Privacy Policy – Business Net TH | tomorrowthailandapp.com
Privacy Policy
Effective Date: 1 January 2025 | Last Updated: 1 January 2025
This Privacy Policy describes how Business Net TH (legal name: PARRA PLUS SERVICES LLC, hereinafter referred to as "we", "us", or "our") collects, uses, discloses, and protects your personal information when you visit tomorrowthailandapp.com (the "Website") or submit information through any contact or enquiry form hosted on the Website. We are committed to protecting your privacy in accordance with the Personal Data Protection Act B.E. 2562 (2019) ("PDPA") of Thailand and any subordinate regulations issued thereunder.
Please read this policy carefully. By accessing or using our Website, or by voluntarily submitting your personal data to us, you acknowledge that you have read and understood the practices described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please discontinue use of the Website immediately.
1. Introduction and Identity of the Data Controller
Business Net TH (legal name: PARRA PLUS SERVICES LLC) is the Data Controller responsible for your personal data collected via tomorrowthailandapp.com. As a Data Controller under Thailand's Personal Data Protection Act (PDPA), we determine the purposes and means by which your personal data is processed.
Contact Details of the Data Controller:
- Company Name: Business Net TH (PARRA PLUS SERVICES LLC)
- Website: tomorrowthailandapp.com
- Email: [email protected]
- Phone: +17753148145
- Address: 6421 Santa Monica Dr, Tampa, Florida, 33615-3347, United States
If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, you are welcome to contact us using the details provided above or via the dedicated Privacy Enquiry contact described in Section 14 of this policy.
2. Scope of This Policy
This Privacy Policy applies to:
- All visitors to tomorrowthailandapp.com, regardless of their location;
- Any individual who submits personal information through a contact form, enquiry form, or any other data input mechanism on the Website;
- Any individual who communicates with us by email, phone, or other means in connection with the Website;
- Any user whose data is collected automatically through cookies or similar tracking technologies when browsing the Website.
This policy does not apply to third-party websites, services, or applications that may be linked from our Website. We encourage you to review the privacy policies of any third-party sites you visit.
3. Personal Data We Collect
We collect personal data that you voluntarily provide to us and data that is automatically collected when you interact with our Website. The categories of personal data we collect include:
3.1 Information You Provide Directly
When you submit a contact form, enquiry form, or any other form on the Website, we may collect the following information:
- Full Name: To identify you and personalise our response;
- Email Address: To send you replies, updates, or requested information;
- Phone Number: To contact you directly if required;
- Message Content: The body of your enquiry, request, or feedback, which may contain additional personal information you choose to share.
You are not obliged to provide this information; however, failure to provide certain data may prevent us from responding to your enquiry or providing the service you have requested.
3.2 Information Collected Automatically
When you access tomorrowthailandapp.com, our web server and analytics tools may automatically collect certain technical information, including:
- IP Address: Used to understand approximate geographic location and to maintain security;
- Browser Type and Version: To optimise the Website for your device;
- Operating System: For compatibility and statistical purposes;
- Referring URL: The page or source from which you arrived at our Website;
- Pages Visited and Time Spent: To understand how users interact with our content;
- Date and Time of Access: For server log and security purposes;
- Device Identifiers: Such as screen resolution and language settings.
3.3 Sensitive Personal Data
We do not intentionally collect sensitive personal data (as defined under Section 26 of the PDPA), including racial or ethnic origin, political opinions, religious or philosophical beliefs, sexual behaviour, criminal records, health data, disability information, trade union membership, genetic data, or biometric data. Please do not submit such information through any form on this Website. Should you inadvertently provide sensitive personal data, we will delete it as soon as practicable unless we are legally required to retain it.
4. How We Collect Your Personal Data
We collect your personal data through the following methods:
- Contact and Enquiry Forms: When you submit a form on the Website, the data is transmitted to our server via a secure HTTPS connection and processed by our back-end system (PHP) before being stored and/or forwarded to our designated email address;
- Email Communication: When you email us directly, the contents and metadata of those emails are retained;
- Cookies and Similar Technologies: As described in Section 6 of this Policy;
- Server Logs: Automatically generated records of Website access as described in Section 3.2.
