Updated in February 2026

 

We, Prudential Life Assurance (Thailand) Public Company Limited (hereinafter referred to as “we”, “us”, “our” or “ours”, depending on the context) take the privacy and protection of your Personal Data (as defined below) seriously. 

So, we’ve set out the below information about our processing of your Personal Data, what rights you have, and how you can get in touch if you want to know more. For the purpose of data protection laws, the data controller of your Personal Data is Prudential Life Assurance (Thailand) Public Company Limited located at 944 Mitrtown Office Tower, 10th, 29th – 31st Floor, Rama 4 Road, Wangmai, Pathumwan, Bangkok, 10330. If you have any questions about anything in this Privacy Notice, or want to exercise any rights you may have, our contact information can be found in the section “Contact Us”.  

In order for data subjects to be confident that we process personal data responsibly and comply with the Personal Data Protection Act B.E. 2562 and relevant data protection laws (“Personal Data Protection Laws”), including any other applicable laws, we’ve set out the below information about our processing of your Personal Data, what rights you have, and how you can get in touch if you want to know more. 

When we say “Personal Data”, we mean any information relating to an individual, which enables the identification of such individual, whether directly or indirectly, as defined in the applicable data protection legislation and also as listed in Part A below. We collect Personal Data from you that is necessary for us to either conduct our business operation and management, to comply with statutory or contractual requirements or any other pertinent purposes in the course of our corporate activities and business operation. Unfortunately, if you’re unable to provide certain Personal Data which is necessary for us to perform necessary tasks or obligations to you or as required by law, we will not be able to enter into a contract with you or perform our contractual obligations. Additionally, this may affect the compliance with any laws that we or you are obligated to comply with. 

By submitting your information to us, you agree and consent to the Company, and where appropriate our respective representatives, agents, third party service providers, contractors, brokers and/or appointed Business Partners (collectively referred to as “Prudential”), collecting, using, disclosing personal data in the manner set forth in the prevailing terms of this Privacy Notice, including any future amendments. 

 

You acknowledge and agree that the Company may, from time to time, amend and update this Privacy Notice in order to ensure it is consistent with future developments, industry trends and/or any changes in legal or regulatory requirements. We encourage you to check our Privacy Notice from time to time on our website, as the version of our Privacy Notice which is displayed on our website takes precedence over all previous versions of our Privacy Notice. We will also notify you of changes in accordance with relevant legal requirements.

 

Please note that the purposes set forth in this Privacy Notice supplement but do not supersede any other consents you may have previously provided to us or which you may provide to us in the future.  

 

This Privacy Notice describes how we collect, use, and/or disclose Personal Data of our shareholders, directors, any other individuals acting on their behalf (such as, proxies of shareholders), transferees of shares and other relevant individuals with whom we interact or we collect personal data via our shareholders, directors, any other individuals acting on their behalf and whose personal data we handle in the course of our businesses operation (together, “you”, “your” or “yours”, depending on the context).

 

Please read this Privacy Notice carefully to understand why and how we collect, use and/or disclose your Personal Data.

 

 

 

Part A –Personal Data we process

  1. Personal and contact details: such as title, name, surname, maiden name, previous name, contact details (e.g. phone no., e-mail, and social media account identification), contact details history, date of birth, gender, age, nationality, citizenship, marital status, residency, family status, the number of dependents you have, signature, house registration address, contact address, working address, postal codes, vehicle information (e.g., type of vehicle used and car plate registration number), country of birth, photo, speech, and voice or video record;

  2. Government issued identification: such as national identification card, passport, household registration, tax identification and other government-issued identification (e.g. green card identification), visa, work permit, certificate of name change, information on company registration, company certificate, and company seal certificate;

  3. Financial details: such as bank account and payment information;

  4. Information relating to your shareholder status: such as share certificate, shareholding details (e.g., number of shares held, share registration number, proportion share held, and type of share held), vote cast in the shareholders' meeting, information about dividend, information about share transfer, share purchase agreement, and information about power of attorney;

  5. Information relating to your directorship: such as employment agreement details, directorship agreement, curriculum vitae, educational qualifications and certificates, employment history, declaration form, opinions, compensation, disbursement, and information about transactions carried out on behalf of us, and your directorship in other entities that declared for Conflict of Interests;

  6. Technical information: such as information required to access company systems and applications such electronic content and metadata produced by you using our systems, details such as your mobile phone location data, IP address and MAC address, browser and device information, log-in credentials, online usage, logs, Cookie ID, website visit data, and information collected through other technologies;

  7. Sensitive data: such as your religion and blood types (contained in national identification card or otherwise), criminal records, political status.

