pimalai banner spa
pimalai banner spa
  • About
    • Getting Here
    • Considerate and Responsibility
    • Awards & Accolades
    • Beauty of Koh Lanta
    • Amazing Krabi
    • FAQs
    • Privacy Policy (English)
    • Privacy Policy (Thai)
      •
  • Rooms
    • Rooms and Suites
    • Villas
      •
  • Facilities
    • Restaurants and Bars
    • Spa
      •
  • Activities
    • Beach Activities
    • Island Excursions
    • Scuba Diving in Koh Lanta
    • Sports Center
    • Thai Cooking Class
    • Fitness, Yoga and Muay Thai
    • Private Beach Dinner
    • Complimentary Spa Classes
    • Mangrove Tour
    • Kids Activities
    • Self-Cycling Map
  • Promotions
  • Membership
    • Table of Benefits
    • Terms and Conditions
    • FAQs
      •
  • Events
    • Wedding of a Lifetime
    • Meetings / Corporate Outings
      •
  • Book Now
  • Contact Us
Language
Book Now

Please become a member to get a special price

Log in

Connect Via

Or
Email
Password
Keep me logged in Forgot your password?
Book Now

Pimalai
Resort & Spa

  • 4.8
    Based on
    1,179 reviews

  • TripAdvisor

    5/5

    Booking.com

    9.5/10

    Expedia

    4.9/5

Privacy Policy (English)

Updated on 31 December 2023                           


          Pimalai Resort & Spa complies to Personal Data Protection Act 2019 of Thailand, which regulates the processing of personal data related to you and grant you various rights in respect of your personal data.


Categories for Personal Date Collection
 

Personal Data such as title, first name, surname, age, occupation, date of birth, gender, nationality, marital status, photo, video, signature, CCTV footage, and record of access to various sports facilities and other facilities within the Club.

Contact Data such as address on census, current address, office address, postal code, telephone number, business phone number, mobile number, email, social media account name (e.g. Line ID, Facebook, Instagram, Whatsapp, WeChat, Telegram and time available for contacting) and other electronic means of contact.

Government-issued Personally Identifiable Data such as citizen ID number, passport number, driver’s license number, census, and other similar information.

Demographic Data such as children and their ages, amount in family members.

Financial Data such as method of payment (e.g., cash or credit), cash card/credit/debit number, PromptPay ID, bank account number and account type.

Data Collected from Guests’ Electronic Devices such as IP address, time spent on our website, cookies, search history, browsing data, chat history on webpage and other applications, browser type and version, time zone and location settings, plug-in browser version and type, operating system, and other technologies on members’ device used to access the platform.

Other Data Provided by Using our services such as personal data provided in the questionnaires, surveys, member feedback forms, and other activities.

Personally Identifiable Information from CCTV Footage and Facial Recognition Devices such as CCTV cameras within the propperty, mounted cameras, temperature reading cameras.

Health information, such as body temperature reading and record of drug dispensation from the first aid rooms.


Where We Collect Personal Data


a. Booking a room

When you book a room, we collect Personal Data, which includes:
 

- Your stay period
- Number of rooms in the reservation
- Number of people in the reservation (adults and children)
- Age of children
- The rate/special offer selected
- Any add-on packages selected
- Your full name
- Your address, including city and country
- Your e-mail address, and
- Your credit card details

Optional information includes:

- Frequent Flyer Information
- Arrival Information
- Room, Bed type and/or other preferences
- Telephone / mobile number
- Option to join the PIMALAI RESORT & SPA membership

          We use this Personal Data to handle your reservation and to establish and fulfil our contract with you. This includes verifying your identity, taking guarantee and/or payment information, and sending stay-related and/or marketing communications. 
         

We take the protection of your Personal Data very seriously and, as a result, have kept the mandatory required fields to a minimum.



b. PIMALAI RESORT & SPA membership/user account

          You can create a PIMALAI RESORT & SPA membership/user account with us to receive member discounts and special benefits. If you set up a PIMALAI RESORT & SPA membership/user account, we ask you to provide the following Personal Information:

- Your full name and email address
- Your date of birth

We use your Personal Data to send you your membership point balance, special offers exclusively for members and newletters.

          For the web user account, you can deactivate your account at any time by loggin in to your membership account and selecting “Deactivate Account” button on your profile page or by sending an e-mail request to privacy@pimalai.com. If you deactivate your account, it will be set to inactive.
 

