Privacy Policy

Effective Date: 2025-01-24
Last Updated: 2024-01-24

1. Introduction

Welcome to HappyTest.shop (“Website,” “we,” “us,” or “our”), operated by Happy Test Shop (“Company”). We value your privacy and are committed to protecting your personal data. We comply with the Thai Personal Data Protection Act (PDPA) and other applicable laws, such as the EU General Data Protection Regulation (GDPR).

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you visit or make a purchase through our Website. By accessing or using our services, you acknowledge that you have read, understood, and consented to the practices described in this Privacy Policy. If you do not agree, you must not use the Website or our services.

By accessing or using any part of the Website, you confirm your acceptance of this Privacy Policy in its entirety. Any unauthorized use of our Website, breach of these terms, or unlawful act affecting our operations may result in legal action under the laws of Thailand and, where applicable, other jurisdictions. The Company expressly reserves the right to seek all remedies available at law or in equity, including injunctive relief and the pursuit of damages.

2. Scope and Purpose

This Privacy Policy applies to all visitors, users, and customers (collectively, “you” or “your“), including individuals who reside or access our services from outside Thailand. We process your personal data in accordance with the Thai Personal Data Protection Act (PDPA) and any other applicable regulations.

By utilizing our Website or services, you agree that this Privacy Policy governs all data processing activities related to your interaction with us, no matter where you access the Website from. Given the nature of our offerings—harm-reduction testing kits—we emphasize that we do not promote, condone, or facilitate the illicit use or consumption of drugs. Minors (under 18 years of age) are strictly prohibited from purchasing or using our services, as per our Terms & Conditions.

We do not collect personal data without due reason or beyond the purposes specified in this Policy, and we employ safeguards to ensure data is used only for those stated purposes.

3. Personal Data We Collect

We collect both voluntarily provided and automatically generated personal data necessary to offer our products and services, ensure legal compliance, and maintain Website operations. By submitting personal data, you represent that all information is accurate, up to date, and provided with requisite consent (if acting on behalf of another individual). You must not share personal data you are not authorized to disclose:

3.1 Data You Provide Voluntarily

  • Order Information: Name, shipping address, email, contact number, and any recipient details if different from the billing party. We may retain invoices and transaction data to comply with record-keeping requirements.
  • Payment Details: We do not store your full payment card information; such details are handled exclusively by Opn Payments or CoinPayments. We may retain partial transaction data (e.g., last four digits, transaction IDs) for dispute resolution, accounting, and audit purposes.
  • Communications: Information shared via email or customer support (e.g., [email protected]).

3.2 Data Automatically Collected

  • Log & Device Data: IP addresses, browser types, operating systems, referring URLs, and date/time stamps. We use this data for system administration, security monitoring, and improving our services.
  • Cookies & Tracking: Collected through cookies and tracking technologies to analyze website usage, remember user preferences, and enhance functionality. Disabling cookies may limit some features.

3.3 No Sensitive Data

  • We do not intentionally collect “sensitive data” (e.g., health status, religious beliefs, national ID numbers). If such data is voluntarily provided, it will only be processed as necessary to fulfill your request and in compliance with applicable laws.

4. Legal Basis for Processing

We process personal data under the following legal justifications:

4.1 Contractual Necessity

  • Fulfilling your orders, arranging shipping, and providing related services.
  • To coordinate with payment processors and manage transaction-related tasks.
  • Without this data, we cannot perform our contractual obligations.

4.2 Legal Obligations

  • To comply with Thailand’s regulations on taxation, consumer protection, accounting, and other statutory requirements.
  • Where relevant, to respond to legally binding requests from government or law-enforcement authorities.

4.3 Legitimate Interests

  • To ensure the security and stability of the Website and prevent fraud.
  • To analyze Website usage and improve our products and services.
  • We take measures to balance these interests against your fundamental rights and freedoms.

4.4 Consent

  • Where required by law, especially for processing sensitive or non-essential data beyond what is strictly necessary for operational purposes. You have the right to withdraw this consent at any time by contacting us at [email protected]; withdrawal does not affect the lawfulness of prior processing.

5. How We Use Your Data

5.1 Order Processing & Delivery

  • To fulfill orders within Thailand and to coordinate with shipping providers (e.g., Grab, Kerry Express).
  • To generate invoices and receipts, retained per Thai regulations.
  • You acknowledge that logistics providers may have separate privacy and security measures beyond our direct control.

5.2 Payment Processing

  • Managed by Opn Payments or through CoinPayments. We pass necessary transaction data but do not store full card details.
  • We retain partial transaction data (e.g., transaction IDs) for accounting, dispute resolution, and audits.

5.3 Customer Support & Communications

  • To address inquiries, resolve disputes, and provide updates about your purchase or our harm-reduction tools.
  • We may maintain records of customer communications for quality assurance, dispute resolution, and legal compliance.

5.4 Website Operations & Analytics

  • To troubleshoot technical issues and improve site performance through internal analytics.
  • To gather usage metrics via cookies and tracking tools (e.g., AnalyticsWP, Usermaven) for site enhancements and security monitoring.
  • If you wish to limit these analytics, you may configure your browser to block cookies. However, certain functionalities may be restricted.

5.5 Legal Compliance & Security

  • To comply with Thai law, respond to court orders, or assist law-enforcement inquiries.
  • To investigate and prevent fraudulent or illicit activities, enforce our rights, and protect the integrity of our services.
  • You consent to our use of your personal data in any internal or external investigation related to improper activities or legal violations.