With respect to sensitive Personal Data contained on national identification cards, we do not wish to collect any sensitive Personal Data on your national identification card. However, in practice, we may inevitably receive sensitive Personal Data from your national identification card (e.g., when we make a copy or scan of your national identification card to use as a documentation for products and services application). In such case, we will secure the sensitive Personal Data that is on your national identification card. This may include removing or redacting such Personal Data as necessary by and does not violate law; and

  1. Other information as the case may be: such as information as contained in a court order, petition, and police report and any other document you directly provide to us or we obtain from other sources in connection with your role.

 

Part B - Personal Data of other persons

We may also collect Personal Data as specified in the above of other persons such as details of your family member, spouse, dependents, witness, and other person referred by you or other person in the course of directorship and shareholder.

If you provide Personal Data of others to us, you represent and warrant that you have the authority to do so by 

  1. informing such other person about this Privacy Notice;

  2. obtaining consents where applicable or rely on other legal basis necessary to permit us to use such Personal Data in accordance to this Privacy Notice; and

  3. undertaking to verify the accuracy and completeness of Personal Data provided by you and to update us of any change to the Personal Data provided.

If for any reason you are concerned as to whether you are permitted to provide us with the other person’s information, please contact us at the email address below before sending us anything. 

 

Part C - Where we get your Personal Data

We’ll collect Personal Data from the following general sources:

  1. from you directly and other communications with us;

  2. from our shareholders or director if you are a family member, proxy, person authorized to act on your behalf, associate or beneficiary; and

  3. Prudential Group companies; and

  4. from other sources such as publicly available sources, police and law enforcement agencies, government authorities, courts and other third parties.

 

Part D – Cookie Policy

Our Site uses cookies, pixel, web beacon, scripts, tags and similar technologies to distinguish you from other users of our Site. This helps us to provide you with a good experience when you use the Site and also allows us to improve our Site. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer. Cookies contain information that is stored on your computer's hard drive. When Cookies information directly or indirectly identifies an individual, whether alone or coupled with other information, we will treat such information as Personal Data under this Privacy Notice. You have the ability to accept or decline cookies by modifying the setting in your browser. If you would like to do this, please see the help menu of your browser.

If you decide not to have your personal data processed by us for advertising purposes via cookies (and similar technologies), this does not mean that we will not show you advertisements. It simply means these advertisements will not be personalized for you using first-party or third party cookies, web beacons or similar technologies.

We use the following types of cookies:

  1. Strictly necessary cookies. These are cookies that are required for the operation of our Site. They include, for example, cookies that enable you to log into our secure site;

  2. Analytical/performance cookies. These allow us to recognize and count the number of visitors to our Site and to see how visitors move around our Site when they are using it. This helps us to improve the way our Site works, for example, by ensuring that users are finding what they are looking for easily; and

  3. Functionality cookies. These are used to recognize you when you return to our Site. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

  4. Marketing cookies. These cookies are used to learn more about your interaction with content on our website to deliver relevant advertising to you. These cookies remember what you have looked at on our website and we may share this information with our Business Partners.

 

By continuing to use the Site, you accept to the use of cookies as outlined above.

 

Part E - How we use your Personal Data and why

Accuracy and protection of personal data

We will take reasonable efforts to ensure that any personal data we have about you is accurate and complete. However, this means that you must also ensure the accuracy of the personal data provided by you and update us of any changes to the personal data that you had initially provided to us in a timely fashion.

 

We will also take reasonable efforts to protect the personal data in our possession by making reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or any similar risks. 

 

We collect, use, and/or disclose your Personal Data on the legal basis of (1) contractual basis, for our initiation or fulfilment of a contractual performance with you or requested by you prior to engaging into a contractual performance with us; (2) legal obligation, for fulfilment of our legal obligations; (3) legitimate interest, for the purpose of our legitimate interests and those of third parties, proportionate to your interest and fundamental rights and freedoms to the protection of your Personal Data; (4) public interest, for the performance of task carried out in the public interest or for exercising of official authorities or duties; (5) vital interest, for the prevention or suppression of danger to a person's life, body, or health; and/or (6) consent.