Pimalai Resort & Spa membership program is provided by a third-party provider. You can see its privacy policy as following:
 

Data Protection

a) Both parties shall take reasonable precautions to protect the Confidential Information and the System and shall not use or disclose any such Confidential Information, including but not limited to guest stay information provided by the Customer to GHS from whatever sources, without the prior written consent of the disclosing Party of such Confidential Information.

b) All guests’ data remain the proprietary property of the Customer. GHS shall take appropriate technical and organizational measures against unauthorized or unlawful processing of the guests’ data or its accidental loss, destruction or damage. In the event that GHS receives notification of non-compliance with any data processing laws, GHS shall advise the Customer of the same and change the data processing instructions given to the Customer so as to ensure that no laws are infringed.



c. “Contact Us” functionality

You can contact us through our website by using the “Contact Us” functionality, or by telephone. When reaching out, please provide the following information:
 

- Your full name
- Your e-mail address

We will use the provided information to respond to your inquiry. 


d. Cookies

           We use cookies on our website. Cookies are small text files sent by a web server to your web browser and saved locally on your computer. The cookie allows the server to uniquely identify the browser on each page. Cookies do not cause any harm to your computer and do not contain viruses.

We use the following categories of cookies on our website:

Category 1: Strictly Necessary Cookies
           These cookies are essential to enable you to move around the website and use its features. Without these cookies, services you have asked for, such as remembering your login details or data provided for a booking, cannot be provided.

Category 2: Performance Cookies
           These cookies collect information on how people use our website. For example, we use Google Analytics cookies to help us understand how users arrive at our site, browse or use our site and highlight areas where we can improve, such as navigation, booking experience and marketing campaigns. The data stored by these cookies never shows personal details from which your individual identity can be established.

Category 3: Functionality Cookies
           These cookies remember choices you make such as the country you visit our website from, language and search parameters such as the number of guests, hotel, and time of stay. These can then be used to provide you with an experience more appropriate to your selections and to make the visits more tailored and pleasant.

           Current versions of web browsers offer enhanced user controls regarding the placement and duration of both first and third-party cookies. Search for "cookies" under your web browser's “Help” menu for more information on cookie management features available to you. You can enable or disable cookies by modifying the settings in your browser. You can also find out how to do this, and find more information on cookies at www.allaboutcookies.org. However, if you choose to disable cookies in your browser, you may be unable to complete certain activities on our websites or to correctly access certain parts of it. If you would like more information about interest-based advertising, including how to opt-out of these cookies, please visit http://youronlinechoices.eu/.


e. Google Analytics

           Our Website uses Google Analytics, which is a web analytics service provided by the third-party provider Google, Inc. (“Google”). Google Analytics is used for the purpose of evaluating your use of our Website, compiling reports on Website activity and other services relating to Website activity and internet usage. The information generated by the cookie about your use of the Website is usually transmitted to and stored by Google on servers in the United States. This transfer is covered by Google’s Privacy Shield certification and a separate data processing agreement that we have concluded with Google: https://support.google.com/analytics/answer/6004245?hl=de&ref_topic=2919631 (information on Google Analytics and data privacy).


Purposes for Collecting, Use and Disclose of Personal Data

           To contact and communicate with our guests such as coordinating, providing public relations services, promotional information, privileges, notifications, as well as to process, update and correct guests’ personal data and keep their status and profile current which includes various aspects related to service providing such as inquiries, requests, feedback, and complaints in order to provide assistance, troubleshoot technical problems, and to notify guests of the corrective action and to conduct surveys for their opinions and satisfaction with the services of Pimalai Resort and Spa for future improvement. Guests / members can unsubscribe from news at any time.

          To maintain, operate, monitor, and manage the website and platform to facilitate and assure that they are operating smoothly, effectively, and securely. To facilitate guests and members’ usage and improve the planning and content of the website and platform.

           To facilitate the overall security within Pimalai Resort and Spa's premises.

Rights of Data Subject

           Guests can request Pimalai Resort and Spa to adjust incorrect or add incomplete data and may request to withdraw data which guests have not consented to. However, the request must be in accordance with the laws of Thailand.

           Guests can request to unsubscribe from receiving news and public relations messages by notifying at privacy@pimalai.com.

