dtac has undertaken a comprehensive review of how personal data traverses through its internal processes, where it is used, and why. Throughout the data’s journey, customer consent is the starting point and one of our key privacy principles.
We believe our customers are the owners of their personal data. dtac is only a data steward. Personal data must be used solely for the purposes for which the data was collected, and any use outside of that purpose requires explicit consent from the data owner.
Personal data includes, but is not limited to, basic information, such as name, age, gender, and contact details. It can also include sensitive data on race, ethnicity, or sexual orientation. The use of this data is prohibited unless permitted by law under certain circumstances, such as when an explicit consent from the data subject has been obtained, or when it is carried out in the public interest, or in the exercise of official authority.
dtac is permitted by law to disclose customer data only under limited circumstances, including: