Privacy Policy
Privacy Policy
Effective Date: 1 January 2025 | Last Updated: 1 January 2025
This Privacy Policy describes how Design Living TH (legal entity: LICINA DESIGN & RENO LLC), operating the website thetomorrowthailand.com (collectively, “we,” “us,” or “our”), collects, uses, stores, discloses, and protects information that you (“you,” “your,” or “the data subject”) provide when visiting or interacting with our website.
We are committed to protecting your personal data in accordance with the Personal Data Protection Act B.E. 2562 (2019) (“PDPA”) of Thailand, as well as any subordinate regulations, notifications, and guidelines issued by the Personal Data Protection Committee (“PDPC”). Please read this policy carefully before submitting any personal information to us.
By accessing thetomorrowthailand.com and using any contact or inquiry features, you acknowledge that you have read, understood, and agreed to the practices described in this Privacy Policy.
1. Who We Are and How to Contact Us
The Data Controller responsible for your personal data is:
- Trade Name: Design Living TH
- Legal Name: LICINA DESIGN & RENO LLC
- Website: thetomorrowthailand.com
- Postal Address: 4500 Bayview Dr, Fort Lauderdale, Florida, 33308-5331, United States
- Telephone: +13155314884
- Privacy Inquiries Email: [email protected]
If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us at the details above. We aim to respond to all privacy-related inquiries within 30 days of receipt.
2. Scope of This Policy
This Privacy Policy applies to:
- All visitors to thetomorrowthailand.com, regardless of location;
- Any person who submits a contact form, inquiry, or request through our website;
- Any person who communicates with us by email, telephone, or other means in connection with our services.
This policy does not apply to third-party websites, platforms, or services that may be linked from our website. We encourage you to review the privacy policies of any third-party sites you visit.
3. Personal Data We Collect
We collect only the personal data that is necessary to fulfil the purposes described in this policy. The categories of personal data we collect include:
3.1 Information You Provide Directly
When you complete and submit our contact or inquiry form, we collect the following information:
- Full Name — so we can address you appropriately and identify your inquiry;
- Email Address — to send you a reply or follow-up correspondence;
- Telephone Number — to allow us to contact you by phone if necessary or if you request a callback;
- Message Content — the details of your inquiry, project description, or question you choose to share with us.
Providing this information is voluntary; however, without the minimum required fields (typically name, email, and message), we may be unable to respond to your inquiry.
3.2 Automatically Collected Technical Data
When you visit our website, certain technical data may be automatically collected by our web server or analytics tools, including:
- IP Address — used for security monitoring and fraud prevention;
- Browser Type and Version — to understand how visitors access our site;
- Operating System — for technical compatibility purposes;
- Referring URL — the page or link that directed you to our website;
- Pages Visited and Time Spent — to understand which content is most relevant to visitors;
- Date and Time of Access — for security logging.
This technical data is generally non-identifying on its own but may be combined with other information. Where analytics tools are used, please refer to Section 6 (Cookies) and Section 8 (Third-Party Services) for further details.
3.3 Sensitive Personal Data
We do not intentionally collect any sensitive personal data as defined under Section 26 of the PDPA (including but not limited to racial or ethnic origin, political opinions, religious beliefs, health data, biometric data, or criminal records). Please do not include sensitive personal data in any message or inquiry you submit to us.
4. How We Use Your Personal Data
We process your personal data only for specified, explicit, and legitimate purposes as required by the PDPA. The legal bases and purposes for processing are as follows:
4.1 To Respond to Your Inquiries (Legitimate Interest / Contractual Necessity)
- Processing your contact form submission and sending you a response;
- Following up on your design or renovation project inquiry;
- Providing quotations, proposals, or information about our services;
- Scheduling consultations or site visits at your request.
4.2 To Manage Our Business Operations (Legitimate Interest)
- Maintaining accurate records of client inquiries and communications;
- Monitoring and improving our website’s performance and user experience;
- Ensuring the technical security and integrity of our website and systems.
4.3 To Comply with Legal Obligations
- Retaining records as required by applicable Thai law, including the Revenue Code of Thailand and other regulatory requirements;
- Responding to lawful requests from government authorities, courts, or regulators.
4.4 With Your Consent (Where Required)
- Sending you marketing communications about our services, promotions, or updates, if you have opted in to receive such communications;
- Placing optional analytics cookies on your device (see Section 6).
