Privacy Policy.
Last updated
April 28th 2026
Introduction
Nayuran (“Nayuran,” “we,” “our,” or “us”) is an independent advisory service helping individuals and families explore assisted living, senior care, memory care, rehabilitation, respite, and supportive stays in Thailand. Protecting your privacy is an important part of how we work. This Privacy Policy explains how we collect, use, store, share, and safeguard your personal data when you interact with our website, contact forms, consultations, reports, and related advisory services (collectively, the “Services”). This Policy is prepared in accordance with applicable privacy and data-protection laws, including Thailand’s Personal Data Protection Act B.E. 2562 (2019) (“PDPA”), and — where applicable — the EU General Data Protection Regulation (“GDPR”) and other relevant legal requirements.
Information you provide
Personal Information
We may collect identity and contact details such as your full name, email address, telephone number, country of residence, preferred language, and billing details. Where relevant to the advisory case, we may also receive information about the person for whom support is being explored.
Case Information
To deliver our services, we may collect information you choose to provide about care needs, living preferences, health context, mobility, cognitive concerns, family situation, priorities, budget, and timing. Some of this information may be sensitive in nature. We collect only what is reasonably necessary to support the advisory process. Providing certain information is necessary for us to deliver the Services. Where information is optional, we will make this clear.
Information automatically collected
Website Usage
When you visit our website, we may automatically collect technical data such as IP address, browser type, device type, operating system, referring pages, pages viewed, session duration, and general usage activity.
Cookies and Tracking
When you visit our website, we may automatically collect technical data such as IP address, browser type, device type, operating system, referring pages, pages viewed, session duration, and general usage activity.
How we use your information
How & Why we use your data
We use personal data to respond to inquiries, schedule calls, deliver advisory services, prepare reports and recommendations, communicate with you about your case, coordinate agreed third-party contact, process payments, issue invoices, and maintain service records.
Service Improvement
We may review usage, client feedback, and service interactions to improve our website, reports, workflows, and advisory methods. This helps us refine the quality, clarity, and usefulness of our services over time.
Communication
We use your contact information to send service-related messages, appointment details, follow-up notes, updates connected to your advisory engagement, and — where you have opted in — occasional marketing or newsletter communications. You may unsubscribe from marketing communications at any time.
Information sharing
Third-Party Service Providers
We do not sell personal data. We may share limited information with trusted service providers who support our operations, such as payment processors, cloud-storage providers, email services, website tools, or professional advisers, but only where reasonably necessary and under appropriate confidentiality or data-processing arrangements.
Operator or Provider Contact
Where part of the service involves contacting a third-party residence, care provider, or other relevant operator on your behalf, we may share selected information needed to make that inquiry or validate suitability. We do so only as necessary for the agreed advisory process.
Legal Requirements
We may disclose personal information where required by law, regulation, court order, government request, or where reasonably necessary to protect our legal rights, prevent fraud, or address security concerns.
Data storage and security
Data storage
Your data may be stored using secure digital systems and professional service providers that support our operations. We take reasonable measures to protect personal data against unauthorized access, disclosure, loss, or misuse.
Data retention
We retain personal data only for as long as reasonably necessary to deliver the Services, maintain records, comply with legal or accounting obligations, resolve disputes, or protect our legitimate business interests. Where no longer needed, data is deleted, anonymized, or securely archived as appropriate.
Security Measures
We use reasonable technical and organizational safeguards, which may include password protection, restricted access, secure cloud systems, SSL/TLS encryption where applicable, and internal handling controls designed to reduce risk and protect confidentiality.
Your rights and choices
Access Rights
Depending on the law that applies to you, you may have the right to request access to your data, request correction of inaccurate information, request deletion, object to certain uses, restrict processing, withdraw consent where consent is the basis of processing, and request data portability where applicable.
Control Options
You may also control certain data uses by adjusting cookie preferences, unsubscribing from marketing messages, or contacting us directly to request updates, deletion, or clarification about how your data is being handled. We will respond to privacy-related requests in accordance with applicable law and within a reasonable timeframe.
Childrens privacy
Our Services are intended for adults. We do not knowingly collect personal data directly from children for the purpose of providing our Services. If we become aware that personal data has been collected from a child in a manner that is not appropriate under applicable law, we will take reasonable steps to delete it.
International data transfers
Because Nayuran works with clients, systems, and service providers that may be located in different countries, your data may be processed or stored outside your home jurisdiction. Where cross-border transfers occur, we take reasonable steps to ensure that appropriate protections are in place in line with applicable law.
Changes to privacy policy
We may update this Privacy Policy from time to time to reflect operational, legal, or service changes. The updated version will be published on our website with a revised effective date. Continued use of the Services after such updates constitutes acceptance of the revised Policy where permitted by law.
Specific rights by region
European users (GDPR)
If you are located in the European Economic Area or United Kingdom, you may have additional rights under GDPR or related local law, including rights of access, correction, erasure, restriction, objection, and data portability, as well as the right to lodge a complaint with a supervisory authority.
California users (CCPA)
If you are a California resident, you may have rights under applicable California privacy law, including the right to know certain categories of data collected, the right to request deletion, and the right not to be discriminated against for exercising privacy rights, subject to applicable exceptions.
Other Regions
Where local law gives you additional privacy rights, we will handle requests in accordance with applicable legal requirements.
Compliance and Governance
We review our data-handling practices periodically and aim to maintain a responsible, proportionate, and privacy-conscious approach to advisory work. Where required, we update our internal procedures, notices, and operational safeguards to reflect changes in law, service scope, or data-protection practice. We seek to handle personal information with the same care, discretion, and respect that the underlying decisions themselves require.
Questions & Contact
If you have questions about this Privacy Policy, your personal data, or a request relating to privacy rights, you may contact us at: contact@nayuran.com
By using our services, you acknowledge that you have read and understood this Privacy Policy and agree to our data practices as described herein.