See our Couples offer under Offers & Vouchers !
See our Couples offer under Offers & Vouchers !
This page outlines the Privacy Policy for Lanna Thai Massage & Wellness. On this page, we explain how we collect and use personal data. Our access and handling of this information is subject to the General Data Protection Regulations (GDPR). This replaces the Data Protection Act of 1998.
" Lanna Thai Massage & Wellness " is the trading name of Kimiki Ventures LTD, Company Number 16286311, registered with the Information Commissioner's Office, reg. no. ZB934781
Lanna Thai Massage & Wellness Marlow is committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, and protect the personal information you provide when visiting our clinic, using our services, or interacting with us through our website, phone, email, or in person.
We are registered and operate in the United Kingdom and are subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We may collect and process the following types of personal data:
- Identity Information: Name, date of birth, gender.
- Contact Information: Address, phone number, email address.
- Health Information: Relevant medical history, treatment notes, and massage preferences.
- Payment Information: Transaction details (Note: we do not store card details).
- Appointment Records: Date and time of bookings, service types.
- Communication Records: Emails, texts, and messages exchanged.
We use your information to:
- Provide therapeutic massage services.
- Maintain accurate health records to ensure your safety.
- Book and manage appointments.
- Respond to your enquiries and provide customer support.
- Process payments and issue receipts.
- Comply with legal and regulatory obligations.
- Send appointment reminders or service updates (if you have consented).
We process your personal data based on the following legal grounds:
- Consent – where you have given us permission.
- Contractual Necessity – to fulfil our services.
- Legal Obligation – for compliance with laws.
- Legitimate Interest – for business and communication purposes, where your rights do not override our interests.
We do not sell your data. We may share your data with:
- Payment processors (e.g. card payment providers).
- Regulatory or legal authorities, if required by law.
- IT service providers (e.g. booking software or secure email platforms), under strict confidentiality agreements.
We retain your data for as long as necessary to provide our services and comply with legal, tax, or regulatory requirements. Health and treatment records are typically kept for 7 years after your last visit, in line with industry standards.
Under the UK GDPR, you have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate or incomplete data.
- Request deletion of your data (subject to legal requirements).
- Object to or restrict certain data processing.
- Withdraw consent at any time.
- Lodge a complaint with the Information Commissioner’s Office (ICO).
We take reasonable technical and organizational measures to protect your data, including password protection, locked storage, and secure payment systems.
If you visit our website, we may collect limited data via cookies for analytics and functionality. You will be informed and given an option to consent to cookies on your first visit.
We may update this Privacy Policy from time to time. We encourage you to review it regularly. Changes will take effect when published on our website.
If you have any questions about this policy or wish to exercise your data rights, please contact: