Privacy Policy

Brer Rabbit Legal Co. Ltd.

Introduction

Brer Rabbit Legal Co. Ltd. (“Brer Rabbit Legal”, “we”, “us”, or “our”) respects and is committed to protecting the personal data of our clients, prospective clients, business partners, vendors, and any other individuals who visit our website at www.brerrabbit.co.th (“Website”).

“Personal Data” is defined under the Personal Data Protection Act B.E. 2562 (2019) (“PDPA”) as any data relating to an individual that enables the identification of such individual, whether directly or indirectly, excluding data of deceased persons.

This Privacy Policy explains how we collect, use, disclose, transfer, and otherwise process personal data in the course of our business, in accordance with the PDPA.

We encourage you to read this Privacy Policy in its entirety.

Brer Rabbit Legal may amend, change, or update this Privacy Policy from time to time. Any updates will be posted on our Website. Where such changes materially affect your rights under the PDPA, we will comply with all applicable legal requirements prior to implementing those changes.

Part A: Personal Data Protection Policy for Clients and Website Users

1. When does this Policy apply to you?

This Policy applies to you if you are:

1. An individual client of Brer Rabbit Legal (“Individual Client”);
   b. A person associated with a corporate client, such as a director, authorized representative, shareholder, or contact person (“Associated Person”); or
   c. A prospective client who contacts us for inquiries, subscribes to our communications, attends events or seminars hosted by us, or otherwise interacts with us without having formally engaged our services (“Prospective Client”).

Individual Clients, Associated Persons, and Prospective Clients may be referred to individually or collectively as “Clients” or “you”.

2. What types of Personal Data do we collect and process?

Depending on your relationship with us, we may collect and process the following categories of Personal Data:

1. Individual Clients and Associated Persons
   This may include your full name, date of birth, nationality, residential address, personal and business email addresses, contact numbers, place of work, job title, identification document details (such as passport, national identification card, or work permit), signature, and any other personal data you voluntarily provide during the course of our communications or engagement.

In certain circumstances, we may also process “Sensitive Personal Data” under Section 26 of the PDPA, such as health data, criminal records, religious beliefs, or other sensitive information, where necessary for the provision of legal services and permitted by law.

1. Prospective Clients
   The personal data collected will depend on how you contact us and may include your name, email address, phone number, place of work, and details of your inquiry.
2. Visitors to our premises
   When you visit our office, we may collect your name, contact details, place of work, vehicle registration number, and images or video recordings captured by our CCTV systems.
3. Social media and online platforms
   If you contact us through social media platforms such as LinkedIn or Facebook, we may collect personal data that you provide through those platforms. Brer Rabbit Legal is not responsible for the privacy practices of third-party platforms, and you should review their applicable privacy policies.
4. Data minimization
   We do not intend to collect personal data that is unnecessary or irrelevant to our business operations. Where copies of Thai national identification cards are required, we encourage you to redact information relating to religion and blood type prior to submission. If such data is provided, we will take reasonable steps to redact it.
5. Family members
   In limited circumstances, we may collect personal data of your family members, including minors under 20 years of age, where required for the provision of legal services such as family law, immigration, or work permit matters.

3. Why do we collect and process your Personal Data?

We collect and process personal data based on the following lawful bases:

1. Consent

We may rely on your consent to:

• Send legal updates, newsletters, invitations to events, seminars, or marketing communications.
  You may withdraw your consent at any time by using the unsubscribe function or by contacting us directly. Withdrawal of consent does not affect prior lawful processing.

1. Contractual necessity

Where you engage us as an Individual Client, we process your personal data to:

• Enter into and perform our engagement agreement;
• Provide legal services;
• Manage billing, tax, and financial matters.

Failure to provide required personal data may prevent us from entering into or performing an engagement.

1. Legal obligation

We may process personal data to comply with applicable laws, regulations, court orders, or requests from competent authorities. Failure to provide required data may result in non-compliance with legal obligations.

1. Legitimate interests

We may process personal data for purposes including:

• Client identification, verification, and conflict checks;
• Communication and responding to inquiries;
• Managing client relationships and records;
• Organizing and improving events, seminars, and training;
• Ensuring security of our premises, systems, and personnel;
• Fraud prevention, risk management, and compliance;
• IT systems administration and security;
• Business operations and internal management.

1. Legal claims

We may process personal data, including sensitive personal data where permitted by law, for the establishment, exercise, or defense of legal claims.

4. Where do we collect your Personal Data?

We may collect personal data from:

• You directly through communications, meetings, registrations, or correspondence;
• Referring parties, business partners, or professional contacts where permitted by law;
• Publicly available sources, including official government databases and public registers.

5. To whom do we disclose your Personal Data?

We may disclose your personal data to:

• External service providers, vendors, and professional advisors supporting our operations;
• Government authorities, regulators, courts, and agencies where required by law or in connection with legal services;
• Third parties in connection with corporate restructuring or transfer of assets;
• Any other parties where disclosure is required or permitted by law.

6. Where do we transfer your Personal Data?

Your personal data may be transferred outside Thailand in connection with legal services or business operations. Where such transfers occur, we will ensure appropriate safeguards are in place in accordance with the PDPA.

7. How long do we retain your Personal Data?

We retain personal data for as long as necessary to:

• Fulfil contractual obligations;
• Provide legal services;
• Comply with legal and regulatory requirements.

Unless otherwise required by law, personal data relating to client engagements is generally retained for up to 10 years following the end of the engagement or last interaction.

8. What are your rights?

Subject to the PDPA, you have the right to:

• Access and obtain a copy of your personal data;
• Request disclosure of the source of personal data collected without consent;
• Request correction, updating, or completion of personal data;
• Request deletion, destruction, or anonymization;
• Object to processing;
• Request suspension of processing;
• Withdraw consent;
• Lodge a complaint with the Office of the Personal Data Protection Commission.

Requests are subject to legal conditions and limitations.

9. Changes to this Policy

We may update this Policy from time to time. Where changes materially affect the purposes of processing, we will notify you and obtain consent where required.

Part B: Personal Data Protection Policy for Video Surveillance

1. Scope

This Policy applies to all individuals entering Brer Rabbit Legal premises, including employees, clients, visitors, vendors, and members of the public.

2. Personal Data Collected

We operate CCTV systems that collect images and video recordings in public areas of our premises, 24 hours per day.

3. Purpose of Processing

Video surveillance is used for security, safety, and protection of our personnel, clients, and property.

4. Source of Data

Personal data is collected directly through video recordings.

5. Disclosure

Video surveillance data may be disclosed to:

• Professional advisors or service providers;
• Government authorities or courts where required by law.

6. Transfer Outside Thailand

Where applicable, transfers will be conducted in compliance with the PDPA and with appropriate safeguards.

7. Retention Period

Video surveillance data is generally retained for up to 90 days, unless required longer by law or for investigation purposes.

8. Your Rights

You have rights under the PDPA in relation to video surveillance data, subject to legal limitations.

9. Changes to this Policy

This Policy may be updated from time to time in accordance with applicable law.

10. Contact Us

If you have questions, requests, or wish to exercise your rights regarding personal data, please contact:

Brer Rabbit Legal Co. Ltd.

Address: 66 Tower, Office 1501, 2556 Sukhumvit Rd, Bang Na Nuea, Bang Na, Bangkok 10260
Phone: +66 (0) 21206634
Email: connect@brerrabbit.io