PRIVACY NOTICE FOR EVENT PARTICIPANTS

Techsauce Media Co., Ltd. (the “Company” or “we”) recognize the importance of protecting and maintaining privacy and security of those persons who attend and participate in the Techsauce Global Summit 2026 (“Event”) organized by the Company (“You”), including any activities or workshop contain in the Event. We, therefore, established this Privacy Notice for Event Participants (“Privacy Notice”) to describe how we collect, use and disclose your Personal Data and how we handle and protect such personal data to be in accordance with the Personal Data Protection Act B.E. 2562 (2019) (“PDPA”) and any applicable personal data protection laws or sub-regulations that relate to the PDPA.

We reserve the right to modify this Privacy Notice from time to time, so please review this Privacy Notice periodically to stay informed about this Privacy Notice and before you provide any of your Personal Data to the Company. Any changes to this Privacy Notice will become effective when we post the revised Privacy Notice on our website or communication channels. In case that any modification deprives your rights or privacy in relation to this Privacy Notice, the Company will provide additional notice of significant updates on the Privacy Notice and will first obtain your consent for any additional processing activities of your Personal Data that we did not explain under this Privacy Notice, except as otherwise permitted by law.

“Personal Data” means any information relating to an individual person, which enables the identification of such person, whether directly or indirectly, but not including the information of the deceased persons.

Sources of Personal Data
The Company may collect the Personal Data that receive directly from you through the following actions:

1. When you provide your information to us during the process of purchasing the Event’s ticket or provide your information for the workshop session in our Event, including uploading a facial photograph for pre-registration purposes.
2. When you register a membership with us.
3. When you request to receive news or updates about the information and promotion of our service or event in the future.
4. When you fill-in the survey about your interest and satisfaction you have with our Event.
5. When you communicate with us for more detail about the Event via our contact channels such as telephone, email or other applicable channels that you can reach us.
6. When you visit the website operated by us and submit your information to us
7. when your photograph is captured by our authorized personnel at the registration desk or other designated identity verification checkpoints for attendee identification and event security purposes. 

In addition, we may also collect your Personal Data from the other available sources that not directly from you, such as:

1. A social media platform that you publicized your Personal Data, such as Facebook.
2. Search engines or any public sources available on the internet.
3. Our business partners that you willingly provide your Personal Data.
4. Government authorities or any public sources that are available by government agencies.

Types of Collected Personal Data
The Company shall collect Personal Data within the purpose, scope, lawful and fair methods as is necessary which is stipulated in the scope of the Company’s business operation and related to the purpose of hosting and preparing the Event. The Personal Data that the Company collects shall be including but not limited to:

• Identification data: e.g., name, surname, tax identification number, and Facial Photograph.
• Contact data: e.g., mailing address, telephone number, email address.
• Occupation data: e.g., position title, position level, department, company name.
• Technical data: e.g., IP address, Cookie ID, activity log.
• Other relevant data: e.g., any information that you voluntarily submitted to us that contained information that considered to be personal data such as testimonial, feedback, comments, information appeared on any submitted documents related to booking and attending the Event or any information that you provided while participating in the workshop session, etc.

We may collect, use or disclose your Personal Data that is specially categorized as sensitive personal data under the PDPA only if by law when we have obtained explicit consent from you or where necessary for us as permissible under the PDPA or relevant law. The sensitive personal data that the Company may collect, use or disclose from you may include religion, biometric data, health and medical data (vaccination status), and any data which may affect you in the same manner as prescribed by the Personal Data Protection Committee of the PDPA. The sensitive personal data collected by us will only be used for the purpose related to the preparation of the Event.

Facial Photograph Processing Restrictions: Please note that the collection of facial photographs is solely for the purpose of a manual, visual verification check by our staff at the entry gates. The Company does extract, generate, store, or process any biometric templates, faceprints, or biometric identifiers. The Company does not use facial photographs for automated facial recognition, behavioral analysis, profiling, emotion detection, attendance scoring, marketing analytics, or any automated decision-making process. 

If you fail to provide us with your personal data which is necessary for us to use for the Event preparation or reserve your seat for the workshop session in the Event (if any), such as your name-surname, tax identification numbers, or a facial photograph for checkpoint verification, we may not be able to allow you to attend the Event or we may not be able to contact you to provide more information about our services that you discussed with us at the event(s).

Purposes of Processing Personal Data
The processing of your Personal Data as indicated in this Privacy Notice is for the following purposes:

• To register and verify the identity of the participant that is allowed to attend the event or participate in the workshop session.
• To verify attendee identity and maintain safety and security within the Event premises, including preventing unauthorized access, identity fraud, badge sharing, and enforcing the Event’s registration and access control policies. 

For Entry Gate Check-in (Badge Scanning & Visual Match): When you scan the QR Code on your attendee badge at the entrance checkpoints, your pre-registered facial photograph will be displayed on the screen for our on-site staff (Staff) to visually check and verify that the person entering matches the registered ticket holder, thereby preventing identity fraud or badge sharing.

