American Express Online Recruitment Privacy Statement – Thailand
Effective Date: 1 June 2022
At American Express, we are committed to safeguarding your privacy. We want you to know how we may collect, use, share, and keep information about you and the choices that are available to you during the employee recruitment and selection process.
This Online Recruitment Privacy Statement describes how American Express Family of Companies and our Service Providers collect, use and disclose your Personal Information during the recruitment and selection process. It applies to American Express websites or other services, which link to this statement, and to all data collected throughout the recruitment and selection process. It does not apply to those websites, apps, or services that have their own online privacy statements such as the American Express website, americanexpress.com or the American Express Network website, amexnetwork.com. It does not apply to information we collect to provide products and services.
From time to time, we will change this Online Recruitment Privacy Statement. We recommend that you check the current version available here. If we make changes to this statement, we will update the “Effective Date” at the top of the page
What is in this Online Recruitment Privacy Statement?
- What information does this Online Recruitment Privacy Statement cover?
- What information do we collect online and how do we collect it?
- How do we treat the information of minors, incompetent and/or quasi-incompetent persons?
- Cookies and similar technologies
- How do we use the information we collect about you?
- How do we share your information?
- How do we handle Aggregated Information and De-identified Information?
- How do we keep and safeguard your information?
- What are your rights?
- Do you have questions about the Online Recruitment Privacy Statement, want to exercise any of your rights or want to make a complaint?
- Glossary
What information does this Online Recruitment Privacy Statement cover?
This Online Recruitment Privacy Statement describes how we (and our Service Providers) may collect, use, share, and keep information that we get about you online and offline.
The examples of the Personal Information are as follows:
Category |
Example of the Personal Information |
|---|---|
| Contact information | Full name, email address, telephone number, mobile number, address, and etc. |
| Identification and background information | Passport number, identification card number, employment details, information about your background, previous employers and educational and professional institutes, images/video/voice recordings of you and etc. |
| Financial/credit information | Card number, name specified on the card, payment transactions, credit checks with credit reference agencies, and etc. |
| Recruitment-related Information | Any information, which is specified and/or provided to American Express if you visit, use or apply on our recruitment websites or other platforms, such as social media platforms, that link to the American Express recruitment sites or receive or reply to electronic communications from us. |
| Sensitive Personal Information | Criminal record – it may be necessary for us to process your criminal record and/or sanction screening, during the recruitment and selection process. |
In this statement, we also explain how we may combine Online Information with Other Information we collect from you and others and how we then use the combined information.
Some Online Information and Other Informationis Personal Information/Sensitive Personal Information (SPI).
What information do we collect online and how do we collect it?
Generally, we collect the Personal Information you give directly to us (or to our Service Providers). For example, you have to give us your name, email, mailing address, phone number, or date of birth when you:
- register for job notifications;
- create a profile by submitting your CV/resume; or
- apply for a job.
We may also collect Other Information from you or about you during the recruitment process including but not limited to:
- during interviews (i.e. phone interview, in person interview);
- from referrals;
- as part of the background verification process; and
- publicly available source
You acknowledge that some of your Personal Information may be collected, use, disclose, and transfer without your consent in accordance with the PDPA.
Please note that if you decide to restrict and/or object to the processing of your Personal Informationor if you withdraw your job application, we will not be able to further process your application or consider you for future opportunities at American Express.
Cookies and Similar Technologies
We (and our Service Providers) also collect information through Cookies and Similar Technologies. Most Cookies and Similar Technologies will only collect De-identified Information such as how you arrive at our website or your general location. However, certain Cookies and Similar Technologies do collect Personal Information/SPI.
We (and our Service Providers) may use Cookies and Similar Technologies to collect information including but not limited to:
- the device you use to browse our websites (for example, we may collect information about the operating system or the browser version and the type of device you use to open electronic communications from us);
- the IP Address and information related to that IP Address (such as domain information, your Internet provider and general geographic location);
- browsing history on our website (such as what you search for, the pages you view, how long you stay, and how often you come back);
- how you search for our website and from which websites you came from; and
- whether you open our electronic communications and which parts you click on.