5. How We Use Your Personal Data
We process your personal data for the following purposes, supported by the lawful bases identified under the PDPA:
- To respond to your enquiries and contact form submissions — Lawful basis: performance of a contract or pre-contractual steps at your request, and/or our legitimate interests in providing customer service;
- To operate and maintain the Website — Lawful basis: legitimate interests in keeping the Website functional, secure, and accessible;
- To improve Website content and user experience — Lawful basis: legitimate interests in enhancing our online presence;
- To comply with legal obligations — Lawful basis: compliance with applicable laws, including the PDPA and other Thai regulations;
- To detect and prevent fraud or security threats — Lawful basis: legitimate interests in protecting our systems and users;
- To send service-related communications — Lawful basis: consent (where required) or legitimate interests;
- Analytics and performance monitoring (where analytics tools are active) — Lawful basis: consent (we will request your consent via cookie notice where required).
We will not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects without your explicit consent.
6. Cookie Policy
Our Website uses cookies and similar tracking technologies to enhance your browsing experience and to gather analytical information about Website usage. Under the PDPA and in alignment with international best practices, we are committed to transparent cookie use.
6.1 What Are Cookies?
Cookies are small text files placed on your device by a website when you visit it. They allow the Website to remember your preferences and interactions over time. Cookies can be session cookies (deleted when you close your browser) or persistent cookies (remaining on your device for a defined period).
6.2 Types of Cookies We Use
- Strictly Necessary / Functional Cookies: These cookies are essential for the Website to operate correctly. They enable core functionality such as security, session management, and form submission processing. These cookies cannot be disabled without affecting core Website functions. No consent is required for strictly necessary cookies.
- Analytics Cookies (Optional): Where we use analytics tools (such as Google Analytics), these cookies help us understand how visitors interact with our Website by collecting anonymous statistical information such as page views, session duration, and traffic sources. We will request your consent before placing analytics cookies on your device.
6.3 Managing Cookies
You may control and manage cookies through your browser settings. Most modern browsers allow you to:
- View cookies stored on your device;
- Delete existing cookies;
- Block all or specific types of cookies.
Please note that disabling certain cookies may affect the functionality of our Website. For further information on managing cookies, please refer to your browser's help documentation or visit www.allaboutcookies.org.
7. Third-Party Services and External Resources
Our Website may incorporate third-party services and content delivery networks. These third parties may collect data independently of us. We encourage you to review their respective privacy policies.
7.1 Google Fonts
Our Website may load fonts from Google Fonts, a service provided by Google LLC (or Google Ireland Limited for EEA users). When your browser loads a page that uses Google Fonts, a request is made to Google's servers, which may result in your IP address being transmitted to and recorded by Google. Google's use of this data is governed by its own Privacy Policy.
7.2 Tailwind CSS CDN
Our Website may load stylesheets from a Tailwind CSS Content Delivery Network (CDN). When such resources are fetched, your browser's IP address may be logged by the CDN provider's servers. We use this solely for delivering consistent website styling.
7.3 Email Service Providers
Form submissions from our Website may be forwarded to our designated email inbox via a third-party email delivery service or standard SMTP server. Submitted data (name, email, phone, message) may transit through these services in encrypted form.
7.4 Web Hosting Provider
Our Website is hosted on a third-party web hosting provider whose servers may store data submitted through our Website. This provider acts as a Data Processor on our behalf and is contractually required to handle your data in compliance with applicable data protection laws.
We do not sell, rent, or trade your personal data to any third party for their own marketing purposes.
8. International Data Transfers
As our operations involve third-party services (such as Google Fonts CDN, web hosting providers, and email services) that may be located outside of Thailand, your personal data may be transferred to, stored, or processed in countries outside Thailand, including countries within the United States, the European Union, or other jurisdictions.
Where personal data is transferred outside Thailand, we ensure that:
- The recipient country has been assessed as providing an adequate level of personal data protection; or
- Appropriate safeguards are in place, such as standard contractual clauses, binding corporate rules, or equivalent mechanisms recognised under the PDPA; or
- The transfer is necessary for the performance of a contract between you and us, or for the implementation of pre-contractual measures taken at your request; or
- Your explicit consent has been obtained.
We take all reasonable steps to ensure that your personal data transferred internationally receives the same level of protection as it would under Thai law.
9. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Our specific retention periods are as follows:
- Contact Form Submissions (name, email, phone, message): Retained for a maximum of 24 months from the date of submission, unless a longer retention period is required to handle ongoing correspondence, disputes, or legal obligations;
- Server Log Files (IP address, access timestamps, browser data): Retained for a maximum of 12 months for security and operational purposes;
- Analytics Data (if applicable): Retained in accordance with the settings and policies of the analytics service provider (e.g., Google Analytics default retention period), subject to your consent preferences;
- Email Correspondence: Retained for as long as reasonably necessary for business purposes, generally no longer than 3 years.
Upon expiration of the applicable retention period, we will securely delete or anonymise your personal data so that it can no longer be associated with you. Where deletion is not immediately possible (e.g., data stored in backup archives), we will isolate it from further processing until deletion is feasible.
10. Data Security Measures
We take the security of your personal data seriously. We have implemented appropriate technical and organisational measures to protect your personal data from unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures include:
- SSL/TLS Encryption: All data transmitted between your browser and our Website is encrypted using Secure Sockets Layer (SSL) / Transport Layer Security (TLS) technology, as indicated by the padlock icon and "https://" prefix in your browser's address bar;
- Access Controls: Access to personal data is restricted to authorised personnel only, on a need-to-know basis;
- Secure Server Environment: Our hosting environment is maintained with up-to-date security patches, firewalls, and intrusion detection systems;
- Password Protection: Administrative access to systems containing personal data is protected by strong, regularly updated passwords;
- Regular Security Reviews: We periodically review our security practices and update them in response to evolving threats.
Despite our best efforts, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to notifying you and the relevant Thai authorities in the event of a data breach that is likely to result in a risk to your rights and freedoms, as required under the PDPA.
In the event of a personal data breach, we will notify the Office of the Personal Data Protection Committee (PDPC) of Thailand within 72 hours of becoming aware of the breach, where feasible. Where the breach is likely to result in high risk to your rights and freedoms, we will also notify you without undue delay.
11. Your Rights as a Data Subject Under Thai Law (PDPA)
Under Thailand's Personal Data Protection Act B.E. 2562 (2019), you have the following rights with respect to your personal data:
- Right to be Informed (Section 23): You have the right to be informed about the collection and use of your personal data at the time it is collected. This Privacy Policy serves as our primary means of fulfilling this obligation.
- Right of Access (Section 30): You have the right to request access to the personal data we hold about you and to receive a copy of it.
- Right to Rectification (Section 35): You have the right to request that inaccurate, incomplete, or misleading personal data be corrected or updated without undue delay.
- Right to Erasure / Right to be Forgotten (Section 33): You have the right to request the deletion or destruction of your personal data where: it is no longer necessary for the purposes for which it was collected; you withdraw your consent and there is no other legal basis for processing; the data has been unlawfully processed; or deletion is required to comply with legal obligations.
- Right to Restriction of Processing (Section 34): You have the right to request that we restrict the processing of your personal data in certain circumstances, such as while we verify the accuracy of your data or consider your objection to processing.
- Right to Data Portability (Section 31): Where processing is based on consent or contract and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another data controller.
- Right to Object (Section 32): You have the right to object to the processing of your personal data where such processing is based on legitimate interests, including objecting to direct marketing.
- Right to Withdraw Consent (Section 19): Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.
To exercise any of these rights, please contact us using the details in Section 14. We will respond to your request within 30 days of receipt. We may need to verify your identity before processing your request. There is no fee for exercising your rights, unless your request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or decline to act.
If you believe that we have not complied with our obligations under the PDPA, you have the right to lodge a complaint with the Office of the Personal Data Protection Committee (PDPC), the competent supervisory authority in Thailand.
12. Children's Privacy
Our Website and services are not directed to, nor intended for use by, children under the age of 20 years (the age of majority in Thailand under the Civil and Commercial Code) or minors under the age of 10 years who cannot provide legally valid consent under the PDPA.
We do not knowingly collect personal data from children under 10 years of age without the verifiable consent of a parent or legal guardian. Minors between the ages of 10 and 20 may provide consent to the collection of their personal data with the approval of their parent or legal guardian, as required by the PDPA.
