top of page

Privacy Policy

Aqua One Dive (hereinafter referred to as "the Center," "we," "us," or "our"), a legal entity registered and operating in Phuket under the company name Aqua One Watersports Phuket Co. Ltd., sets forth this Privacy Policy (the "Policy") governing the collection, utilization, disclosure, and protection of Personal Data provided by users (hereinafter referred to as "Users" or "you") of the website https://www.aquaone-dive.com (the "Service").

​

1. Definitions

  • Personal Data: Any information relating to a person which enables the identification of such person, whether directly or indirectly, but not including the information of the deceased persons in particular.

  • Sensitive Personal Data: Personal Data relating to racial, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behavior, criminal records, health data, disability, trade union information, genetic data, biometric data, or any other data which may affect the Data Subject in the same manner as specified by the Personal Data Protection Committee.

  • Data Subject: The individual to whom the Personal Data relates.

  • Any operation performed on Personal Data, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.1

 

 

2. Legal Basis and Data Collection

We process your Personal Data based on the following legal grounds:

  • Contractual Necessity: Processing required for the performance of the service agreement/booking contract to which the Data Subject is a party.2

  • Legal Obligation: Processing necessary for compliance with a legal obligation to which the Center is subject (e.g., Thai governmental reporting requirements, safety regulations).3

  • Legitimate Interests: Processing necessary for the purposes of the legitimate interests pursued by the Center or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject.

  • Where required by law, the clear, affirmative, and unambiguous consent of the Data Subject.

 

 

2.1 Categories of Data Collected

The Center collects several categories of personal data to facilitate diving services, training, and safety.

Identification and Contact data collected includes Full Name, Date of Birth, Nationality, Email Address, Telephone Number, and Residential/Hotel Address, primarily based on Contractual Necessity and Legal Obligation.

For diving eligibility and safety, we collect Diving Qualifications, such as Certification Level (e.g., Open Water), Certifying Agency (e.g., PADI, SSI), Certification ID Number, and Total Dives; this is required for Contractual Necessity to confirm eligibility and meet safety standards.

Health Data, considered Sensitive Personal Data, involves information contained within mandatory pre-dive medical questionnaires and declarations of fitness to dive. The collection of this sensitive data requires Explicit Consent from the individual and is also processed under the basis of Vital Interests for immediate safety.

Financial/Transaction Data, including Payment Method, Transaction Records, and Invoicing details, is collected based on Contractual Necessity and Legal Obligation.

Finally, Technical & Usage Data (such as Internet Protocol (IP) address, Browser Type, Operating System, Time Zone Setting, Geolocation Data, and Service Usage Statistics) is collected under the basis of Legitimate Interests for purposes like website security and improvement.

bottom of page