        
Sharing Personal Data

Your Personal Data may be shared with:

           Our commercial partners in the event that you book an event or an activity organized by such commercial partners.

           Our third-party service providers who process your data on our behalf. Pimalai Resort & Spa’s third-party service providers, hosting providers, and providers of data analysis, IT services, and other similar services requested by Pimalai Resort & Spa to provide the Website and other business-related services to you. Any data processing on our behalf complies with the applicable laws.

           Government according to the laws. 


We will not transfer your personal data to third-party recipients unless you consent to such transfer of data or such transfer is permitted under applicable law.



What kind of security measures for the compliance with data protection?

           We strive to maintain the appropriate standards of security and we have put in place robust technical and organizational measures for the protection of your Personal Data in accordance with the current state of the art technologies, especially to protect the data against loss, falsification or access by unauthorized third persons. For the transfer of particularly sensible Personal Data via the internet, such as for example credit card details, we exclusively use encrypted transmission routes and we comply with the Payment Card Industry Data Security Standards (PCI DSS) which is a set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information. However, the transmission of information via the internet is not completely secure. So, whilst we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website. Any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to prevent unauthorized access. As far as third parties (i.e. external companies) are rendering data processing services for us, we have committed them to the compliance with our data privacy regulations. The external service providers are supervised by our Global Data Protection Manager in terms of compliance with these regulations.


Your Rights

In respect of the collection and use of your personal data, you may:

          ask us whether we process Personal Data about you, for which purposes, the categories of Personal Data concerned, to which categories of recipients the information has been disclosed, where possible, the envisaged period for which the personal data will be stored (or, if not possible, the criteria used to determine that period),

           inquire with us about the appropriate safeguards relating to the transfer to a third party,

           ask us for a copy of the Personal Data undergoing processing and ask to receive your Personal Data in a structured, commonly used and machine-readable format and to transmit those data to another controller without any hindrance from us. Via the link “My Profile”, you will be displayed all stored data relating to your person. In addition to that, you can also view your stored reservations via the link “Future booking”. We guarantee that no unauthorized persons are able to have access either to your profile or to your reservations,

           have inaccurate data rectified,

           object against the further processing and request erasure of your Personal Data,

           request that the processing of your personal data is restricted by Pimalai Resort & Spa,

           request not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.


           If you have any further questions on your personal data which has been stored with us or would like to exercise your rights please refer to our Global Data Protection Manager via email privacy@pimalai.com.


Retention and deletion of Personal Data

           Your personal data associated with Pimalai's guest profiles, encompassing details such as full names, number of guests, names of guests, date of birth of each guest, contact information, stay frequency and duration, transportation preferences, allergies, specific requests made during your stay, and any other pertinent information contributing to enhancing your current and future stays, will be securely stored in our system indefinitely, unless you explicitly request its removal. Your privacy is of utmost importance to us, and we are committed to accommodating your preferences regarding the management of your personal information.          

           We will retain your personal data that is not associated with Pimalai's guest profile such as credit card detail, only for a limited period of time needed to fulfil the purposes of processing mentioned above. After that time your personal data will be erased. If we process your personal data based on your consent, we will retain your personal data for a limited period of time needed to fulfil the purposes of processing it.

           Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data so that we can respect your request in future.

In other cases, we may retain data for an appropriate period after any relationship with you ends, to protect ourselves from legal claims, or to administer our business.


Updates

          This Privacy Policy may be updated periodically on our website. We will update the date at the top of its first page accordingly and encourage you to check for changes that we have made.


Who is the contact person for questions and/or problems relating to the data protection?

           Please contact our Global Data Protection Manager at privacy@pimalai.com


 


Reviews Summary

Reviews by sources

TripAdvisor
5.0/5
2,933 Reviews
Booking.com
9.5/10
691 Reviews
Expedia
4.9/5
488 Reviews
pimalai banner spa

99 Moo 5, Ba Kan Tiang Beach Koh Lanta, Krabi 81150, Thailand.
Telephone: +66 (0) 2320 5500 . Email: reservation@pimalai.com

Copyright © 2018, Pimalai Resort and Spa . All Rights Reserved . Pimalai Resort and Spa Terms & Conditions
powered by Global Hospitality Solutions, 2018.
X
Pimalai Resort and Spa