Bangkok

Privacy

Policy


This document contains the rules for collecting and using data about users of the store and service under the domain localhost, especially when placing orders for products or digital content offered in the store. The Privacy Policy is a document associated with the Terms and Conditions of the Bangkok Thai Massage & Spa salon and uses expressions defined in it.

The goal of the Bangkok Thai Massage & Spa salon is to provide you with privacy protection at a level at least equivalent to the standards set out in applicable legal regulations, especially in the Act of July 18, 2002, on the provision of electronic services, the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals about the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – “GDPR” and the Telecommunications Law of July 16, 2004. We take special care to protect your interests in the processing of personal data. We apply technical and organizational measures to ensure the protection of processed personal data appropriate to the threats and categories of data covered by protection, in particular, we secure data against unauthorized access, acquisition by an unauthorized person, processing in violation of applicable law, and change, loss, damage, or destruction.


Data Controller Identity

The controller of your personal data is BANGKOK Limited Liability Company with its registered office in Bydgoszcz, Gdańska 36 Street, 85-008 Bydgoszcz, entered into the National Court Register by the District Court Gdańsk-Północ in Gdańsk, VIII Economic Department of the National Court Register under the KRS number: 0000808012, share capital of 5,000 PLN fully paid, NIP: 588 245 35 15, REGON: 384591779.


Contact details of the data controller

You can contact the Administrator:

in writing – correspondence address: Gdańska 36 Street, 85-008 Bydgoszcz

by e-mail – at the address: iod@localhost


Purposes of data processing and Legal basis for processing

The legal basis for processing your personal data is to enable you to use the services offered in the store, including filling out the Order Form and using the Newsletter service.

The purposes of processing the data you provide in the Order Form are related to:

  1. concluding a contract for the provision of Electronic Services – Order Form service, concluding a sales contract, or concluding an agreement to provide digital content on the terms specified in the Regulations and its performance – the basis for such processing is the necessity of processing data to conclude and perform the contract – art. 6 sec. 1 lit b GDPR;
  2. contacting to fulfill any of the above contracts (in point a) – the basis for such processing is the necessity of processing data to pursue the legitimate interests of the Administrator – art. 6 sec. 1 lit f GDPR; the legitimate interest is contacted to fulfill the contract.
  3. archiving documents, statistics, and any claims settlement or defense against claims related to the performance of the contract – the basis for such processing is the necessity of processing data to pursue the legitimate interests of the Administrator – art. 6 sec. 1 lit f GDPR; the legitimate interest is archiving documents, keeping statistics, and pursuing any claims or defense against them.
  4. settling accounts, including tax settlements and accounting documentation – the basis for such processing of data is the necessity of fulfilling legal obligations incumbent on the Administrator arising from legal provisions – art. 6 sec. 1 lit. c GDPR.

The legal basis for processing by Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals about the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter: “GDPR,” in the above points is:

Ad a): the necessity of processing data to conclude and perform the contract (art. 6 sec. 1 lit b GDPR;

Ad c) and c): the necessity of processing data to pursue the legitimate interests of the Administrator – art. 6 sec. 1 lit f GDPR;

Ad d): the necessity of fulfilling legal obligations incumbent on the Administrator arising from legal provisions – art. 6 sec. 1 lit. c GDPR – point d)

In the case of processing data that you indicate when subscribing to the Newsletter – the processing purposes are related to concluding and performing the contract for the provision of Electronic Services – Newsletter, on the terms specified in the Regulations – the basis for such processing is your consent – art. 6 sec. 1 lit a GDPR.

The purpose, scope, and categories of data recipients processed by the Administrator will result from the actions taken by you each time you use the Store.


Data retention period

Your personal data will be processed for the period necessary to achieve the purposes for which the data is processed or until an objection is raised if the processing is based on the legitimate interest of the Administrator or withdrawal of consent if the processing is based on expressed consent. At the same time, the Administrator will keep personal data until the limitation period for any claims expires or until the obligation to store data arising from legal provisions expires.


Categories of recipients

Your personal data will be processed by subcontractors of the Administrator, i.e., entities whose services the Administrator uses in the performance of its obligations, e.g., employees and associates of the Administrator, IT service providers, hosting providers, entities providing advisory and legal services, and suppliers. At the same time, all your personal data will always be processed with the use of appropriate means of protection and security of personal data.

Due to the use of MailChimp system services, in the case of subscribing to the Newsletter, your data may be transferred to the United States of America (USA) in connection with their storage on US servers. The MailChimp system provider has joined the Privacy Shield program and thus guarantees an adequate level of protection of personal data required by European regulations.


Your rights

You have the right to:

  1. access your personal data and the right to request their correction, deletion, or restriction of processing;
  2. data portability;
  3. withdraw consent to the processing of personal data – to the extent that the processing of your personal data is based on consent (withdrawal of consent does not affect the legality of the processing applied based on consent before its withdrawal);
  4. object to the processing of your personal data – to the extent that the processing of your personal data is based on the legitimate interests of the Administrator;
  5. file a complaint with the supervisory authority responsible for the protection of personal data (President of the Office for Personal Data Protection), if you believe that the processing of data violates the GDPR.

To exercise your rights, please contact the Administrator.


Bangkok

Cookies


What are cookies?

Like most websites, the Store uses tracking technologies, i.e., cookies, to improve the site for the needs of its visitors.

Cookies are small text-numerical files that are saved by the IT system on your IT system (on a computer, phone, or another device from which a connection to the Store is made) during browsing the Store and allow the identification in case of reconnection to the Store from the device (e.g., computer, phone) on which they were saved


Basis for using cookies

Cookies are used with your consent. Your consent is expressed by appropriate settings of the software, in particular, the internet browser installed on the telecommunication device used by you to browse content on the Store.


Why does the administrator use cookies?

The main purpose of the Administrator using cookies is to manage the Store and improve the quality of the content it provides. Cookies are necessary for the proper display and functioning of the Store.

The Administrator may process data contained in cookies also to conduct anonymous statistics and analyses illustrating the way of using the Store and, the average duration of visits in the Store.

Cookies are not used to determine the identity of Store users.


What types of cookies are used in the Store?

The following types of cookies are used in the Store:

  1. session cookies, which are automatically deleted after closing the internet browser;
  2. persistent cookies, which are stored on the device for a specified period; storing these files is not dependent on closing the browser;
  3. own cookies, which are set by the Store;
  4. third-party cookies, set by other services, such as Google Analytics, Facebook, and Instagram.

The Store uses both its own cookies and cookies from third-party entities.


What tools does the administrator use?

The Administrator uses the Google Analytics tool provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to create statistics, analyze the functioning of the Store, and improve the quality of its use (based on a legitimate interest).


How to change cookie settings?

Most browsers accept cookies by default. You can withdraw or change the scope of your previously expressed consent to the use of cookies in the Store at any time and delete them from your browser. You can limit or disable cookies in your browser settings so that it blocks cookies or warns you before saving a cookie file on the device you are using. However, in such a case, you may not have access to some content on the Store, and in extreme cases, the correct display of the Store may be completely blocked.


Server logs

Using the Store involves sending queries to the server on which the Store is stored. Each query addressed to the server is recorded in server logs. Logs include, among others, your IP address, server date and time, information about the internet browser, and operating system you use. Server logs are recorded and stored on the server. The data stored in server logs is not associated with specific individuals using the site and is not used by me for your identification. Server logs are only auxiliary material used for administering the site, and their content is not disclosed to anyone other than persons authorized to administer the server.

The Administrator may make changes to the privacy policy, e.g., due to changes in generally applicable law or the development of the website.