Privacy Policy
Last Updated: April 25th, 2026
At Phuket Meditation Co., Ltd. (“Phuket Meditation Center”, “we”, “us”), we act as the data controller for the personal data collected through this website. We respect your privacy and handle your data with care.
This policy explains what information we collect, how we use it, and how we protect it when you visit our website or get in touch with us.
We collect and process personal data when it is necessary to run our events, respond to enquiries, and stay in contact with you. Where required, we ask for your consent before processing your data.
We aim to keep things simple and transparent. If anything is unclear, you are always welcome to contact us.
This website is operated from Thailand. While we welcome visitors from around the world, we aim to follow applicable privacy standards where appropriate.
1 Information We Collect
When you fill out forms, make a booking or contact us, we may collect the following information, depending on the context:
1.1 Information You Provide
Name
Email address
Phone number
Address (street, city, region, country, ZIP code)
Birthdate (for certain services such as coaching or specific events)
Event and booking details
Messages or notes you choose to send
1.2 Payment Information
Payments are processed securely through third-party providers such as Stripe. Stripe may also set cookies necessary for secure payment processing.
We do not store your full payment details (such as credit card numbers). These are handled directly by the payment provider.
We may store basic payment-related information such as:
Payment status
Transaction reference
Booking details linked to the payment
1.3 Information Collected Automatically
When you visit our website or submit forms, certain technical data is collected automatically by our server. This may include:
IP address, country (based on IP), and timestamp of access or submission
Browser type
Device type
Operating system
Pages visited and time of access
This data is used for security, performance, and basic website functionality.
1.4 Cookies
We use a small number of cookies to ensure the website works properly and, with your consent, to understand how it is used.
These include:
Essential cookies
Analytics cookies (only with your consent)
Analytics cookies are only activated after you give your consent through the cookie banner. Some third-party services we use, such as Stripe and Google reCAPTCHA, may set cookies when they are active. You can manage your cookie preferences at any time through our cookie banner. For more information, please see our Cookie Policy.
1.5 Spam Protection
We use Google reCAPTCHA to protect our forms from spam and abuse. Google reCAPTCHA may also set cookies as part of this process.
This may involve the processing of:
IP address
Browser and interaction data
This helps us distinguish real users from automated systems.
1.6 Sensitive Information
We do not actively request sensitive personal data.
If you choose to share such information with us (for example in a message), we will treat it with care and only use it in the context of your request.
2 How We Use Data
We use your information to provide our services, communicate with you, and ensure the website runs properly and securely.
Depending on the context, we process your data based on one or more of the following:
Consent – for example, when you agree to receive emails or allow analytics cookies
Contractual necessity – when your data is needed to process a booking or payment
Legitimate interest – to operate, maintain, and improve our website and services
Legal obligations – where we are required to retain or process certain information
In practice, this means we use your data to:
respond to enquiries and communicate with you
manage bookings and event participation
process payments through our payment providers
maintain basic records of our interactions
ensure the security and stability of our website
We work with a small number of trusted third-party services to support these activities, such as payment processing and email communication. These providers only receive the data necessary to perform their function and are expected to handle it securely and only use it for their specific purpose.
2.1 Communication Purposes
We use your information to communicate with you through channels such as email, phone, or messaging apps (for example WhatsApp). This allows us to respond to enquiries, manage bookings, and provide relevant updates. We may also communicate through other platforms if you choose to contact us there.
Legal Basis for Data Processing
Depending on the context, we rely on consent (for example for newsletters), contractual necessity (for bookings), or legitimate interest (responding to enquiries and ongoing communication).
Below are the services we use for communication:
Country: United States
Purpose: Handling email communication
Data: Name, email address, and the content of your communication (including email history)
Privacy Policy: Google Security and Privacy Center
Country: United States
Purpose: Managing contact information
Data: Name, email address, phone number, and, where relevant, address and basic booking details (such as event name and dates)
Privacy Policy: Google Security and Privacy Center
Country: United States
Purpose: Communication via WhatsApp
Data: Phone number, message content, and any information you choose to share during the conversation
Privacy Policy: WhatsApp Privacy Policies
Country: United States
Purpose: Managing and sending newsletters and email communication
Data: Name, email address, IP address, subscription preferences, and interaction with emails (such as opens and clicks)
Privacy Policy: Elastic Mail Privacy Policy
Country: United States
Purpose: Email communication, contact management, newsletter administration, and internal business communication
Data: Name, email address, communication preferences, subscription status, and communication history
Note: We currently use Elastic Email for active newsletter sending, but some contact and campaign records may still be stored in Zoho Campaigns.
