Updated: 2026-05-15

Privacy notice

This page sets out, in plain language, what personal data Phuket GEO receives when you write through this site, what it is used for, and the rights the law gives you. Phuket GEO is one person's field practice — there is no sales team and no mailing list waiting for your address.

Who handles your data

Phuket GEO is a working notebook on how AI systems describe Phuket service businesses. For the purposes of the General Data Protection Regulation (GDPR), the controller of the personal data described here is the operator of the site geophuket.com. For any privacy question, or to exercise a right, write to hello@geophuket.com.

What is collected

When you send the brief form, Phuket GEO receives:

  • Your name and email — so I can reply to you by name.
  • The service details you choose to share: the category, the part of Phuket you operate in, the customers you need to win, and the visibility problem you describe. Nothing beyond name and email is required.

This data is used only to answer what you asked. You are not added to any list, and your details are not sold or handed to third parties (other than the payment processor described below, where one applies). The date and time of the submission are kept, together with a SHA-256 hash of your IP address plus a salt, to keep the form from being abused by automated traffic. The IP address itself is never stored, and neither are browser fingerprints or device metadata.

What is not collected

  • No tracking cookies. The analytics tool runs without cookies and keeps no per-visitor identifier.
  • No remarketing pixels, ad-network tags, or marketing-automation trackers.
  • No automated profiling, and no automated decision that produces a legal effect on you.
  • Personal data is never sold or passed to commercial partners — that is not how this practice earns.

Why the law allows this

Messages sent through the form are handled under Article 6(1)(b) of the GDPR (steps taken at your request before any agreement). The IP hash that protects the form relies on Article 6(1)(f) (legitimate interest). Payment-status data, where it exists, rests on the contractual basis.

How long it is kept

  • Form briefs: kept for the length of any engaged work plus 24 months, to hold the context of the exchange, then deleted. A brief that does not lead to work is kept for 12 months, then deleted.
  • Payment records: kept for the period tax and accounting law require, then deleted.
  • IP hashes: kept for 90 days — enough for abuse protection — then deleted.
  • Email threads: kept while the work is active, or for 24 months after the last contact, whichever is longer.

Your rights

Under the GDPR you can ask for access to your data, its correction, deletion, portability, a limit on how it is processed, or you can object to the processing. For any of these, write to hello@geophuket.com; a reply follows within one month. If you think the handling breaks the law, you may lodge a complaint with the data-protection supervisory authority of your country of residence.

Where the data is held

The infrastructure serving this site sits in European Union (Germany). Where additional processors (email provider) operate outside the European Union, those transfers rely on standard contractual clauses and on the safeguards the recipient publishes.

Changes to this notice

This notice is updated when the way data is handled changes in a meaningful way. The "Updated" date at the top marks the version in force. A substantive change stays flagged on the home page for 30 days so returning visitors can see it.