Updated: 2026-05-15

Privacy notice

In ordinary words, this page describes the personal data that reaches this practice when you get in touch through the site, the purpose it serves, and the rights the law grants you. This is a single-person diagnostic practice — no sales department, and no mailing list sitting ready for your address.

Who handles your data

This site is run as the working practice of a Bangkok AI visibility editor. Under the General Data Protection Regulation (GDPR), the controller of the personal data set out here is whoever operates the site chatgptbangkok.com. To raise any privacy matter, or to act on a right, contact hello@chatgptbangkok.com.

What is collected

Submitting the form passes the following to this practice:

  • Your name and email — so the reply can reach you by name.
  • Whatever else you decide to include: the business name, the spelling in Thai and English, the soi, station, district, branch, or venue involved, and the AI answer that looks wrong. Only the name and email are obligatory.

These details serve a single purpose: answering your enquiry. No list takes your address, and nothing is sold or passed to outsiders (apart from the payment processor described further down, in the cases where one is used). The submission time and date are retained alongside a salted SHA-256 hash of your IP address, purely to stop automated traffic from abusing the form. The raw IP address is never kept, and neither are browser fingerprints or device metadata.

What is not collected

  • No tracking cookies. The analytics tool operates cookie-free and stores no per-visitor identifier.
  • No remarketing pixels, ad-network tags, or marketing-automation trackers.
  • No automated profiling, and no automated decision that carries a legal effect for you.
  • Personal data is never sold or shared with commercial partners — that is simply not how this practice makes its living.

Why the law allows this

Messages arriving through the form rest on Article 6(1)(b) of the GDPR (measures taken at your request ahead of any agreement). The IP hash that shields the form draws on Article 6(1)(f) (legitimate interest). Where payment-status data exists, it stands on the contractual basis.

How long it is kept

  • Form messages: retained for the duration of any work undertaken plus 24 months, so the thread of the exchange is preserved, then erased. A message that leads to no work is held for 12 months and then erased.
  • Payment records: retained for as long as tax and accounting law demand, then erased.
  • IP hashes: retained for 90 days — sufficient for abuse protection — then erased.
  • Email threads: retained while the work continues, or for 24 months past the last contact, whichever runs longer.

Your rights

The GDPR lets you request access to your data, ask for it to be corrected or deleted, request portability, restrict how it is processed, or object to processing altogether. For any of these, write to hello@chatgptbangkok.com; a reply arrives inside one month. Should you believe the handling breaches the law, you may file a complaint with the data-protection supervisory authority where you live.

Where the data is held

The infrastructure that serves this site is located in European Union (Germany). Where further processors (email provider) work outside the European Union, those transfers depend on standard contractual clauses and on whatever safeguards the recipient publishes.

Changes to this notice

This notice is revised whenever data handling shifts in a meaningful way. The "Updated" date at the top shows the version currently in force. A substantive change is kept flagged on the home page for 30 days so returning visitors notice it.