Privacy Policy

Last updated on 18 January 2024

1. Preface

1.1 Objectives 


In order to ensure effective protection of personal data and to provide remedial measures for data subjects from personal data breach, the G-Able Group has established a personal data privacy policy as a guideline for personal data management appropriately as follows:

1. Knowledgeable people within the Group are required to be responsible for information security.
2. Provides the best environment, culture and support to personal information for employees.
3. All employees have a thorough understanding of their responsibilities and methods of handling personal data.
4. Person wishing to submit data access requests must be aware of the procedures and individuals so that they can be handled quickly and accurately.
5. A person must ensure that his/her information is carried out in accordance with the data security principles at all times and will not be accessed by unauthorized persons.
6. Any transfer or sharing of the Company data with other entities must comply with the requirements.
7. Any use of the new system will be assessed as a risk of damage from the collection or disclosure of personal data subject to this policy.   


1.2 Scope of enforcement


This policy establishes the scope to apply to all personal data including sensitive personal data that are obtained, processed, stored, modified, disclosed, or deleted by the Group for conducting business in the form of electronic media, document storage systems, and other media, these will include the Group’s data as well as personal data owned by third parties that are liable to the Group under contracts conveying data protection provisions. This Data Privacy Policy applies to all employees of the Group, whether permanent employees, temporary employees, apprentice, contractors, consultants, or third-party users, who may be subject to disciplinary action against those who fail to comply with the policy, including an order to suspend the collection and processing of personal data.


1.3 Definitions


1. “Data Subject” refers to natural person who is the owner of the personal data, which the Group collects, uses or discloses personal data, including, without limitation, customers, shareholders, business partners, service providers and stakeholders with the Group.

2. “Personal Data” refers to any information relating to a person which enables the identification of such Person, whether directly or indirectly, but not including the information of deceased Persons. 

3. “Sensitive Data” refers to personal information relating to race, ethnicity, political opinion, belief, religion or philosophy, sexual orientation, criminal record, health information, disability, labor union information, genetic data, biological data, or any other data which may impact the data subject in a similar manner, as stipulated in the Board’s announcements. 

4. “Data Controller” refers to person or juristic person having the authority to make decision about the collection, use, or disclosure of personal data. 

5. “Data Processor” refers to person or juristic person undertaking the collection, use or disclosure of personal data in accordance with an order or on behalf of data controller. Thus, this person or juristic person is not a data controller. 

6. “The G-Able Group” or “The Group” refers to G-Able Public Company Limited, First Logic Company Limited, Mverge Company Limited, The Communication Solution Company Limited, InsightEra Company Limited, Blendata Company Limited and Cybergenics Company Limited. 

2. Methods of Obtaining Personal Data
3. Purposes for the Collection, Use and Disclosure of Personal Data
4. The Collection of Personal Data / Format of Data
5. The Personal Data Retention Period
6. Disclosure and Transfer of Personal Data
7. Measures to maintain the security and confidentiality of personal data
8. Your Rights as a Data Subject
9. Communication
10. Contact Channels
11. Monitoring, Review and Update Policy