We will not use your personal data for purposes that are incompatible with those stated above without obtaining your prior consent or as otherwise permitted by law.
5. How Contact Form Submissions Are Processed
When you submit a contact form on thetomorrowthailand.com, the following process takes place:
- Your form submission is transmitted over an encrypted HTTPS connection to our web server.
- The data is processed by our server-side application (PHP) and delivered to our designated business email address at [email protected].
- An automatic confirmation or acknowledgement email may be sent to the email address you provided.
- Your inquiry is reviewed by a member of our team, who will contact you using the details you have provided.
- Your submission data is stored securely on our email and/or internal systems for the retention period specified in Section 9 of this policy.
We process form submissions as quickly as practicable, typically within 1–3 Thai business days. During public holidays in Thailand or peak project periods, response times may be slightly longer.
6. Cookies and Similar Technologies
Our website uses cookies and similar tracking technologies. A cookie is a small text file stored on your device when you visit a website. Cookies help websites function efficiently and provide information to website owners.
6.1 Types of Cookies We Use
- Strictly Necessary / Functional Cookies: These cookies are essential for the website to operate correctly. They enable core functions such as page navigation, form security (CSRF tokens), and session management. These cookies do not require your consent under the PDPA as they are necessary for the provision of the service you have requested. You cannot opt out of these cookies without affecting website functionality.
- Analytics Cookies (Optional): We may use optional analytics cookies (such as those provided by Google Analytics) to understand how visitors interact with our website — for example, which pages are most visited, how long visitors stay, and where they come from. These cookies collect anonymised or aggregated data and help us improve our website. We will only set analytics cookies with your prior consent. You may withdraw this consent at any time by adjusting your cookie preferences or browser settings.
6.2 How to Control Cookies
You may control or delete cookies through your browser settings. Most browsers allow you to:
- View what cookies have been set;
- Delete cookies individually or in bulk;
- Block all cookies or only third-party cookies;
- Receive a notification when a cookie is placed.
Please note that disabling certain cookies may affect the functionality of our website. For more information about managing cookies, visit www.allaboutcookies.org.
7. Data Security Measures
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, disclosure, alteration, loss, or destruction. Our security practices include:
- SSL/TLS Encryption: All data transmitted between your browser and our website is encrypted using industry-standard Transport Layer Security (TLS) protocols (HTTPS).
- Access Controls: Access to personal data stored on our systems is restricted to authorised personnel who have a legitimate business need to access such data.
- Password Protection: Our email and administrative systems are protected by strong passwords and, where available, multi-factor authentication.
- Regular Software Updates: We keep our website software, server software, and security tools up to date to address known vulnerabilities.
- Data Minimisation: We collect only the personal data we actually need and avoid storing unnecessary information.
- Secure Email Handling: Submissions received via our contact form are handled through secure email systems and stored only as long as necessary.
Despite our best efforts, no method of transmission over the internet or electronic storage is completely secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Personal Data Protection Committee (PDPC) within 72 hours of becoming aware of the breach, and we will notify affected individuals without undue delay where required by law.
8. Third-Party Services and External Resources
Our website makes use of certain third-party tools and resources. These third parties may collect technical data independently. We have listed the relevant services below:
8.1 Google Fonts
Our website may load fonts from Google Fonts, a service provided by Google LLC (or Google Ireland Limited for EEA users). When your browser requests a font file from Google’s servers, Google may receive your IP address and browser information. Google states that it does not use this data to build profiles or serve advertisements. For more information, see Google’s Privacy Policy.
8.2 Tailwind CSS CDN
Our website may load the Tailwind CSS framework from a Content Delivery Network (CDN). CDN providers may log requests including IP addresses for performance and security purposes. These logs are typically short-lived and used for operational purposes only.
8.3 Google Analytics (If Enabled)
If you have consented to analytics cookies, our website may use Google Analytics, a web analytics service provided by Google LLC. Google Analytics uses cookies to collect anonymised information about how visitors use our website. This information is transmitted to and stored on Google’s servers, which may be located in the United States or other countries. We use this data in aggregated form to improve our website. We have configured Google Analytics to anonymise IP addresses where possible. You may opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on.
8.4 Email Service Providers
Contact form submissions are delivered to our internal email system. We may use a third-party email hosting provider to receive and store emails. Such providers are obligated to maintain appropriate data security standards.
We do not sell, rent, or trade your personal data with third parties for their own marketing purposes. Any third-party processors we engage are bound by data processing agreements and are required to process your data only as instructed by us and in accordance with applicable law.
9. Data Retention
We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law. Our general retention guidelines are as follows:
- Contact Form Submissions (Non-Clients): If your inquiry does not result in a business engagement, we will retain your contact information and message for a period of up to 12 months from the date of your last communication, after which it will be securely deleted.
- Client Project Records: If your inquiry results in a project or service agreement, we will retain related correspondence and records for a period of up to 5 years from the completion of the project or termination of the business relationship, or as required by Thai accounting and tax law (whichever is longer).
- Legal Compliance Records: Certain records may be retained for longer periods where required by Thai law, court orders, or regulatory requirements.
- Server and Access Logs: Technical access logs are typically retained for 30 to 90 days for security purposes before being automatically deleted.
- Analytics Data: If analytics cookies are used, aggregated analytics data may be retained for up to 26 months in accordance with Google Analytics’ default retention settings, unless a shorter period is configured.
Upon expiry of the applicable retention period, personal data is either permanently deleted, anonymised, or destroyed in a secure manner.
10. International Data Transfers
Our primary business operations are based in Thailand. However, some of the third-party services we use (such as Google Fonts and Google Analytics) may transfer or store data on servers located outside of Thailand, including in the United States and other countries.
Under the PDPA, personal data may only be transferred to a foreign country if that country has adequate data protection standards, or if appropriate safeguards are in place (such as standard contractual clauses or binding corporate rules), or if a specific exception applies (including your consent, the necessity to perform a contract at your request, or the protection of vital interests).
Where we rely on third-party services that transfer data internationally, we take steps to ensure that appropriate safeguards are in place and that the transfer is compliant with the PDPA and any applicable PDPC notifications or standards. By using our website and submitting your personal data, you acknowledge that your information may be processed in countries with data protection laws that differ from those in Thailand.
11. Your Rights Under the PDPA
As a data subject under Thailand’s Personal Data Protection Act B.E. 2562 (2019), you have the following rights with respect to your personal data:
- Right to be Informed (Section 23 PDPA): You have the right to be informed about how your personal data is collected, used, and disclosed. This Privacy Policy fulfils that obligation.
- Right of Access (Section 30 PDPA): You have the right to request access to the personal data we hold about you and to receive a copy of that data, along with information about how it is being processed.
- Right to Rectification (Section 35 PDPA): You have the right to request that we correct any inaccurate, incomplete, or misleading personal data that we hold about you.
- Right to Erasure / Right to be Forgotten (Section 33 PDPA): You have the right to request the deletion or destruction of your personal data where: (a) it is no longer necessary for the purposes for which it was collected; (b) you withdraw consent on which processing is based; (c) you object to processing and there are no overriding legitimate grounds; or (d) the data has been processed unlawfully.
- Right to Restriction of Processing (Section 34 PDPA): You have the right to request that we restrict the processing of your personal data in certain circumstances, such as while you contest the accuracy of the data or while we consider an objection you have raised.
- Right to Data Portability (Section 31 PDPA): Where processing is based on your consent or a contract and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request that we transmit that data to another controller, where technically feasible.
- Right to Object (Section 32 PDPA): You have the right to object to the processing of your personal data where processing is based on legitimate interests, or for direct marketing purposes. If you object to direct marketing, we will cease processing your data for that purpose without delay.
- Right to Withdraw Consent (Section 19 PDPA): Where processing is based on your consent, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.
- Right to Lodge a Complaint: You have the right to lodge a complaint with the Office of the Personal Data Protection Committee (PDPC) of Thailand if you believe that our processing of your personal data infringes the PDPA. Contact details for the PDPC can be found at their official website.
To exercise any of the rights listed above, please submit a written request to us at [email protected] or by post to 4500 Bayview Dr, Fort Lauderdale, Florida, 33308-5331, United States. We will respond to your request within 30 days. We may need to verify your identity before processing your request. We will not charge a fee for exercising your rights unless your request is manifestly unfounded or excessive, in which case we may charge a reasonable administrative fee or decline to act on the request.
12. Children’s Privacy
Our website and services are not directed at, and are not intended to be used by, persons under the age of 20 years (the age of legal majority in Thailand under the Civil and Commercial Code). We do not knowingly collect personal data from minors.
Under the PDPA, the collection of personal data of minors (persons under 20 who have not been emancipated) requires the consent of a parent or legal guardian. If we become aware that we have inadvertently collected personal data from a minor without appropriate parental consent, we will take immediate steps to delete that data.
If you are a parent or guardian and believe that your child has submitted personal data to us without your consent, please contact us immediately at [email protected] so that we can take appropriate action.
13. Legal Basis for Processing
Under the PDPA, we must have a lawful basis for processing your personal data. Depending on the activity, we rely on the following legal bases:
- Consent (Section 19 PDPA): For analytics cookies and optional marketing communications, we rely on your freely given, specific, informed, and unambiguous consent.
- Contractual Necessity (Section 24(3) PDPA): For processing your inquiry and providing our services, processing may be necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract.
- Legitimate Interests (Section 24(5) PDPA): For operational purposes such as website security, fraud prevention, and improving our services, we may rely on our legitimate interests, provided those interests are not overridden by your rights and interests.
- Legal Obligation (Section 24(1) PDPA): Where required by Thai law, we may process your data to comply with our legal obligations.
- Vital Interests (Section 24(4) PDPA): In rare circumstances involving life or serious physical harm, we may process data to protect vital interests.
14. Disclosure of Personal Data
We do not sell, share, or disclose your personal data to third parties except in the following circumstances:
- Service Providers: We may share data with trusted third-party service providers who assist us in operating our website and delivering our services (e.g., email hosting providers, IT support). These providers are contractually obligated to keep your information confidential and to use it only as instructed by us.
- Legal Requirements: We may disclose your data to government authorities, courts, or law enforcement agencies where required by Thai law or a valid court order, or where necessary to protect our legal rights.
- Business Transfers: In the event of a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred to the successor entity, subject to the same privacy protections described in this policy.
- With Your Consent: We may share your data with third parties for other purposes with your explicit prior consent.
15. Links to Third-Party Websites
Our website may contain links to external websites operated by third parties. These links are provided for your convenience only. We have no control over the content, privacy practices, or data handling of external websites, and we are not responsible for their privacy policies or practices. We encourage you to review the privacy policy of any third-party website you visit.
16. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our business practices, legal requirements, or the services we offer. When we make material changes to this policy, we will:
- Update the “Last Updated” date at the top of this page;
- Post a prominent notice on the homepage of thetomorrowthailand.com for a reasonable period following the update;
- Where feasible and where we hold your email address, send you a notification by email informing you of significant changes.
Your continued use of our website after the effective date of the revised Privacy Policy constitutes your acceptance of the updated terms. We encourage you to review this page periodically to stay informed about how we protect your personal data. If you do not agree with the updated policy, please discontinue use of our website and contact us to request deletion of your personal data.
17. Complaints and Dispute Resolution
If you have a complaint about how we have handled your personal data, we encourage you to contact us in the first instance so that we can attempt to resolve the matter directly:
- Email: [email protected]
- Phone: +13155314884
- Address: 4500 Bayview Dr, Fort Lauderdale, Florida, 33308-5331, United States
If you are not satisfied with our response, you have the right to escalate your complaint to the Office of the Personal Data Protection Committee (PDPC), which is the supervisory authority responsible for enforcing the PDPA in Thailand. Information about how to file a complaint with the PDPC is available on their official government website.
18. Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of the Kingdom of Thailand, including but not limited to the Personal Data Protection Act B.E. 2562 (2019) and any subordinate legislation, ministerial regulations, or PDPC notifications issued thereunder. Any disputes arising from this policy shall be subject to the exclusive jurisdiction of the competent courts of Thailand.
19. Contact Information Summary
For all privacy-related inquiries, requests to exercise your rights, or questions about this policy, please contact us using the details below:
Company: Design Living TH
Legal Entity: LICINA DESIGN & RENO LLC
Address: 4500 Bayview Dr, Fort Lauderdale, Florida, 33308-5331, United States
Phone: +13155314884
Email: [email protected]
Website: thetomorrowthailand.com
This Privacy Policy was drafted to comply with the Personal Data Protection Act B.E. 2562 (2019) of Thailand. It is effective as of 1 January 2025.