Privacy Notice

TLScontact International Co., Ltd., a company registered in Thailand under number 0105552133586, having its registered head office at 175 Sathorn City Tower, 12/1 F1., South Sathorn Road, Kwaeng Thungmahamek, Khet Sathorn, Bangkok Metropolis, Thailand, and its worldwide companies (hereinafter “TLScontact”, “we”, “us”, “our”) is committed to protecting the privacy and security of the customers who use TLScontact websites and services (hereinafter “Customers”, “you”, “your”). The purpose of this privacy notice (hereinafter the “Privacy Notice”) is to explain how and why we use your personal data to ensure you remain informed and in control of your information.

TLScontact processes your personal data in compliance with the applicable legal requirements and in particular the Personal Data Protection Act 2019 (“PDPA”).

This Privacy Notice applies to all TLScontact services and by using our services you acknowledge having been informed that TLScontact collects, uses and discloses your personal data in accordance with this Privacy Notice.

Any questions you have in relation to this Privacy Notice or how we use your personal data should be sent to our Data Protection Officer at the following email address:

TLScontact Data Protection Officer:

Email:
dp@tlscontact.com

TOP

TLScontact is a pioneering company specialising in providing Customer relationship management. Our core business is to operate visa application centres on behalf of government authorities (“our Clients”, “Diplomatic mission”).

TLScontact is part of the Teleperformance Group, the worldwide leader in outsourced omnichannel customer experience management, providing excellent customer experience at every opportunity, serving governments and companies.

Your personal data (i.e., any information allowing to identify you directly or indirectly) is collected on the behalf of our clients (i.e., hereinafter the “Clients”) for the provision of a visa service and/or immigration service, and to perform administrative and non-judgmental tasks related to the aforementioned services (see Section 1 of this Privacy Notice). Your personal data may also be collected by TLScontact on its own behalf for the provision of specific services in general related to the aforementioned services), for its business needs and/or to ensure the security of its premises, employees and visitors (see Section 2 of this Privacy Notice).

Our Clients are data controllers within the meaning and TLScontact may either act as a data controller or a data processor depending on the nature of the services/processing concerned. When TLScontact acts as a data processor it collects and processes personal data only on behalf and under the instructions of its Clients.

TOP

1.1. How do we collect your personal data?

We obtain personal data about you when you use our services to apply for instance for a visa.

Representatives may submit personal data about you on your behalf. We will always verify and validate any individuals claiming to be your representative before accepting any information about you.

1.2. What do we collect?

We will only collect personal data required by our Clients to submit a visa application or provide a related service. The type and categories of personal data that we collect is dependent on what visa/service you are applying for.

We collect in particular as an example the following categories of personal data:

• Personal details: name, nationality, gender, details of your travel document (i.e., passport or ID), email address, telephone number, marital status, postal address, place, date of birth, photographs, etc.
• Sensitive personal data: health related information, biometric data (fingerprints, digital face image, DNA swabs) records of criminal activities, legal proceedings etc.
• Personal details of people related to you: children, parents, spouse, personal details of inviting party etc.
• Business, education: business and/or employment activities, student activities, employer/student address and contact details.
• Financial data: payment card details, bank account details, national insurance details, proof of salary, taxes etc.
• Electronic media data: Video and audio recordings.

This list may vary depending on the Client’s requirements and the services you request from us.

If you want to know exactly what personal data will be collected for your visa/immigration service, please contact the relevant Diplomatic Mission for more information.

1.3. How is your personal data used?

We will never sell your personal data or use it in any way without your direct knowledge. We will only use your personal data on behalf of our Client and according to its instructions in order to process the specific service that you require relating to the visa application.

We may use your personal data for instance to:

• Validate who you say you are;
• Book an appointment for you to one of our Visa Application Centre (VAC);
• Assist you in your visa application or other application;
• Carry out further verification procedures in relation to your visa or other application;
• Provide you with additional services that you request relating to the visa application, we may in particular use your personal data to process any added value services (AVS) that you request, relating to your visa application, for example a courier delivery service to ship your application documents to your address of choice;
• Enable you to track the progress of your application;
• Perform our obligations under our mandate from our Clients;
• Send you communications and notifications concerning the status of your chosen service.

Such data processing is based on the execution of the contract between TLScontact and its Client and on the compliance with legal obligations.

For more information regarding the purposes of the data processing we implement on behalf of our Client, please contact the relevant Diplomatic Mission.

1.4. How long we store personal data?

We keep your personal data in accordance with our legal obligations and with our Client’s instructions. Most of the time we do not maintain any personal data once the visa application process is over. We will hold your personal information on our systems only for as long as is necessary to provide the service.

For more information about how long the Client keeps your personal data, please contact the relevant Diplomatic Mission.

1.5. Who has access to your personal data?

TLScontact and Teleperformance group of companies

We may share your personal data with companies belonging to TLScontact or to Teleperformance group where it is necessary to process your requests and to provide you with the relevant services.

Government Authorities and Diplomatic Missions

When applying for a visa or other related service, your personal data will be sent to our Client, i.e., the foreign Diplomatic Mission that represents the country you are applying to and that acts as the data controller. This Diplomatic Mission may share your personal data with for example an applicable governmental, regulatory, or enforcement authority for the prevention of crime or terrorism. We cannot control or direct how your personal data is used after transferring it to the relevant Diplomatic Mission since it acts as the data controller. We strongly recommend you read their privacy notices too (including the information provided in the visa application forms).

Third parties for legal reasons

We may share personal data with third parties to comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities, which may include such authorities outside your country of residence.

Third party service providers working on our behalf

We may pass your personal data to our third-party service providers, subcontractors and other associated organizations for the purposes of completing tasks and providing services to you on our behalf. We will only disclose personal data that is necessary to deliver the services concerned.

The third parties that provide us with support in the services that we offer you are the following:

• technological service providers to enable processing your application;
• providers and partners of services related to logistic, transport and delivery, and/or their partner establishments.

Before sharing any personal data we make sure that all service providers are contractually obliged to and can prove that your personal data:

• Will be kept secure and confidential;
• Is stored for only as long as required to process service;
• Will never be used for anything other than to process the requested service;
• Will never be used for any marketing purpose by the third party except to the extent you consent upon this.

Other Third parties

In order to monitor our service provision, to prevent human trafficking and to protect vulnerable people, our Government Clients may request access to real-time footage of the activity in our Visa Application Centres.

1.6. Overseas transfer of your personal data

Due to the nature of our business, your personal data may be transferred beyond the borders of your Country. By applying for a visa or other related service your personal information will be transferred to the country or with the Government Authority you are applying to. We will never transfer your personal data in an unsafe or unsecure way.

If we transfer your personal data to other countries in which applicable laws do not offer the same level of data privacy and protection, we take measures to provide an appropriate level of data privacy and protection by using our Binding Corporate rules or by entering into Standard Contractual Clauses approved by the European Commission with the data importers.

Through the implementation of our Binding Corporate Rules you can rest assured that your personal data is protected when transferred internationally within Teleperformance Group.

TOP

2.1. How do we collect your personal data?

We obtain personal data about you when you use our services in relation to your visa application, when you come to our Visa Application Centre (VAC) as a visitor and/or when you use some of our additional services.

2.2. What do we collect?

We will use, store or otherwise process any of your personal data in accordance with the terms of this Privacy Notice, including but not limited to:

• Personal details: name, email address, telephone number, postal address, etc.
• Financial data: payment details.
• CCTV images for general surveillance.

When we collect personal data through forms, including but not limited to electronic forms, we will indicate the mandatory fields via asterisks. Failure to provide the data marked with an asterisk could prevent you from accessing a service of ours.

2.3. How is your personal data used?

We will never sell your personal data or use it in any way without your direct knowledge.

We may use your personal data for example to:

• Provide you with some additional services that you request, which are provided by TLScontact for its own account or for the account of certain TLScontact trusted partners (i.e., service directly linked or not to the visa application) and process your payments;
• Ensure the security of TLScontact’s employees, visitors, customers and premises;
• Answer your inquiries and/or resolve any dispute relating to TLScontact services;
• Request your feedback on our services in order to allow us to improve the quality of our services. You can withdraw your consent to receive any question regarding the quality of our services at any time by contacting us on-line through the Feedback and Complaints page such as explained further under article 3 here below or by contacting our data privacy officer at the email address indicated here above;
• Send you marketing communications (with your consent) - we will not share your personal data with third parties for marketing purposes unless you have explicitly consented. You can withdraw this consent at any time by contacting us on-line where applicable.

To process your personal data lawfully we need to rely on one or more valid legal grounds. The grounds we may rely upon are for example:

• Where we process your personal data to provide you with the services requested, to deal with your enquiries and claims relating to such services, to handle your payments, etc., the legal basis of the processing is the performance of the agreement between us and you.
• Where we process your personal data to deal with your enquiries that are not related to a specific service, to send you marketing communications, to request feedback on our services or to protect our employees, visitors and premises, the legal basis of the processing is the legitimate interests pursued by TLScontact (except where your interests or fundamental rights override these), more specifically its economic/business interest in making you personalized offers, in responding to your needs and offering you adapted services, and in ensuring its security.
• Where the processing is necessary for compliance with a legal obligation to which we are subject, the data processing is based on such legal obligation.

2.4. How long we store personal data?

We review our retention periods for personal data on a regular basis. We generally keep your personal data for as long as it is necessary for the purpose for which the personal data is processed (i.e., for the duration of the provision of the service, during your presence in our premises, for maximum 1 month regarding CCTV images and for 1 year from the last contact with you regarding marketing communications, where applicable and permitted by the local legislation). We may however be required to hold some types of personal data longer to fulfil our statutory obligations or in accordance with the applicable statute of limitations.

2.5. Who has access to your personal data?

TLScontact group or Teleperformance group of companies

We may share your personal data with companies belonging to the TLScontact group or to Teleperformance group where for instance it is necessary to process your requests, to provide you with the relevant services or to request your feedback on our services.

Third parties for legal reasons

We will share personal data with third parties:

• To comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities, which may include such authorities outside your country of residence.
• In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
• To protect our rights, users, systems, and services.

Third party service providers working on our behalf

We may pass your personal data to our third-party service providers, subcontractors and other associated organizations for the purposes of completing tasks and providing services to you on our behalf. We will only disclose personal data that is necessary to deliver the service.

The third parties that provide us with support in the services that we offer you are the following:

• technological service providers to enable processing your application;
• providers and partners of services related to logistic, transport and delivery, and/or their partner establishments.

Before sharing any personal data we make sure that all service providers are contractually obliged to and can prove that your personal data:

• Will be kept secure and confidential;
• Is stored for only as long as required to process service;
• Will never be used for anything other than to process the requested service;
• Will never be used for any marketing purpose by the third party except to the extent you consent upon this.

2.6. Overseas transfer of your personal data

Due to the nature of our business, your personal data may be transferred beyond the borders of your Country. By applying for a visa or other related service your personal information will be transferred to the country or with the Government Authority you are applying to. We will never transfer your personal data in an unsafe or unsecure way.

If we transfer your personal data to other countries in which applicable laws do not offer the same level of data privacy and protection, we take measures to provide an appropriate level of data privacy and protection.

Through the implementation of our Binding Corporate Rules you can rest assured that your personal data is protected when transferred internationally within Teleperformance group.

TOP

We want to ensure you remain in control of your personal data. Part of this is making sure you understand your rights, which are as follows:

• Information – the right to get clear and concise information about what we do with your personal data such as in this privacy notice.
• Access – the right to access your personal data, obtain a copy of your personal data we currently hold.
• Rectify – the right to have your personal data rectified.
• Erase – the right to have your data erased (however, this is not an absolute right and TLScontact may have legal or legitimate grounds for keeping such personal data).
• Restrict – the right, in some cases, to restrict processing of your personal data.
• Object – the right to object to the processing of your personal data for direct marketing, or in any other situation in compliance with local laws.
• Portability – the right to receive your personal data in a structured, commonly used and machine readable format, and the right to transmit those data to another controller. This right only applies when the processing of the personal data is based on your consent or on a contract and such processing is carried out by automated means.
• Withdraw – you may withdraw your consent, at any time, for the processing of your personal data for which you have provided consent by following the Subject Access request described in this Notice. Please note that withdrawing your consent or failing to provide personal data described in this Privacy notice will impact and may stop the processing of any services that you requested or are currently enrolled in.

To exercise your rights to your personal data, all you need to do is contact us directly or through the Feedback and Complaints page, fill in the short request form and choose the “Personal Data Request” category in the “Reason for contact” field. You can also exercise theses rights by contacting the Diplomatic Mission when such rights relate to the visa/immigration application.

All requests are free of charge.

When the request is submitted to TLScontact, we will send you a confirmation of acknowledging your request and will process or hand over your request to our Client without undue delay.

We or our Client may contact you to clarify your request, seek additional information or to verify your identity before processing.

If you feel that your right has been impacted, please contact our Data Protection Officer.

You also have the right to complain to a supervisory authority in your country.

TOP

“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

To offer you personalized services we use profiling with the information that you have provided to us, such as the age or location. We consider that we have a legitimate interest to conduct this profiling because the processing of these data is beneficial to you because it allows you to improve your user experience and access to our additional services in accordance with your characteristics.

The aforementioned Data Controllers (our Clients i.e., Diplomatic Missions) may use profiling as well.

For more information about potential use of profiling by the Client, please contact the relevant Diplomatic Mission.

TOP

Our website may contain links to other websites. We are not responsible for the content or functionality of any of those external websites.

If an external website requests personal data from you (e.g., in connection with an order for goods or services), the data you provide will not be covered by this Privacy Notice. We suggest you read the privacy notice of any website before providing any personal data.

When purchasing goods or services from any of the businesses that our site links to, you will be entering into a contract with them (agreeing to their terms and conditions) and not with TLScontact.

TOP

We will amend this Privacy notice from time to time to ensure it remains up-to-date and accurately reflects how and why we use your personal data. The current version of our Privacy notice will always be posted on our website. In case of material changes we will inform you by any appropriate means.

Privacy Notice last updated January 15, 2024

TOP