We (and our Service Providers) may also collect information made publicly available through third-party platforms and services (such as online social media platforms, professional social networking sites, job/career fairs, etc.), through online databases or directories, or that is otherwise legitimately obtained. This information may be governed by the privacy notice(s) provided by the third party at the time of collection.
You can change your cookie preferences in your Browser (for example, Chrome, Safari or Internet Explorer) or your mobile device settings to limit the ways in which cookies may be used to collect and use information about you.
How do we use the information we collect about you?
We use the Personal Information you provide to us and, possibly, Online Information or information collected by our Service Providers about you on its own or combine it with Other Information, for the following purposes and lawful basis:
Manage the operation of the business of American Express
Data Processing Activities |
Details |
|---|---|
| To enter into an agreement or establish a legal relationship between American Express and you | Your Personal Informationmay be required to be processed by American Express in order to take any step to proceed with your request to enter into an employment contract with American Express. The examples of the processing of the Personal Information are as follows:
Please note that if you choose to provide us with your e-mail address or your mobile number, we will only use these to send you e-mails and/or SMS alerts about your recruitment enquiry, job application, to request additional details about your resume/CV, and send you job alerts, where you have enrolled in this service. If we send you emails, we will collect information about your interaction with our e-mail content, such as whether you can read graphic-rich html e-mails. Relevant Personal Information
Lawful basis
|
| Manage the operation of the business of American Express | It may be necessary and legitimate for us to process your Personal Information for certain purposes. The examples of the processing of the Personal Information are as follows:
Relevant Personal Information Lawful basis
|
| Comply with the applicable laws and regulations | Your Personal Information may be required to be processed under the obligations and requirements under the laws and regulations, which are applicable to us (e.g., the PDPA, the Labor Protection Act, the Labor Relations Act) and to comply with legal orders, notices, law enforcement requests and other laws. Relevant Personal Information Lawful basis
|
| To establish, exercise, comply or defend legal claims | Your Personal Information may be processed as part of the establishment, exercising, compliance or defense of legal claims. Relevant Personal Information Lawful basis
|
How do we share your information?
We may share Personal Information/SPI with the third parties as required for the purposes specified in this Online Recruitment Privacy Statement or as permitted by law. Such third parties include but not limited to:
- regulatory authorities, courts, governmental agencies and any third party to comply with legal orders, legal or regulatory requirements, and government requests;
- our Service Providers, law enforcement and governmental agencies to detect and prevent fraud or criminal activity, and to protect the rights of anyAmerican Express Family of Companies or others;
- American Express Family of Companies; and
- our Service Providers who perform services for us and help us operate our business, including our recruitment processes.
We may transfer Personal Information/SPI to companies within the American Express Family of Companies or to our Service Providers throughout the world, for example, to search for suitable positions or to process your application. You agree to the transfer of your Personal Information outside of Thailand to jurisdictions that may not protect your Personal Information to the standards under the PDPA. In any cases, we will take appropriate steps to ensure that your Personal Information will be protected, in accordance with the PDPA.
How do we handle Aggregated Information and De-identified Information?
Aggregated Information or De-identified Information does not identify you individually; it helps us to analyze patterns among groups of people. We may share Aggregated Information or De-identified Information for the same reasons as we might share Personal Information/SPI.
How do we keep and safeguard your information?
We use organizational, administrative, technical and physical security measures to protect your your Personal Information/SPI .These measures include computer safeguards and secured files and facilities. We require Service Providers to safeguard Personal Information and only use your Personal Information for the purposes we specify.
We will keep your Personal Information only as long as we need to follow up on your request to register for job notifications, process your application or inform you about future opportunities, which is estimated at no longer than 11 years after we have collected your Personal Information, unless we are required by law or regulation or for litigation and regulatory investigations to keep it. When your Personal Information is no longer necessary for our business, legal or regulatory needs, we will take reasonable steps to securely destroy such information or permanently de-identify it.
