Privacy Policy

1. Data controller

The data controller responsible for processing personal data on this website is:

Name: Yaowapha Saenpanya

Contact: contact form

2. Personal data we collect

We collect and process personal data only when you actively provide it to us, for example when you:

  • submit a contact or catering inquiry form

  • make a booking through our booking system

  • communicate with us via the website

Depending on the interaction, the following types of data may be collected:

  • name

  • email address

  • phone number (if provided)

  • event-related information (such as date or number of guests)

  • booking and payment-related information

  • any information you include in your message

3. Purpose of data processing

Personal data is processed for the following purposes:

  • responding to inquiries and messages

  • handling bookings and related communication

  • organizing, scheduling and delivering booked experiences or services

  • processing payments

  • fulfilling legal and contractual obligations

Personal data is not used for automated decision-making or profiling.

4. Legal basis for processing

Personal data is processed on the basis of the following legal grounds under the GDPR:

  • Consent (Article 6(1)(a)), when you submit a form

  • Performance of a contract (Article 6(1)(b)), when you make a booking

  • Legal obligations (Article 6(1)(c)), where applicable

5. Data sharing and third-party services

Personal data is not sold or rented to third parties.

For technical and operational reasons, personal data may be processed by trusted third-party service providers, including:

  • Jotform, used for handling inquiry and contact forms

  • Stripe, used for processing payments and bookings

  • Google services (such as email, calendars and spreadsheets), used for communication, scheduling and internal organization

In addition, data may be processed through automation and workflow tools used to manage inquiries and bookings efficiently.

All service providers process data in accordance with applicable data protection laws and contractual agreements.

6. Data storage and retention

Personal data is stored only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations.

When data is no longer required, it is securely deleted or anonymized.

7. Your rights

Under the General Data Protection Regulation (GDPR), you have the right to:

  • access your personal data

  • request rectification of inaccurate data

  • request erasure of your data

  • request restriction of processing

  • object to processing

  • request data portability

To exercise these rights, please contact us via the contact form available on this website.

8. Data security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse or alteration.

9. Cookies

This website uses only technically necessary cookies or similar technologies required for its basic functionality.

Further information is provided in the Cookie Policy.

10. Changes to this Privacy Policy

This Privacy Policy may be updated from time to time to reflect legal, technical or operational changes.

The version published on this website is the currently applicable version.

11. Language notice

This English version is provided for convenience.
A Spanish version is available.

Scroll to Top