If you are a parent or legal guardian and you believe that your child has provided personal data to us without appropriate consent, please contact us immediately at [email protected]. Upon verification, we will delete such data from our records without undue delay.
13. Legal Basis for Processing Under the PDPA
We process your personal data on the following legal bases as recognised under the Personal Data Protection Act B.E. 2562 (2019):
- Consent (Section 19 PDPA): Where you have given clear, informed, and freely given consent to the processing of your data for a specific purpose (e.g., optional analytics cookies);
- Contract Performance (Section 24(3) PDPA): Where processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract;
- Legal Obligation (Section 24(6) PDPA): Where processing is necessary for compliance with a legal obligation to which we are subject under Thai law;
- Legitimate Interests (Section 24(5) PDPA): Where processing is necessary for our legitimate interests or those of a third party, provided that such interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include operating, maintaining, and improving our Website; communicating with enquirers; and protecting our systems and business from fraud.
14. Contact for Privacy Enquiries
If you have any questions about this Privacy Policy, wish to exercise your data subject rights, or have concerns about how your personal data is being handled, please contact our Privacy Point of Contact:
- Company: Business Net TH (PARRA PLUS SERVICES LLC)
- Email: [email protected]
- Phone: +17753148145
- Postal Address: 6421 Santa Monica Dr, Tampa, Florida, 33615-3347, United States
- Website: tomorrowthailandapp.com
We are committed to working with you to resolve any privacy concerns fairly and promptly. If you are not satisfied with our response, you have the right to escalate your complaint to the Office of the Personal Data Protection Committee (PDPC), Ministry of Digital Economy and Society, Thailand.
15. Thailand PDPA Compliance Statement
This Privacy Policy has been prepared in compliance with Thailand's Personal Data Protection Act B.E. 2562 (2019) (PDPA), which came into full effect on 1 June 2022. The PDPA governs the collection, use, disclosure, and protection of personal data of individuals in Thailand and imposes obligations on data controllers and data processors handling such data.
We are committed to upholding the principles of the PDPA, including:
- Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and in a transparent manner;
- Purpose Limitation: Personal data is collected for specified, explicit, and legitimate purposes and is not processed in ways incompatible with those purposes;
- Data Minimisation: We collect only the personal data that is adequate, relevant, and limited to what is necessary;
- Accuracy: We take reasonable steps to ensure personal data is accurate and kept up to date;
- Storage Limitation: Personal data is kept in identifiable form for no longer than necessary;
- Integrity and Confidentiality: Personal data is processed with appropriate security to prevent unauthorised or unlawful processing, accidental loss, destruction, or damage.
16. Links to Third-Party Websites
Our Website may contain hyperlinks to third-party websites, platforms, or services that are not owned or operated by Business Net TH. This Privacy Policy applies solely to information collected on tomorrowthailandapp.com. We have no control over and accept no responsibility for the content, privacy policies, or practices of third-party websites. We encourage you to review the privacy policy of every website you visit.
17. Changes to This Privacy Policy
We reserve the right to update or amend this Privacy Policy from time to time to reflect changes in our data processing practices, legal requirements, or operational needs. Any changes will be effective immediately upon posting the revised policy on this page.
We will notify you of material changes to this Privacy Policy by one or more of the following means:
- Posting a prominent notice on the Website homepage or a relevant landing page;
- Updating the "Last Updated" date at the top of this Privacy Policy;
- Sending an email notification to the email address you have provided to us (where applicable and where material changes affect how we process your data).
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal data. Your continued use of the Website after the effective date of any changes constitutes your acknowledgement of the updated Privacy Policy.
18. Governing Law and Jurisdiction
This Privacy Policy and any disputes arising in connection with it shall be governed by and construed in accordance with the laws of Thailand, including the Personal Data Protection Act B.E. 2562 (2019) and any regulations issued thereunder. Any disputes shall be subject to the jurisdiction of the competent courts of Thailand.
Effective Date: 1 January 2025 | Last Updated: 1 January 2025 | Version: 1.0
This Privacy Policy was prepared for tomorrowthailandapp.com operated by Business Net TH (PARRA PLUS SERVICES LLC). For all privacy-related enquiries, please contact us at [email protected].