activities as the service user wishes, such as dental products, dental treatments, education, etc.,
3.2 To improve website performance, create marketing plan, analyze data usage, evaluate the service, including the Faculty of Dentistry’s products and services and its affiliates.
3.3 To provide information related to the products and the services of the Faculty of Dentistry and/ or its affiliates, including related privileges or promotion of the said products or services.
3.4 To proceed according to the contracted party that the Faculty of Dentistry use the service such as location sharing of service user, in case the Faculty of Dentistry uses the location sharing service of third party.
4. Personal Data collection
4.1 The Faculty of Dentistry will collect personal data of service user which has received either directly or indirectly, which consist of;
• Personal information such as name, surname, gender, age, nationality, date of birth, marital status, address, occupation, place of work, postal code, email address, telephone number, Line account, and Facebook account.
• Information of interests such as dental products and dental services only.
• Information of decision on the selection of products and services such as dental products, dental treatments, education, etc.
• Information that specifies service user location while using the site. If
service user enable the GPS, it means that service user consent the Faculty of Dentistry to collect service user location information. However, if service user would like to conceal this information, the service user can install programs or turn GPS off on devices.
4.2 The Faculty of Dentistry collects personal data only as necessary or for the purpose of collection under the conditions set out in clause 3. which is required by law.
5. Security of Information
5.1 The Faculty of Dentistry uses Secure Socket Layer (SSL), which is a standard for securing data transmitted over the internet, including data encryption and firewall. Secured Socket Layer (SSL) is a technology accessing encrypted data to prevent sniffers while the information is being transmitted over the internet. The data encryption makes sniffers unable to understand the meaning of the information. This technology is also used for confirming the existence of the website.
5.2 The Faculty of Dentistry will regularly update and test its technology to ensure that Personal Data of service user is safe, secure, and trustworthy. The Faculty of Dentistry reserves the right to make changes to its security tools if it sees that the tool is standardized and can maintain better data security.
5.3 Personal data of service user will be collected and maintained under this policy. In case that service users email to the Faculty of Dentistry, their email contents, email address, and email threads will be stored to respond to inquiries, follow up cases, or track the interaction between service users and the Faculty of Dentistry’s officers if service user would like to know whether the request has been resolved.
5.4 In case the Faculty of Dentistry made an agreement with any third party to develop and maintain the system and the allocation of resources or services on behalf of the Faculty of Dentistry, outsourced personnel who act on behalf of the Faculty of Dentistry must agree to treat personal data as confidential.
5.5 Regarding personal data protection measures of the complainant, and in order to protect the rights of complainant and data provider who acted in good faith, the Faculty of Dentistry will conceal name, address or any information that can be identified as the complainant or data provider and keep the information confidential. Only those responsible for complaint investigation can access this information. Therefore, the person who handles the complaint investigation has a duty to keep the information and evidence of the complainant and data provider confidential, do not disclose any information to anyone who is not involved UNLESS the disclosure is authorized and required by a law.
However, the Faculty of Dentistry ensures that personal data will not be used or disclosed if service users have not given consent. UNLESS the case where it is exceptionally collected without permission by the provisions according to Personal Data Protection Act B.E. 2562 (2019) section 24 or 26 or any other laws.
6. Owner’s rights
6.1 The service users who own the data have the rights to access Personal Data provided to the Faculty of Dentistry, UNLESS it is the protection of data owner or the rights of the other person, contrary or inconsistent with the provisions of the law, court order or other cases as required by law.
6.2 Service users are able to withdraw the consent of personal data usage and disclosure any time through email: firstname.lastname@example.org. After consent withdrawal, the Faculty of Dentistry may not be able to serve the service users fully as stated on its website. However, the Faculty of Dentistry may store personal data for service monitoring or taking legal action. The Faculty of Dentistry will not use personal data of service users for any other purposes.
6.3 If the Faculty of Dentistry does not maintain confidentiality of personal data as required by law, service users are able to request the Faculty of Dentistry to destroy, remove, suspend or convert personal data into anonymous form.
7. Exception of Personal Data Confidentiality
7.1 Personal information has been disclosed to the public since the service user disclosed the information to the Faculty of Dentistry or publicly disclosed it, which is not the fault of the Faculty of Dentistry or its affiliates.
7.2 Disclosure of personal information from service users with written consent or permission by any other means.
7.3 Disclosure of personal information as necessary by-laws, orders, rules, regulations, court orders, governmental agency, or other necessities.
8. Retention of Person Data
10. In case of any problems or interpretation of the announcement, the Dean shall be the authorized person by the committee’s opinion to make a final decision.