Skip to main content FR DE IT

Privacy Policy

Last updated: July 2, 2026

Freediving Koh Samui ("we", "us", "our") runs in-person freediving courses and guided experiences in Koh Samui, Thailand. This policy explains what personal data we collect when you book, contact us, or use this website, how we use it, and the rights you have. We comply with Thailand's Personal Data Protection Act (PDPA) and, for visitors in the EU/EEA and UK, the GDPR.

1. Information we collect

We only collect what we need to run our courses and answer your questions.

  • Booking details: your name, email address, phone/WhatsApp number, the course or trip you choose, and your preferred dates.
  • Payment information: handled directly by our payment provider (Stripe). We never see or store your full card details — only a confirmation that payment succeeded and a reference.
  • Messages: what you send us by email, WhatsApp, the contact form, or social media.
  • Health & medical declaration: before you enter the water you complete a medical questionnaire and sign a liability waiver in person. This may include health information you choose to disclose so we can keep you safe. We treat this as sensitive data and keep it confidential.
  • Newsletter signups: your email address if you request our free preparation guide or subscribe to tips.
  • Dive-log & conditions tools: if you submit a dive log, condition report, or photo through our free tools, we store what you submit. A name or initials you choose to attach may appear publicly on the leaderboard or photo feed.
  • Automatic data: standard server logs and, with your consent, analytics about how you use the site (pages viewed, device and browser type, approximate location from your IP).

2. How & why we use your data

  • To take and confirm your booking, schedule your sessions, and contact you about them — this is necessary to perform our agreement with you.
  • To keep you safe in the water and meet our duty of care, using the health information you provide.
  • To answer your enquiries.
  • To send you the free guide and, if you opted in, occasional freediving tips and course news — you can unsubscribe at any time.
  • To improve the website and understand what's useful, where you have given analytics consent.
  • To meet legal, tax, and accounting obligations.

3. Who we share it with

We never sell or rent your personal data. We share it only with the service providers that make our business run, and only as far as needed:

  • Stripe — to process card payments securely.
  • MailerLite — to send the free guide and newsletter emails.
  • Hostinger (hosting) and Cloudflare (security & content delivery) — to run and protect this website.
  • Google (Analytics, Search Console) and Hotjar — for website analytics, loaded only after you accept analytics cookies.
  • Apnea Total — where a certification is included, to register your qualification.
  • Boat and transport operators — only the details needed to run your trip safely.

We may also disclose data where required by law, court order, or to protect someone's safety.

4. Cookies & analytics

We use a small number of cookies. Essential cookies are needed for the site to work (for example, secure checkout). Analytics and marketing cookies only load after you accept them in our cookie banner — we use Google Consent Mode v2, so nothing non-essential runs until you opt in. You can change your choice at any time through your browser settings or by clearing the saved preference.

5. How long we keep it

  • Booking & transaction records: kept for the period required by Thai tax and accounting law (generally up to several years).
  • Medical declarations & signed waivers: kept for as long as needed to protect both you and us in the event of a claim, then securely destroyed.
  • Newsletter data: until you unsubscribe.
  • Enquiries: kept only as long as useful to help you, then deleted.

6. Your rights

You have the right to ask us to: give you a copy of the data we hold about you; correct anything inaccurate; delete your data (where we are not legally required to keep it); restrict or object to certain uses; and withdraw consent — for example, by unsubscribing — at any time. To exercise any of these, email Diego@freedivingkohsamui.com. We will respond within 30 days. You also have the right to complain to your local data-protection authority.

7. Security

We protect your data with HTTPS encryption across the whole site, PCI-compliant payment processing, access controls, and by storing booking records outside the public web root. No system is ever completely secure, but we take reasonable steps to keep your information safe.

8. International transfers

Some of our providers (for example Stripe, MailerLite, Google) process data on servers outside Thailand. Where your data is transferred internationally, we rely on providers that offer appropriate safeguards to protect it.

9. Children

Bookings are made by adults. Where a participant is under 18, a parent or legal guardian provides the booking and health information and signs the waiver on their behalf. We do not knowingly collect data directly from children.

10. Changes & contact

We may update this policy from time to time; the current version is always the one posted here, with the date shown above. Questions about your privacy or this policy? Email Diego@freedivingkohsamui.com or message Diego Pauel on WhatsApp.


Terms of Service | Refund Policy | Contact Us

Check Availability