Privacy Policy: Zoho Privacy Policy
Country: United States
Purpose: Legacy newsletter and contact management
Data: Name, email address, subscription status, and past campaign interaction data where applicable
Note: We previously used Mailchimp for email communication. We are no longer actively using Mailchimp for current campaigns, but some contact data may remain stored there temporarily while we complete the transition and account cleanup.
Privacy Policy: Intuit Privacy Policy
Country: United States
Purpose: Communication via Instagram and Facebook
Data: Public profile information (such as name or username) and message content
Privacy Policies: Meta Privacy Policy
2.2 Payment and Booking Information
We use third-party services, such as Stripe, to process payments and manage booking information.
When you make a booking or payment, the necessary data is shared with these providers to complete the transaction and maintain relevant records.
Legal Basis for Data Processing
Contractual necessity (to process bookings and payments) and, where applicable, compliance with legal obligations. We only share the information required for these purposes.
Country: United States
Purpose: Processing payments for bookings
Data: Name, email address, phone number, address, booking details, IP address, and payment information processed by Stripe
Privacy Policy: Stripe Privacy Center
Country: United States
Purpose: Managing bookings, contact records, workflow automation, and internal administration through Zoho One, including Zoho Creator and Zoho Flow
Data: Name, contact details, booking information, payment status, communication history, and related internal records necessary to manage bookings and services
Privacy Policy: Zoho Privacy Policy
Country: United States
Purpose: Managing bookings and scheduling
Data: Name, email address, and basic booking details (such as booking reference or event information)
Privacy Policy: Google Security and Privacy Center
Country: Czech Republic
Purpose: Automating internal processes and transferring data between systems
Data: Name, contact details, booking information, and related records necessary for managing bookings
Privacy Policy: Make Privacy Notice
2.3 Analytics and Website Optimization
We use analytics services, such as Google Analytics, to understand how our website is used and improve its performance.
Analytics data may include information such as pages visited, time spent on the site, and general device information.
Legal Basis for Data Processing
Consent (analytics is only activated after you accept it via our cookie banner).
Country: United States
Purpose: Understanding website usage and improving performance
Data: Information such as pages visited, time spent on the site, and general device information
Note: Google Analytics is only activated after you provide consent via our cookie banner. We do not use Google Analytics for advertising or profiling purposes.
Privacy Policy: Google Privacy Center
2.4 Marketing and Advertising
We maintain a presence on platforms such as Instagram, Facebook, YouTube, and other content platforms to share updates and information about our activities.
When you visit these platforms or interact with our content there, your data is processed by the respective platform according to their own privacy policies.
We do not use tracking pixels or advertising technologies on our website for targeted marketing.
Legal Basis for Data Processing
Consent (where applicable through your interaction with these platforms) and legitimate interest in maintaining our online presence.
2.5 Video Services
We use YouTube to provide video content on our website.
Videos are only loaded when you actively choose to play them. Until then, no connection to YouTube is established.
When you play a video, data may be transmitted to YouTube (Google), such as your IP address and interaction with the video.
Legal Basis for Data Processing
Consent (videos are only loaded after user interaction).
Country: United States
Purpose: Displaying recent YouTube videos and providing video content
Data: When the video preview is displayed, limited technical data may be transmitted to Google/YouTube to load the video thumbnail and retrieve public video information. This may include your IP address, browser information, and the page you are visiting. When you actively load or play a video, YouTube may also process your interaction with the video.
Note: We do not load the YouTube video player automatically. Videos are shown first as preview images. The YouTube player is only loaded when you actively click on a video. We use YouTube’s privacy-enhanced embed mode where possible.
Privacy Policy: YouTube Privacy Policy
2.6 Compliance and Legal Obligations
We may use your information where necessary to comply with legal obligations and to maintain the security and integrity of our website.
This may include preventing misuse, responding to legal requests, and resolving disputes.
Legal Basis for Data Processing
Legal obligations and legitimate interest in maintaining the security and proper operation of our services.
3 Your Rights
You have the right to understand and control how your personal data is used.
