Privacy Policy

Effective Date: February 2026 | Last Updated: February 2026

1. Data Controller

Texplore Co., Ltd. ("Company", "we", "us", or "our") is the data controller responsible for your personal data.

• Company Name: Texplore Co., Ltd.
• Address: 1 Siam Cement Road, Bangsue, Bangkok 10800, Thailand
• Email: contact@texplore.co.th
• Phone: (+66) 2-586-4779
• Data Protection Officer (DPO): dpo@texplore.co.th

2. Personal Data We Collect

We may collect the following types of personal data:

2.1 Data you provide directly

• Contact information: name, email address, phone number, company name
• Communication content: messages submitted through our contact form
• Data Subject Request information: name, email, ID/passport number, request details

2.2 Data collected automatically

• Technical data: IP address, browser type and version, operating system
• Usage data: pages visited, time spent on pages, referral source
• Cookie data: as described in our Cookie Policy section below

3. Purpose of Data Collection

We collect and use your personal data for the following purposes:

Purpose	Legal Basis
Responding to inquiries and providing customer support	Legitimate interest / Consent
Improving website performance and user experience	Legitimate interest
Analyzing website traffic and usage patterns	Consent (Analytics cookies)
Sending marketing communications	Consent
Complying with legal obligations	Legal obligation
Processing Data Subject Requests	Legal obligation / Consent

4. Legal Basis for Processing

Under the Personal Data Protection Act B.E. 2562 (2019) ("PDPA"), we process your personal data based on one or more of the following legal bases:

• Consent: You have given consent for one or more specific purposes (e.g., marketing communications, analytics cookies). You may withdraw consent at any time without affecting the lawfulness of prior processing.
• Contractual Necessity: Processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract.
• Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject.
• Vital Interests: Processing is necessary to protect the vital interests of you or another person (e.g., emergency contact, disease prevention).
• Legitimate Interest: Processing is necessary for the purposes of the legitimate interests pursued by us or a third party, provided these interests are not overridden by your fundamental rights and freedoms.
• Public Interest: Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Contact form submissions: Retained for up to 2 years from the date of submission, or as required by applicable law.
• Cookie data: Retained according to each cookie's expiry period (up to 365 days).
• Marketing data: Retained until you withdraw your consent.
• Data Subject Requests: Retained for 3 years for audit and compliance purposes.

6. Data Sharing and Disclosure

We may disclose and share your personal data with the following parties for the purposes described in this notice:

• SCGC Group Companies: Our parent company and affiliates within the SCG Chemicals group, for business operations, reporting, and support.
• IT & Infrastructure Providers: Cloud hosting, server, data analytics, email, and SMS service providers who process data on our behalf under strict data processing agreements.
• Marketing & Analytics Providers: Service providers who assist with website analytics and marketing campaigns (only where you have given consent).
• Financial & Professional Services: Banks, payment processors, auditors, legal advisors, and insurance providers, as necessary for business operations.
• Government & Regulatory Authorities: When required by law, court order, subpoena, or other legal process in Thailand or other applicable jurisdictions.
• Business Transfers: In the event of a merger, acquisition, or sale of business assets, your data may be transferred to the relevant parties, subject to equivalent privacy protections.

We will require all parties receiving your personal data to take appropriate measures to protect it, process it only as necessary, and prevent unauthorized use or disclosure. We do not sell your personal data to third parties.

7. Overseas Transfer of Personal Data

We may transfer your personal data to our affiliates or service providers located in foreign countries when necessary to perform our services, fulfill contractual obligations, or comply with applicable laws. In such cases:

• We will comply with the PDPA and applicable data protection laws regarding international transfers.
• We will ensure appropriate safeguards are in place to protect your personal data, including requiring recipients to maintain adequate security measures.
• We may store data on servers or cloud infrastructure provided by third-party providers located outside Thailand. We will not allow unrelated parties to access your personal data.

8. Your Rights Under PDPA

Under the PDPA (Sections 30-36), you have the following rights regarding your personal data:

• Right of Access: Request access to your personal data and obtain a copy, or disclose the source from which we obtained your data.
• Right to Rectification: Request correction of inaccurate, incomplete, or misleading personal data.
• Right to Erasure: Request deletion or destruction of your personal data, or de-identification, when it is no longer necessary or where consent is withdrawn.
• Right to Restriction: Request restriction of processing in certain circumstances.
• Right to Data Portability: Request your personal data in a structured, commonly used, machine-readable electronic format, or request transfer to another data controller.
• Right to Object: Object to the collection, use, or disclosure of personal data based on legitimate interest or for direct marketing purposes.
• Right to Withdraw Consent: Withdraw previously given consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal).
• Right to Lodge a Complaint: Lodge a complaint with the Personal Data Protection Committee if you believe your rights have been violated.

We will consider your request, notify you of the outcome, and take action (where appropriate) within 30 days of receiving your request. To exercise any of these rights, please submit a request through our Data Subject Request form or contact our DPO at dpo@texplore.co.th.

9. Cookie Notice

Our website uses cookies and similar technologies. You can manage your cookie preferences at any time using the Cookie Settings button (the cookie icon at the bottom-left corner of our website). For full details, please read our Cookie Notice.

9.1 Types of Cookies

Category	Purpose	Can be disabled?
Strictly Necessary	Essential for the website to function properly and safely (e.g., session management, security, cookie consent preferences).	No
Analytics	Help us assess and improve website content and user experience by collecting anonymized usage information.	Yes
Functional	Remember your settings and preferences (e.g., language, region) for a more convenient experience.	Yes
Targeting	Used to profile visitors and present products, services, and advertisements relevant to your interests.	Yes

9.2 Managing Cookie Preferences

You can manage your cookie preferences by clicking the Cookie Settings icon (located at the bottom-left corner of the website) at any time. You may also configure your browser settings to refuse or delete cookies. Please note that disabling certain cookies may affect website functionality.

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Content Security Policy (CSP) headers to prevent unauthorized script execution
• Anti-spam and CAPTCHA protection on forms
• Secure hosting infrastructure (Azure Front Door with HTTPS)
• Access restriction and identity authentication controls
• Regular security assessments by our Cyber Security team

We review and update these measures periodically or when technology changes to ensure continued effectiveness.

11. Changes to This Policy

We may update this Privacy Notice from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Any changes will be posted on this page with a revised "Last Updated" date, effective immediately upon announcement. We encourage you to review this notice periodically.

For any questions or concerns about this Privacy Notice, please contact our Data Protection Officer at dpo@texplore.co.th.