We will use the Personal Data you provide to us, together with other information, for the following purposes:

  1. Identity verification: to conduct your identity verification when you become a shareholder or director in connection with corporate transactions or to fulfil your request;

  2. Business communications: to carry out business communication with you, such as, responding to inquiries or requests;

  3. Shareholders relations: to offer you shares, to register you as a shareholder, to issue a share certificate, to maintain records of shareholders, to invite you to the shareholders' meeting, to arrange and administer the shareholders' meeting including vote casting to derive a resolution, to facilitate the activities relating to proxies, to facilitate share transfers, to carry out activities relating to our shares and capital, and to deliver cheques, transfer money for dividends and meeting allowances;

  4. Directorship: to select and appoint a director, to conduct director's registration, to maintain corporate records and databases, to issue a power of attorney letter, to appoint a representative, to facilitate and  assist you to perform your director's duties and responsibilities, to monitor director’s performance and responsibilities, to conduct internal investigation in case of complaint, to take disciplinary action where necessary, to arrange for meetings, training and seminars, to carry out corporate transactions (e.g., entering into a contract with our customers, suppliers, vendors, and/or other third parties), to process director's compensations, reimbursement, and benefits, and to check and declare Conflict of Interests on directorship roles in other entities;

  5. Other internal business administration: to keep your information on record, to manage our infrastructure and business operations, to comply with our internal policies and procedures relating to IT, auditing, finance, accounting, billing and collections, business continuity and reporting, to perform our functions related to our businesses;

  6. Fraud Detection: to check your provided data against databases, to conduct due diligence, and/or any other form of background checks or risk identification on you (including checking public/private information or government law enforcement agency), to carry out other security risk checks, to prevent fraud, money laundering, financing of terrorism, and crime;

    a. These checks may also be carried out for Business Partners and its Connected Persons, fund investor, service provider, or person(s) that you provide Personal Data on. Should we ever lose contact with you, we may use these agencies to verify your address to help us get back in touch;
    b. Any transfer of your Personal Data will always be done securely.

  7. Complying with any regulatory or other legal requirements: to comply with our legal obligations, rights or duties and/or legal proceedings under the applicable laws (e.g. those in relation to insurance, anti-money laundering, financing of terrorism and sanction screening), including laws outside your country of residence, to respond to investigation requests from public and governmental authorities;

  8. Corporate transactions: to transfer your Personal Data to one or more third parties, including companies, affiliates and subsidiaries, as part of the transaction in the event of merger such as, in sale, transfer, merger, reorganization or similar event;

  9. Dispute handling: to solve disputes, to enforce our contracts, to establish, exercise or defense of legal claims and legal rights;

  10. IT Management: to manage our internal and external IT operations and communication system including IT security, IT security audit, and IT recordkeeping and to set system access authority; and

  11. Protection of our interests and emergencies: to protect the health and safety of you and others, to allow and restrict access to our premises, to safeguard IT infrastructure, office equipment and other property.

 

Part FUse of your sensitive Personal Data

We will only collect, use, or disclose sensitive Personal Data on the basis of your explicit consent, except for establishment, defense, compliance or exercise of legal claims, for satisfying legal obligations in relation to substantial public interest or where it is information that is disclosed to the public with the explicit consent from you or where otherwise as permitted by law. Where consent is required, we will separately ask for your consent via the appropriate methods.

For corporate activities and business operation, we will need to process your sensitive Personal Data as described above, to the extent that we need your explicit consent to process this category of Personal Data, we will provide details of this at the point of collection and seek your consent. 

 

Part G– Who we share your personal datawith and why

We’ll share your Personal Data with Prudential Group companies and to our Business Partners, third party service providers, and governmental authorities. We are committed to protecting your privacy by restricting the access to your Personal Data on a need-to-know basis.

We work with many external parties in order to provide you with a seamless experience. In the ordinary course of business, we may be required to disclose personal data to such external parties and these external parties may be located overseas. 

We may also make your Personal Data available to the following third parties, located both inside and outside of Thailand, who collect, use and/or disclose Personal Data for the purposes set forth under this Privacy Notice. For more information, you can visit their privacy policies to learn more about how they collect, use and/or disclose your Personal Data:

  1. Our Business Partners
    We may disclose your Personal Data to the Business Partners as defined below for the purposes as listed in Part E.