Depending on your location and applicable laws, you may have the following rights:
Access – request a copy of the personal data we hold about you
Correction – ask us to correct inaccurate or incomplete data
Deletion – request that we delete your data where possible (for example when it is no longer needed)
Restriction – ask us to limit how your data is used in certain cases
Data portability – request your data in a structured format
Objection – object to certain types of data processing
Withdraw consent – withdraw your consent at any time where processing is based on consent
We will respond to requests within a reasonable time and in line with applicable laws.
Contact and Requests
If you would like to exercise any of these rights, you can contact us at: info@phuket-meditation.com
Complaints
If you believe your data is not handled correctly, you have the right to lodge a complaint with a data protection authority in your country.
4 Third-Party Services
We use a small number of trusted third-party services to operate our website and provide our services. These services may include providers such as Stripe (payments), Zoho (booking and data management), Elastic Email (email communication), Google services (analytics and spam protection), and other tools necessary to operate our website.
We only share personal data with these providers when it is necessary to:
process bookings or payments
communicate with you
operate and improve our website
ensure security and prevent abuse
These providers may process data on our behalf or act as independent data controllers, depending on the service. Some services listed in Section 2 may be used temporarily during system transitions (for example legacy email platforms). For general terms governing the use of our website, please refer to our Terms of Use.
Legal Requirements
We may disclose personal data if required to do so by law, or if necessary to:
comply with legal obligations
protect our rights or property
prevent fraud or misuse
International Data Transfers
Some of the services we use are located outside your country (for example in the United States or Europe). When data is transferred, we take reasonable steps to ensure it is handled securely and in line with applicable data protection laws.
Data Breach Notification
In the unlikely event of a data breach affecting your personal data, we will take appropriate steps to investigate and contain the issue. Where required by law, we will notify relevant authorities and affected users.
5 Security
We take the security of your personal data seriously and use appropriate measures to protect it from unauthorized access, loss, or misuse.
This includes secure connections (HTTPS), access controls, and the use of trusted service providers.
While we do our best to keep your data safe, no system can be completely secure. If you have any concerns about your data, you are welcome to contact us at any time. For a comprehensive understanding of the terms governing the use of this website, please refer to our Terms of Use.
6 How Long We Keep Your Data
We keep personal data only as long as necessary to provide our services, maintain our relationship with you, and comply with legal obligations.
6.1 Contact Requests
We retain messages and contact details for as long as needed to respond to your request and maintain communication.
6.2 Bookings and Payments
We retain booking and payment data for as long as required to provide our services and comply with legal, tax and accounting obligations.
6.3 Newsletter Subscriptions
We retain your email address until you unsubscribe. You can withdraw your consent at any time.
6.4 Analytics Data
Analytics data may be retained in aggregated or anonymized form where possible and is used to improve our website.
6.5 Legal Obligations
We may retain data where required to comply with legal obligations, resolve disputes, or enforce agreements.
If you would like your data to be deleted, you can contact us at any time, and we will handle your request in accordance with applicable laws.
7 Children’s Privacy
We do not knowingly collect personal information from children. Our website and services are not directed to individuals under the age of 13 (or the equivalent minimum age in your jurisdiction).
If we become aware that personal information has been collected from a child without appropriate consent, we will delete it promptly.
If you believe that we may have collected such information, please contact us at info@phuket-meditation.com
8 Changes to This Policy
We may update this privacy policy from time to time to reflect changes to our services, website, or legal requirements.
When we make updates, we will revise the “Last Updated” date at the top of this page. If changes are significant, we may also provide additional notice, such as on our website or by email where appropriate.
We encourage you to review this page occasionally to stay informed about how we handle your data.
By continuing to use our website after updates, you accept the revised policy.
If you have any questions, or if you would like your data to be removed, you can contact us at info@phuket-meditation.com
9 Submitting a Complaint
If you believe your personal data is not being handled correctly, you have the right to lodge a complaint with a data protection authority in your country.
For users in the European Economic Area (EEA), you can contact your local supervisory authority. A list can be found on the European Data Protection Board website.
We encourage you to contact us first at info@phuket-meditation.com, and we will do our best to address and resolve any concerns directly.
10 Governing Law
This Privacy Policy is governed by the laws of Thailand. Any disputes arising from the use of this website or this policy shall be subject to the jurisdiction of the courts of Thailand.
11 Contact Details
If you have any questions about this privacy policy or how we handle your personal data, you can contact us at:
Phuket Meditation Co., Ltd.
69/509 Moo 1, Tambon Chalong
Amphoe Mueang, Phuket 83130, Thailand
You can also visit our contact page for more ways to reach us. We welcome your feedback.