What information do we collect about you?
When you provide your personal details to this premises, they are stored and processed for 4 reasons (the bits in bold are the relevant terms used in the General Data Protection Regulation – i.e. the law):
1. We need to collect personal information about your health in order to provide you with the suitable treatment. Your requesting treatment and our agreement to provide that care constitutes a contract. You can refuse to provide the information in that case we would not be able to provide treatment.
2. We have a “Legitimate Interest” in collecting that information, because without it we couldn’t do our job effectively and safely.
3. We also think that it is important that we can contact you in order to confirm your appointments with us or to update you on matters related to your medical care. This again constitutes “Legitimate Interest”, but this time it is your legitimate interest.
4. Provided we have your consent, we may occasionally send you general health information in the form of articles, advice or newsletters. You may withdraw this consent at any time – just let us know by any convenient method.
How will we use the information about you?
We collect information about you to process your order, manage your account and, if you agree, to email you about other products and services we think may be of interest to you.
We use your information collected from the website to personalise your repeat visits to our website.
Benjawan Thai Massage Ltd will not share your information for marketing purposes with other companies.
In processing your order, we may send your details to, and also use information from credit reference agencies and fraud prevention agencies.
We would like to send you information about products and services, which may be of interest to you. If you have consented to receive marketing, you may opt out at a later date.
You have a right at any time to stop us from contacting you for marketing purposes.
Access to your information and correction
You have the right to request a copy of the information that we hold about you.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
Our website is powered by the open source content management system, WordPress, and uses various plugins to add functionality to the website and keep it secure. The following plugins on our website store information about website visitors:
Wordfence – we use this plugin to protect our website. The plugin provides a firewall, antivirus scanning and other security hardening features to protect our website from intruders. In order for the plugin to work effectively it needs to collects information about user’s IP addresses and registered users on our website so that it can control access to our website and block unwelcome visitors where necessary.
WP Security Audit Log – we use this plugin to track any alterations to the website undertaken by registered users. The purposes of this plugin is to track general activity on the backend of the website so that in the event of a website intrusion we can check to see whether a data breach has occurred and what alterations have taken place.
RocketshipWP website monitor – we use this plugin to undertake regular backups of our website. In the event on an intrusion in the website using RocketshipWP’s EU-based servers we can initiate a full restore of our website. As part of the backup process, RocketshipWP takes a full copy of our website’s database, including registered users, event tracking from WP Security Audit Log and Wordfence data tables used to record IP addresses and other user information.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
We use Google Analytics to track how users interact with our website and improve the user experience. The tool captures information about website visitors, including IP address, date and time people visited our site and the individual pages viewed, which is then processed by Google’s servers in the United States. Google does not associate this data with any other data held by Google. Google Analytics uses the following cookies to track user interaction:
_ga cookie – is used to identify unique users and it expires after 2 years.
_gat cookie – is used to throttle the request rate and it expires after 1 minute.
_utma cookie – is a persistent cookie which remains on a computer, unless it expires or the cookie cache is cleared. It tracks visitor metrics including first visit and last visit.
_utmb cookie & __utmc cookie – are used to calculate user visit length, including arrival time and exit time of the user. _utmb is a sessional cookie and the _utmc cookie expires if no new page view is recorded within 30 minutes.
_utmz cookie – monitors where a visitor arrived from (search engine, organic, social media or direct) and what keyword is generated and and geolocation data. This cookie lasts 6 months.
_utmv cookie – is a persistent cookie used to improve audience segmentation.
As mentioned above, we use Wordfence to secure our website. The plugin sets three technical cookies to enable it to function:
wfwaf-authcookie-(hash) – used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded and detect logged in and non-logged in users and grant or restrict access accordingly.
wf_loginalerted_(hash) – used to notify the Wordfence admin when an administrator logs in from a new device or location.
wfCBLBypass – helps track who should be allowed to bypass country blocking.
For further information about cookies, visit:
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However in a few cases some of our website features may not function as a result.
Embedded content and other websites
Pages on this site may include embedded content (e.g. videos, images, articles, etc.) or links to other websites. Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How long we retain your data
We have a legal obligation to retain your records for 8 years after your most recent appointment (or age 25, if this is longer), but after this period you can ask us to delete your records if you wish. Otherwise, we will retain your records indefinitely in order that we can provide you with the best possible care should you need to see us at some future date.
In relation to the website, we collect information about you when you register with us or place an order for products or services. We also collect information when you voluntarily complete customer surveys, provide feedback and participate in competitions. Website usage information is collected using cookies.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Where we send your data
How we protect your data
We take data protection seriously and therefore use SSL encryption on our website to limit the ability of unauthorised people to see information communicated between website users and our website. We also implement a website firewall and regular anti-virus scanning to try and prevent intrusion. Finally, we purposefully limit the amount of data we collect about website visitors and do not share any data to third parties (unless legally required to do so) in order to minimise our exposure in the unlikely event of a breach.
What data breach procedures we have in place
In the event of a data breach, we have a protocol in place to contact the Information Commissioner’s Office and all our registered website users, in line with legally required timelines. However, as we do not collect personal information about general website visitors we do not have a protocol in place for contacting general website visitors in case of a breach.
What third parties we receive data from
We do not receive information about website visitors from third party services.
What automated decision making and/or profiling we do with user data
We do not undertake any automated decision making or profiling based on user data we receive via the website or other third party services.
How to contact us
by email: email@example.com