• To register the membership with us, including the approval and verification process that related to the membership registration.
• To manage, plan, prepare and organize the Event such as to prepare the workshop session that suitable for your participation.
• To deliver you a ticket for attending the Event, including the issue of receipt or tax invoice regarding the purchase of the Event’s ticket.
• To provide you customer service in relation to the Event, and general administration of your attendance at the Event and workshop session.
• To conduct business planning, reporting and for any internal management purposes.
• To provide you with information about the Event for which you have registered, such as event updates, and possible changes, cancellation or similar information.
• To inform marketing activities, invitations of our activities including to offer any products and services that you may be interested in via the contact channels you provided to us.
• To ask you for your feedback or review after you participate in our Event.
• To film and photograph the Event which will be used for marketing purposes and to promote the Event on our website, social media channels and in any marketing materials.
• To improve our services, marketing, customer relationships and experiences.
• To comply with preventive measures in order to prevent the spread of contagious disease.
• To comply with any applicable law or regulatory requirements that the Company has a duty to comply with.
  
  

As we may photograph and film an event(s) which will be used to market our services and promote future events. In such case, you will be notified if we photograph or film an event(s). If you do not wish to be photographed or filmed at an event(s), please contact our staff in the Event or you can contact us directly by using the detail mentioned in Contact Information.

Legal Basis for Processing Your Personal Data
The Company will process your Personal Data where there is a legal basis to do so. In accordance with the PDPA requirements and provisions, we will lawfully process your Personal Data by relying on the following legal basis:

• It is necessary for the Company to take steps at your request prior to entering into a contract and to perform contractual obligations between you and the Company;
• It is necessary for legitimate interests of the Company or any other persons or juristic persons, except where such interests are overridden by fundamental rights of your personal data (such as utilizing visual identity checks via staff to maintain high-standard event security);
• It is necessary for the Company to comply with any applicable laws;
• When the Company obtains your consent or explicit consent where required by applicable law, such as for certain photography, videography, or promotional activities; and
• It is necessary to protect you and other participants from cross-border dangerous contagious diseases or epidemics which may be contagious or pestilent.

Storage of Personal Data
We will retain your Personal Data in document and electronic form. We store your Personal Data on our company’s server in Thailand and cloud system provided by our service provider located outside Thailand.

Advertising and Marketing
We may send certain information or newsletter for the purpose of offering an interesting offer or detail of future event that you may be interested to attend to you via your email. If you no longer wish to receive communications from us via email, you can click the “unsubscribe” link in the email or contact us via our email.

We do not use automated decision-making without human intervention, including profiling in a way that may cause significant effects on you.

Cookies
Cookies are small files that a site or its service provider transfers to your computer's hard drive through your web browser (if you allow) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.  

If you disable cookies off, some features will be disabled. It will turn off some of the features that make your site experience more efficient and some of our services will not function properly. 

If you would like to learn more about the use of cookies on website operated by us and setting such cookies, you can visit https://summit.techsauce.co/policy/ or you can find details on how to reject or delete cookies as well as general additional information about cookies that can be found at www.allaboutcookies.org.

Disclosure of Personal Data
In certain circumstances, we may disclose your Personal Data for the purposes specified under this Privacy Notice, to the following parties:

Affiliates and Group Company
We may disclose your Personal Data to our affiliate company or group company for the purposes specified under this Privacy Notice.

Service Providers
We may use service providers to assist us in any activities related to purposes specified under this Privacy Notice such as banks, payments gateway providers, ticketing system providers, marketing agencies services, courier services, and information technology services (including entrance gate screening and image display infrastructure vendors).

Law Enforcement
Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by government authorities such as the Revenue Department for tax purposes.

Business Partners
We may disclose certain Personal Data to our business partners for the purpose of organizing the Event, including for providing information that you may be interested in at the time you participate in the Event.

Business Transfer
In connection with any reorganization, restructuring, merger or acquisition, or other transfer of assets, we may transfer information, including certain your Personal Data, provided that the receiving party agrees to respect your Personal Data in a manner that is consistent with this Privacy Notice and the PDPA.

Cross-border Data Transfer
For the purpose of hosting the Event, we may required to transfer your Personal Data to the entity located outside of Thailand If we do so, we will implement security measures to ensure that your Personal Data is transferred to the destination country that provides adequate safeguard or other procedures as required by the PDPA or its sub-regulation to protect and maintain your Personal Data, and to take steps to ensure that no unauthorized or unlawful processing of your Personal Data in the destination country.