  2. Governmental Authorities and Third Parties involved in Court Action
    We may also disclose your Personal Data to governmental, regulatory or other public authorities in Thailand and overseas as applicable (including, but not limited to the Office of Insurance Commission, Department of Business Development, Revenue Department, Anti-Money Laundering Office, Securities and Exchange Commission, Legal Execution Department, National Police Bureau, National Anti - Corruption Commission, Personal Data Protection Committee and/or any other law enforcement authorities, and courts); and third-party participants in legal procedures or other third party if we believe to be necessary or appropriate to comply with our legal obligations, defend legal rights or positions of us or otherwise the rights of any third party or individuals’ personal safety, and allow us to pursue available remedies or limit our damages.

  3. Assignee of Rights and/or Obligations
    In a normal course of business, we may disclose your Personal Data to third parties as our assignee, in the event of any reorganization, merger, amalgamation, business transfer, whether in whole or in part, sale, purchase, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock or similar transaction. We take reasonable steps to ensure that such third party will comply with this Privacy Notice to respect your Personal Data.

  4. Other Third Parties
    We may share your Personal Data with our custodian, beneficiaries, and industry associations (such as Thai Life Assurance Association).

  5. Third-Party Sites
    Our website may contain links to other websites operated by third parties, which may be co-branded with our logo or trademark, even though they are not operated or maintained by us. We are not responsible for the privacy practices of such third parties that are linked to our website. Once you have left our website, we strongly encourage you to refer to the applicable Privacy Notice of the third-party website to determine how they will handle any information they collect from you.

 

Part H –International transfer of Personal Data

We may transfer your Personal data to third parties, such as Prudential Group companies, service providers, and governmental or public authorities located in other countries (including, but not limited to Republic of Singapore, Hong Kong Special Administrative Region of the People's Republic of China, Republic of India, United States of America, United Kingdom of Great Britain and Northern Ireland, Commonwealth of Australia, Federal Republic of Germany, Japan, Republic of Indonesia, Kingdom of the Netherlands, French Republic, Republic of Ireland, Federation of Malaysia) in order to carry out the purposes specified above. Where there is such a transfer, it will be done based on your consent or other bases in compliance with the applicable laws. 

To the extent we transfer your Personal Data to a country with a level of data protection standards not equivalent to Thailand, we will ensure that an adequate degree of protection is afforded to the transferred Personal Data, or the transfer is otherwise permitted in accordance with the applicable data protection law.

 

Part IWe keep your Personal Data for a set amount of time

Your Personal Data will be stored for the period necessary to allow us to fulfil, satisfy or achieve the purposes specified in Part E above except where a longer retention period is required or permitted by law or as long as you are our shareholder or director and for a period of twelve years after the end of your shareholder relationship or directorship, or longer if required by law or to satisfy the purposes specified in Part E above, or to be in line with our internal policies on data retention. However, the retention period for Personal Data will be in accordance with our internal policy and procedure. There may be specific circumstances where it is necessary for us to retain your Personal Data for longer (such as when a dispute arises).

 

 

 

Part J - Security of Personal Data

We have implemented appropriate Personal Data security measures as required by applicable law, including the Personal Data Protection Laws. This covers the collection, use, and/or disclosure of Personal Data both in document form, electronic form, and/or any other format consisting of organizational, technical, and physical measures. This is to prevent unlawful or unauthorized loss, access, use, alteration, correction or disclosure of your Personal Data.

Our protective measures include firewalls, data encryption, and access controls. However, please be aware that transmitting information over the Internet is not completely secure, and no data storage system can be guaranteed to be entirely safe. While we strive to protect your Personal Data, we cannot guarantee the security of data transmitted to our sites; any transmission is at your own risk. We encourage you to recognize the important role you play in maintaining the security and confidentiality of your Personal Data.

 

Part KMinor, Incompetent person, and quasi-incompetent person

As required by law in certain cases, we cannot collect, use, and/or disclose the Personal Data of minors, quasi-incompetent persons, and incompetent persons in absence of their parental or legal guardian consents. If you are under the age of 20, quasi-incompetent persons, or incompetent persons, please ensure that consent from your legal guardians are obtained (only when it is required). Where we learn that we have unintentionally collected Personal Data of minors,  incompetent persons, or quasi-incompetent persons without consent from their parents or their legal guardians when it is required, we will delete it immediately or process only if we can rely on other legal bases apart from consent. 

 

Part LYour Rights

Subject to the provisions of data protection law, you may have a number of rights regarding the collection, use, disclosure and/or transfer of your Personal Data, including:

  1. Right to access: you have the right to access and request a copy of your Personal Data or request disclosure of the acquisition of Personal Data without your consent (We have the right to charge a reasonable fee to complete this request where permitted by law);

  2. Right to rectify: you have the right to request that your Personal Data be rectified to be accurate, up-to-date, complete, and not misleading;

  3. Right to lodge a complaint: you can complain to a data protection authority or the competent authority where you believe our collection, use and disclosure of your Personal Data is unlawful or noncompliant with applicable data protection law where applicable. We would, however, appreciate the chance to deal with your concerns before you approach the authority, so please contact us in the first instance;

  4. Right to request for deletion: you can ask us to delete or destroy or anonymize your Personal Data if it is no longer needed for the purposes set out in this Privacy Notice or if there is no other legal basis for the processing;

  5. Right to objection: you can object to the use of your Personal Data for direct marketing (including related profiling) or other processing based on legitimate interests;

  6. Right to data portability: In some cases, you can request that we provide a copy of your Personal Data in a format  which is readable or commonly used by ways of automatic tools or equipment, and can be used or disclosed by automated means, including the right to request that Personal Data in such form be sent or transferred to another data controller by automated means and the right to obtain Personal Data sent or transferred directly to another data controller unless it cannot be done by technical conditions;

  7. Right to restrict the use of personal data: you can limit how we use your Personal Data in certain circumstances; and

  8. Right to withdraw consent: you have the right to withdraw your consents you have given for the processing of your Personal Data any time.

The withdrawal of consent will not affect the lawfulness of the collection, use and/or disclosure of your personal data and sensitive data based on your consent before it was withdrawn. If you do not provide consent or Personal Data (or withdraw) your consent, we may not be able to enter into a contract with you or perform our contractual obligations.

Your request for exercising any of the above rights may be limited by the laws. There may be certain cases where we can reasonably and lawfully decline your request, for example, due to our legal obligation or court order.  

If you want to exercise your rights, or would like an explanation about these rights, we’ve explained how you can get in touch in the “Contact Us” section.

If you do need to speak to us, the data controller of your Personal Data is Prudential Life Assurance (Thailand) Public Company Limited. We may monitor or record calls or any other communication we have with you. This might be for training, for security, or to help us check for quality.

 

Contact us

If you want to exercise your rights in Part L or if you require any other information about any other part of this notice, you can contact us in one of the following channel by writing a mail or sending an email to us per the addresses below.

 

Data Protection Officer:

Prudential Life Assurance (Thailand) Public Company Limited 
944 Mitrtown Office Tower, 10th, 29th – 31st Floor 
Rama 4 Road, Wangmai, Pathumwan, 
Bangkok, 10330

E-mail: Thanisa.Pungsupa@prudential.co.th

Terms Used

Prudential Corporation Asia means Prudential Corporation Asia Limited.

 

The Prudential Group means Prudential Plc, Prudential Holdings Limited and any other affiliates of Prudential plc. Prudential Plc is not affiliated in any manner with Prudential Financial, Inc. a company with principal place of business is in United States of America or with the Prudential Assurance Company, a subsidiary of M&G Plc, a company incorporated in United Kingdom.

 

Business Partners means our service providers, accountants, distributors, auditors, IT service and platform providers, intermediaries, reinsurers, investment managers, agents, pension trustees (and other stakeholders), scheme advisors, introducers, selected third party financial and insurance product providers, and our legal advisers.

 

Marketing Partners means our service providers, intermediaries, pension trustees (and other stakeholders), scheme advisors, introducers and selected third party financial and insurance product providers. 

 

Service Providers: e.g., service providers who provide administrative, telecommunications, computer, information technology, data processing and storage, customer satisfaction analysis, payment, printing and logistics, redemption, call center service, emergency service, support and hosting service, claim facilitation, IT service and platform service, data management service, data storage and cloud service, smart underwriting provider, advertising, marketing and market research and analysis service, or other services to us to enable us to operate our business, including other third-party vendors, suppliers and other outsourced service providers that assist us in carrying out business activities; 

 

Others: e.g., professional advisors who may have access to your Personal Data, including medical professionals, accountants, actuaries, auditors, lawyers, legal advisors, and other outside professional advisors, insurance intermediaries, reinsurers, investment managers, agents, pension trustees (and other stakeholders), scheme advisors, introducers, selected third party financial and insurance product providers, insurers, trustees, medical bill review companies, claims investigations companies, credit card companies, banks and financial institutions who administer our accounts, researchers, third party administrators, credit reference agencies, financial crime prevention agencies, debt collection agencies.