What are your rights?
You are entitled at any time, subject to the PDPA, to:
- withdraw your consent to the collection, use or disclosure of your Personal Information, unless there is a restriction of the withdrawal of consent by law or the contract that benefits you;
- request the access to and/or obtain a copy of your Personal Information held by us about you or the disclosure of details on how your Personal Information may be collected without your consent;
- request the transfer of your Personal Information in machine readable formats to other parties;
- object to the collection, use or disclosure of your Personal Information under such circumstances as set out in the PDPA;
- request the destruction or anonymization of your Personal Information under such circumstances as set out in the PDPA;
- request the suspension of use of your Personal Information under such circumstances as set out in the PDPA;
- request that we ensure your Personal Information remains correct, up-to-date, complete and not misleading, and if we reject your request, we will in accordance with Section 39 of the PDPA make a record of your request and reasons for rejecting your request; and
- file a complaint if we, our employees, or contractors breach or violate the PDPA or other notifications issued in accordance with the PDPA.
If you do not wish for us to continue collecting, using or disclosing your Personal Information or If you want to access, update or change your Personal Information, please contact RecruitmentOperationsServicing@aexp.com.
Do you have questions about the Online Recruitment Privacy Statement, want to exercise any of your rights or want to make a complaint?
Contact Details
- American Express (Thai) Company Limited
- Data Protection Officer
Address: S.P. Building, 388 Phaholyothin Road, Samsennai, Phayathai, Bangkok 10400, Thailand.
If you have questions, wish to make a complaint or exercise your rights, you may contact Global Colleague Privacy at globalcolleagueprivacy@aexp.com for further actions with our Data Protection Officer.
Glossary
Aggregated Information — data or information relating to multiple people which has been combined or aggregated such that individuals cannot be re-identified. Aggregated Information includes information that we create or compile from various sources, including certain data from Cookies and Similar Technologies.
American Express (we, our, us) — the American Express Company as identified at the beginning of this Online Recruitment Privacy Statement.
American Express Family of Companies — any affiliate and subsidiary of, and any company owned or controlled by, the American Express Company.
Artificial Intelligence (AI) — the use of computer science programming to imitate human thought and action by analysing data and surroundings, solving or anticipating problems and learning or self-teaching to adapt to a variety of tasks.
Cookies and Similar Technologies — a cookie is a small data file that a website transfers to your computer's hard drive. We place cookies when you visit our recruitment website. We use the term Cookies and Similar Technologies in this statement to refer to all technologies that collect information in this way.
De-identified Information — data or information used in a way (for example, pseudonymised) that does not identify you to a third party. We often derive De-identified Information from Personal Information/SPI. It includes information that we may collect from Cookies and Similar Technologies.
IP Address — a number assigned to a device when connecting to the Internet.
Online Information — data or information collected on American Express websites and applications as well as on websites and applications of third parties relating to topics about our business, which may include Personal Information, Aggregated Information and De-Identified Information.
Other Information — American Express internal information (for example, previous employment history) and other online and offline information we collect from or about you.
PDPA — Thailand Personal Data Protection Act B.E. 2562 (2019).
Personal Information or Personal Identifiable Information (PII) — information that relates to an identified or identifiable natural person, such as name, address, telephone number, email address, previous employment history and other information associated with that individual such as demographic details.
Sensitive Personal Information (SPI) - includes Personal Information that also consists of information relating to your health, race, ethnic origin, sexual orientation, political opinion, cult, religious or philosophical beliefs, genetic data, biometric data, disability, trade union membership, the commission of any offences, your emergency contact details or any data that may affect you in the same manner.
Service Providers — any vendor, third party and/or company that performs business operations on our behalf, such as recruitment, printing, mailing, other communications services (email, direct mail, etc.), data processing, and servicing.