Retention period of Personal Data
The Company will retain your Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Notice. The criteria used to determine our retention periods include:

• General Personal Data: We will retain your data for as long as necessary for event administration, customer relationship management, and to comply with statutory legal, accounting, and tax obligations (typically for a period not exceeding 10 years following the end of our business relationship or event participation), unless a longer retention period is required or permitted by law.
• Facial Photograph Files: To guarantee maximum privacy and security, all facial photograph files collected and used for on-site visual identity checks will be permanently and securely erased within 30 days following the conclusion of the Techsauce Global Summit 2026. This retention period is necessary to allow the Company to investigate security incidents, ticket misuse, identity disputes, complaints, or legal claims arising from the Event before secure deletion. 

Upon the expiration of the retention period, or when the data is no longer required for its specified purpose, the Company will securely erase, destroy, or completely anonymize your Personal Data in compliance with our data disposal procedures.

Data Subject Rights
When you provide your Personal Data to us, you have the rights as a data subject under the PDPA which you can exercise your rights free of charge, under the exception of the law. 

Subject to the PDPA thereof, you may exercise any of these rights:

1. Right to withdraw consent: You have the right to withdraw given consent at any time throughout the period your Personal Data is available to us (e.g., where consent has been obtained for promotional photography or marketing communications). However, the withdrawal of consent shall not affect the processing of Personal Data you have already given consent to us legally.
2. Right to access: You have the right to access your Personal Data that is under our responsibility, to request us to make a copy of such data for you, and to request us to reveal how we obtain your Personal Data.
3. Right to data portability: You have the right to obtain your Personal Data if we organize such Personal Data in automatic machine-readable or usable format.
4. Right to objection: You have the right to object to the collection, use or disclosure of your Personal Data at any time if such doing is conducted for legitimate interests.
5. Right to erasure or be forgotten: You have the right to request us to erase, destroy or anonymize your Personal Data (including requesting early removal of your facial photograph before the 30-day auto-deletion window).
6. Right to restriction of processing: You have the right to request us to suspend processing your Personal Data during the verification period of your rectification or objection request.
7. Right to rectification: You have the right to rectify your Personal Data to be updated, complete and not misleading.
8. Right to lodge a complaint: You have the right to complain to competent authorities pursuant to relevant laws if you believe that the collection, use or disclosure of your Personal Data is violating or not in compliance with relevant laws.

You may exercise these rights as the data subject under the PDPA by contacting us or our Data Protection Officer (DPO) as mentioned below. We will notify the result of your request within 30 days upon receipt of such valid request.

Alternative Verification Method: Attendees who prefer not to have their photograph displayed on the screen at the entry checkpoints can choose to use the manual check-in process. Staff will instead verify the name on your badge against a valid physical government-issued identification (ID Card or Passport).

Data Security Measure
We recognize the importance of maintaining the security of your Personal Data. Therefore, we endeavor to protect your Personal Data by establishing security measures in accordance with the principles of confidentiality, integrity, and availability to prevent the loss, unauthorized or unlawful access, destruction, use, alteration, or disclosure including administrative safeguard, technical safeguard, physical safeguard and access controls. In addition, our staff, employees, business partners and service providers are obliged to maintain the confidentiality of your Personal Data by complying with the data security standards and policies when any of your Personal Data is being used, transmitted, transferred or processed.

Access to attendee facial photographs used for identity verification purposes is restricted solely to authorized personnel who require such access for event operation, registration, and security purposes. Such access is controlled and monitored in accordance with the Company's information security policies. 

Data Breach Notification
In case there is data breach incident occurred in our database, we will notify the Office of the Personal Data Protection Committee without delay and, where feasible, within 72 hours after having become aware of it. If the Personal Data breach is likely to result in a high risk to the rights and freedoms of you, we will also notify the detail of personal data breach and the remedial measures to you without delay through our website, SMS, email address, telephone or registered mail (if applicable).

Contact Information
If you have any questions about this Privacy Notice or would like to exercise your rights, you can contact us by using the following details:

Techsauce Media Co., Ltd.

Address: Techsauce Media Co.,Ltd. (Head Office)

101, True Digital Park, Griffin Building, Level 14 Unit, 1401 Sukhumvit Road, Bang Chak, Phra Khanong, Bangkok 10260

Email: contact@techsauce.co

Tel: 02-001-5375

Website: https://techsauce.co/

Data Protection Officer (DPO)

Email: dpo-ts@techsauce.co

Tel: 02-001-5375

This Privacy Notice was last updated and effective on May 27, 2026.

Event Registration Rules and Regulations

1. All attendees must complete identity verification before entering the event.
2. Attendees must display their event pass at all times while within the event area.
3. The Company strictly prohibits the sale, transfer, or circulation of event passes to individuals who are not registered attendees.
4. If the Company determines that the registered attendee is not the same person as the pass holder, the Company reserves the right to remove the individual from the event area, revoke their participation for the remaining event duration, and impose a fine equivalent to five times the general admission ticket price.
5. Attendees acknowledge and agree that identity verification measures may be conducted for security and access control purposes, including visual comparison of attendee photographs and verification against valid government-issued identification documents where necessary.