Privacy Policy
Last updated: 1 July 2026
Your privacy matters to us. This policy explains what personal data we collect, why we collect it, and how we use and protect it in connection with your stay or enquiry at Citichic Sukhumvit 13.
1. Who We Are
Citichic Sukhumvit 13 is operated by Compass Hospitality Group, with registered offices at 13 Sukhumvit Soi 13, Khlong Toei Nuea, Watthana, Bangkok 10110, Thailand. We are committed to protecting your personal data and handling it in accordance with the Personal Data Protection Act B.E. 2562 (PDPA) of Thailand and other applicable privacy laws.
2. Data We Collect
We collect personal data that you provide directly to us, including: • Identity data: full name, date of birth, nationality, passport or ID number • Contact data: email address, phone number, postal address • Booking data: reservation details, room preferences, length of stay, payment information • Communication data: enquiries, feedback, and messages sent via our contact form or email • Technical data: IP address, browser type, device information, pages visited, and cookies (see Cookies section below) We collect this data when you make a reservation, complete our contact form, subscribe to communications, or interact with our website.
3. How We Use Your Data
We use your personal data for the following purposes: • To process and manage your reservation and stay • To communicate with you about your booking, including confirmations, pre-arrival information, and post-stay follow-up • To process payments and prevent fraud • To respond to enquiries and provide customer support • To send promotional offers and newsletters (only where you have given consent) • To improve our website, services, and guest experience • To comply with legal and regulatory obligations
4. Legal Basis for Processing
We process your personal data under the following legal bases: • Contract: processing is necessary to fulfil your reservation and deliver hotel services • Legal obligation: processing required to comply with Thai law, tax obligations, or immigration requirements • Legitimate interests: improving services, preventing fraud, and ensuring security • Consent: for marketing communications and non-essential cookies, where you have opted in
5. Data Sharing & Third Parties
We do not sell your personal data. We may share your data with trusted third parties only as necessary to operate our services, including: • Compass Hospitality Group (our management company) • Payment processors (e.g. Stripe, bank networks) for secure payment handling • Booking platforms (e.g. Booking.com, Agoda) when reservations originate there • IT and hosting providers who store or process data on our behalf under data processing agreements • Regulatory authorities when legally required All third-party processors are required to handle your data securely and in accordance with applicable law.
6. Cookies
Our website uses cookies and similar tracking technologies to enhance your browsing experience. We use: • Essential cookies: required for the website to function (e.g. session management) • Analytics cookies: to understand how visitors use our site (e.g. Google Analytics) • Marketing cookies: to deliver relevant advertising (only with your consent) You can manage cookie preferences through your browser settings or our cookie consent banner. Disabling non-essential cookies will not affect your ability to browse the site or make a booking.
7. Data Retention
We retain personal data only for as long as necessary for the purposes set out in this policy, or as required by law. Booking and stay records are typically retained for 5 years in line with Thai tax and accounting regulations. Marketing data is retained until you withdraw consent. Technical logs are retained for up to 12 months.
8. Your Rights
Under the PDPA and applicable law, you have the right to: • Access the personal data we hold about you • Request correction of inaccurate or incomplete data • Request deletion of your data (subject to legal retention requirements) • Withdraw consent to marketing at any time • Object to or restrict certain processing • Lodge a complaint with the Office of the Personal Data Protection Committee (PDPC) of Thailand To exercise any of these rights, please contact us using the details below.
9. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or disclosure. These include encrypted data transmission (HTTPS), access controls, and regular security reviews. In the event of a data breach that poses a risk to your rights, we will notify you and the relevant authorities as required by law.
10. International Transfers
Your data may be processed by service providers outside Thailand. In such cases, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions, to protect your data in line with Thai PDPA requirements.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The current version will always be published on this page with the effective date. We encourage you to review this policy periodically.
12. Contact & Data Controller
For any privacy-related questions, requests, or complaints, please contact our Data Protection contact: Citichic Sukhumvit 13 — Guest Relations 13 Sukhumvit Soi 13, Khlong Toei Nuea, Watthana Bangkok 10110, Thailand Email: privacy@citichic.com Tel: +66 2 123 4567
