Get catalog

Privacy Policy for Personal Data Processing

Effective Date: December 01, 2025

1. General Provisions

This Privacy Policy establishes the procedure for collection, storage, processing, use, and protection of personal data of users visiting our website. The policy is developed in accordance with applicable data protection laws and regulations.

2. Personal Data We Collect

We may process the following categories of personal data:

  • Identification Data: Full name, date of birth, government-issued identification numbers
  • Contact Information: Email address, telephone number, physical address
  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: Website interaction data, pages visited, session duration, clickstream data
  • Communication Data: Correspondence, feedback, inquiries, and survey responses

3. Purposes of Personal Data Processing

We process your personal data for the following legitimate purposes:

  • To provide and maintain our website services and functionality
  • To communicate with you regarding service updates, security alerts, and support messages
  • To personalize your experience and deliver content relevant to your interests
  • To conduct analytics and improve website performance and user experience
  • To ensure compliance with legal obligations and regulatory requirements
  • To protect our rights and prevent fraudulent activities
  • To process transactions and provide customer support

4. Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds:

  • Consent: When you have given clear consent for specific processing activities
  • Contractual Necessity: When processing is necessary for the performance of a contract
  • Legal Obligation: When processing is required to comply with legal requirements
  • Legitimate Interests: When processing is necessary for our legitimate business interests, provided they are not overridden by your rights

5. Data Collection Methods

We collect personal data through various methods, including:

  • Direct interactions (when you fill out forms, register accounts, or contact us)
  • Automated technologies (through website analytics and tracking systems)
  • Third-party sources (from business partners and public databases)
  • Technical data collection (server logs and communication systems)

6. Data Storage and Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Specific retention periods are determined based on:

  • The nature and sensitivity of the personal data
  • The purposes for which we process it
  • Legal and regulatory requirements for data retention
  • Statutory limitation periods

7. Data Security Measures

We implement comprehensive technical and organizational security measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and vulnerability testing
  • Employee training on data protection principles
  • Physical security measures for data storage facilities
  • Incident response and breach notification procedures

8. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

  • Service Providers: Third-party vendors who process data on our behalf
  • Business Partners: Trusted partners for joint service offerings
  • Legal Authorities: When required by law or to protect our legal rights
  • Professional Advisors: Lawyers, auditors, and consultants

We ensure that all third parties respect the security of your personal data and process it in accordance with the law.

9. International Data Transfers

Your personal data may be transferred to, and processed in, countries outside of your country of residence. We implement appropriate safeguards, such as standard contractual clauses, to ensure that your personal data receives an adequate level of protection.

10. Your Data Protection Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of Access: To request copies of your personal data
  • Right to Rectification: To request correction of inaccurate or incomplete data
  • Right to Erasure: To request deletion of your personal data
  • Right to Restriction: To request limitation of processing under certain circumstances
  • Right to Data Portability: To receive your data in a structured, machine-readable format
  • Right to Object: To object to processing based on legitimate interests
  • Right to Withdraw Consent: To withdraw previously given consent at any time

11. Automated Decision-Making

We do not use fully automated decision-making processes that produce legal effects concerning you or similarly significantly affect you. If this changes in the future, we will implement suitable measures to safeguard your rights and freedoms.

12. Children's Data

Our website is not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information.

13. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes through appropriate channels and update the "Effective Date" at the top of this policy.

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us at:

Email: privacy@layaphuket.com

15. Complaints

You have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates applicable data protection laws.