top of page

Privacy Policy

A legal disclaimer - Eye of Thai

1. Introduction
Welcome to Eye of Thai (the “Company”, “we”, “us”, or “our”). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, store, and protect personal data when you use our website at https://www.eye-of-thai.com (the “Website”) and when you purchase our services or interact with us, whether based in Thailand or elsewhere.

2. Scope and Jurisdiction
We operate our business in Thailand and may collect personal data from individuals in Thailand. Therefore, this policy is designed to comply with the Thailand PDPA. According to the PDPA, organisations processing personal data of individuals in Thailand must comply, even if the organisation is outside Thailand. TrustArc+1

3. Data Controller
The data controller is:
Eye of Thai
[Insert full legal name, registration number if any, address in Thailand]
Contact email: [insert contact email]
If you have any questions about your personal data or this policy, you may contact us at the email above.

4. Personal Data We Collect
We may collect the following categories of personal data:

  • Identification information (e.g., name, date of birth)

  • Contact information (e.g., email address, telephone number, mailing address)

  • Payment or billing information (e.g., credit card details, banking information)

  • Website usage data (e.g., IP address, cookies, device information, logs)

  • Photography-service related data (e.g., images of your iris, preferences, metadata)

  • Other data you provide to us when you book a service or otherwise interact with us

We collect such data either directly from you (when you fill a form, book a shoot, upload files, contact us) or indirectly (through cookies, analytics, our service providers).

5. Purpose of Processing / Legal Basis
We process your personal data for the following purposes:

  • To provide our services (e.g., photography sessions, image delivery, design work)

  • To manage bookings, payment, customer service

  • To send you marketing communications, if you have given consent

  • To comply with legal obligations, protect our legal claims

  • To improve our Website, services, analytics, research

Under the Thailand PDPA, we rely principally on your consent and/or other lawful bases (such as performance of a contract with you). Norton Rose Fulbright+1

6. Cookies and Tracking Technologies
We use cookies and similar tracking technologies on our Website. Some cookies are strictly necessary; others are used for analytics, marketing or improving your experience. Before placing non-essential cookies, we will ask for your clear consent. (Thailand PDPA requires explicit consent for cookies/tracking). CookieFirst - Cookie Consent Management+1

7. Disclosure of Personal Data / International Transfers
We may share your personal data with:

  • Our service providers (e.g., payment processors, hosting providers, analytics vendors)

  • Affiliates or other business partners in connection with delivering our services

  • Legal or regulatory authorities when required by law

If we transfer your personal data outside Thailand, we will ensure appropriate safeguards are in place and your explicit consent is obtained (or other lawful basis), in line with PDPA requirements. Clyde & Co

8. Data Retention
We will retain your personal data only for as long as necessary to fulfil the purposes set out in this policy or as required by law. When no longer needed, we will delete or anonymise it.

9. Your Rights
Under the Thailand PDPA you have the following rights:

  • Right to be informed about how we use your data

  • Right to access your personal data held by us

  • Right to correct (rectify) your personal data if it is inaccurate or incomplete

  • Right to erase or anonymise your data (in certain circumstances)

  • Right to restrict or object to processing of your data (in certain circumstances)

  • Right to data portability (in certain circumstances)

To exercise any of these rights, please contact us at the email above. We will respond within the timeframe required by law. OneTrust+1

10. Security
We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration or destruction. Securiti

11. Minor’s Data
If you are under the age of 20 (as specified by Thai law) and wish to provide us with personal data, please ensure you obtain parental or guardian consent. BigID

12. Changes to this Privacy Policy
We may update this policy from time to time. When we do, we will post the updated version on this page and update the “Last updated” date. Your continued use of our services or website constitutes your acceptance of the updated policy.

13. Contact Information
If you have any questions, requests or complaints regarding this policy or our processing of your personal data, please contact:
Email: [insert contact email]
Address: [insert address]
We will try to respond within the required time.

Last updated: 10. November 2025

bottom of page