Priya Thai Massage

Privacy Policy

Last updated: 26. 5. 2025

Priya Thai Massage (“we” or “controller”) is committed to protecting your personal data in accordance with EU Regulation 2016/679 (GDPR) and the Slovenian Personal Data Protection Act (ZVOP-2).

1. Data Controller

Priya Thai Massage
Kolodvorska cesta 1, 1230 Domžale, Slovenia
Phone: +386 6961 4798
Email: priyathaimassage5@gmail.com

2. Personal Data We Collect

When you make a booking, we collect:

  • Full name
  • Phone number
  • Email address
  • Preferred date and time
  • Selected massage service and duration
  • Communication language (Slovenian / English)
  • Payment details – transmitted directly to Stripe Payments Europe Ltd; we do not store card data

This website does not automatically collect visit analytics (no third-party tracking).

3. Purpose and Legal Basis

a) Performance of contract – Art. 6(1)(b) GDPR

We process your contact details, appointment, and selected service to fulfil your booking, send confirmation and reminder emails, and process payment.

b) Legal obligation – Art. 6(1)(c) GDPR

We retain invoices and payment records as required by the Slovenian Tax Procedure Act (ZDavP-2) – 10 years.

c) Legitimate interest – Art. 6(1)(f) GDPR

We process booking records to prevent fraud, resolve disputes, and secure our systems.

4. Data Retention

  • Booking data: 3 years after the service date
  • Accounting and payment records: 10 years (ZDavP-2)
  • Email correspondence: 1 year

After the retention period, data is securely deleted or anonymised.

5. Recipients of Personal Data

We share your data only with the following processors:

  • Stripe Payments Europe Ltd – payment processing; a Data Processing Agreement (DPA) is in place
  • Email service provider – sending confirmation and reminder emails

We do not sell, share, or publish your data for marketing purposes or to any unrelated third parties.

6. Transfers Outside the EU / EEA

Stripe Payments Europe Ltd is headquartered in Dublin, Ireland (EU). Your data is not transferred to third countries outside the European Economic Area (EEA) without appropriate safeguards under Art. 44–49 GDPR.

7. Cookies and Local Storage

This website uses:

  • localStorage – to remember your language preference (sl/en); contains no personal data and does not require consent under ZEKom-2
  • Stripe cookies – set during the checkout process; strictly necessary for secure payment processing

We do not use analytics cookies (e.g. Google Analytics), tracking cookies, or advertising cookies.

8. Your Rights

Under Art. 15–22 GDPR you have the following rights:

  • Right of access (Art. 15): Request confirmation of whether we process your data and a copy of that data.
  • Right to rectification (Art. 16): Request correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17): Request deletion of your data where there is no longer a legal basis for processing.
  • Right to restriction (Art. 18): Request that we temporarily limit processing of your data.
  • Right to portability (Art. 20): Request your data in a machine-readable format.
  • Right to object (Art. 21): Object to processing based on legitimate interest.

Submit your request to: priyathaimassage5@gmail.com. We will respond within 30 days.

9. Right to Lodge a Complaint

If you believe we are processing your personal data unlawfully, you have the right to lodge a complaint with the supervisory authority:

Information Commissioner of the Republic of Slovenia
(Informacijski pooblaščenec)
Dunajska cesta 22, 1000 Ljubljana, Slovenia
Phone: +386 1 230 97 30
Email: gp.ip@ip-rs.si
www.ip-rs.si

10. Changes to This Policy

We reserve the right to update this Privacy Policy. We will notify you of material changes by email (if held) or by posting a notice on our website. The current version is always available at priyathaimassage.com/privacy.

chat