6. Data Sharing & Transfers

6.1 Third-Party Service Providers

We engage certain third parties to assist in delivering our services:

  • Payment Processors and Gateways: (Opn Payments, CoinPayments) for online transactions.
  • Shipping & Delivery: (Grab, Kerry Express) Require recipient details (name, address, contact information) to fulfill delivery obligations.
  • Hosting & Infrastructure: Providers that host our Website or perform data backups may access personal data in the course of providing their services.

These entities act as Data Processors under our instructions, bound by confidentiality and authorized to use your personal data only to perform the services for which we have engaged them.

6.2 International Transfers

While our core operations are in Thailand, some service providers or backups may be located outside Thailand. If we transfer your personal data abroad, we take measures to ensure an adequate level of protection consistent with Thai PDPA, such as contractual clauses or comparable safeguards.

6.3 Legal & Regulatory Compliance

We may disclose personal data if required to do so by law, court order, or governmental demand, or where necessary to protect our rights, enforce our Terms & Conditions, or assist law enforcement in preventing illegal activities. Any such disclosure will comply with Thai PDPA and other applicable laws.

7. Data Retention

We retain your personal data as long as necessary to fulfill the purposes stated in this Policy or to comply with legal and regulatory obligations under Thai law. Retention periods are as follows:

  • Log & Analytics Data: Typically stored for 1–2 years for security, performance analysis, and operational improvements. Extended retention may apply if required for audits or legal proceedings.
  • Customer Support Records: Typically retained for up to 1 year after the resolution of your inquiry or issue in case of dispute resolution.
  • Legal Holds and Other Obligations: We may retain personal data longer if needed to comply with legal processes, court orders, or ongoing investigations. If a dispute remains unresolved, we may keep relevant data until the matter is settled or legally closed.

8. Data Disposal

When the retention period for any personal data expires, we ensure that the data is securely deleted, anonymized, or archived in accordance with applicable laws and industry best practices. Data marked for deletion is permanently erased from active and backup systems unless subject to legal hold or similar obligations.

9. Data Security

We implement measures such as SSL/TLS encryption, access controls, and periodic security assessments to protect personal data. However, no method of data transmission or storage is entirely foolproof; by using our Website, you acknowledge that we cannot guarantee absolute security.

10. Your Rights Under Thai PDPA

Subject to certain limitations under the Thai PDPA and other applicable laws, you retain the following rights regarding your personal data:

  • Right to Access: You may request a copy of personal data we hold about you. Verification of your identity is required to ensure that only you—or an authorized agent—can access the data.
  • Right to Rectify: You may request corrections or updates to any inaccuracies or incomplete information. We strive to address such requests promptly, typically within thirty (30) days of receipt.
  • Right to Erasure (“Right to Be Forgotten”): You may request deletion of personal data if it is no longer needed for the original purpose or if you withdraw consent (where applicable). We may retain certain data if required by law or if legitimate interests outweigh your request.
  • Right to Restriction & Objection: You may restrict or object to specific data processing activities based on our legitimate interests or direct marketing. We will assess each request on a case-by-case basis to determine if compelling grounds exist for continued processing.
  • Right to Data Portability: Where technically feasible, you may request a machine-readable copy of your personal data for transfer to another service provider. This right is generally limited to data provided directly by you and processed under your consent or contractual necessity.

To exercise these rights, please contact [email protected]. We strive to respond within a reasonable timeframe and in accordance with Thai law.

11. Protection of Minors

Our products and services are strictly limited to individuals 18 years or older. We do not knowingly collect personal data from minors. If you suspect a minor has provided us with personal data, please contact [email protected] so we can promptly remove it.

12. Harm Reduction Disclaimer

We offer drug testing kits strictly for harm-reduction purposes, to detect adulterants or contaminants. We do not encourage, endorse, or facilitate the consumption of controlled substances, in full alignment with our Terms & Conditions. Any misuse is strictly prohibited, and we may cooperate with law enforcement as needed.

13. Cookies & Tracking Technologies

We may use cookies, pixels, and third-party scripts to:

  • Analyze traffic.
  • Remember user preferences (e.g., cart items, login sessions).
  • Enhance security and site features.

You may disable cookies in your browser; however, certain functionalities might be impaired if cookies are blocked. If you are located in certain jurisdictions (e.g., EU), we will seek your consent before deploying non-essential cookies or analytics. You can opt out at any time by adjusting your browser settings or contacting us at [email protected].

14. Third-Party Links

Our Website may include links to external sites or services. This Policy does not apply to such third-party websites, which may have their own privacy statements. We encourage you to review their policies before disclosing personal data.

15. Updates to This Privacy Policy

We reserve the right to modify or update this Policy to reflect changes in law, business operations, or technological advances. Any updates will be effective upon posting the revised Policy with an updated “Last Updated” date. Your continued use of our Website after these changes signifies your acceptance of the updated terms.

16. Contact Information

For questions, concerns, or data access requests, please contact:
Happy Test Shop
Bangkok, Thailand
Email: [email protected]

17. Governing Law & Dispute Resolution

This Privacy Policy is governed by and interpreted in accordance with the laws of Thailand, without regard to conflict-of-laws principles. Any dispute arising under or in relation to this Policy shall be subject to the exclusive jurisdiction of the competent courts of Thailand.

18. Acceptance

By accessing or using our Website, placing orders, or otherwise providing us with personal data, you acknowledge and agree to the practices described in this Privacy Policy, as it may be amended from time to time.

Disclaimer: This Privacy Policy is provided for informational purposes and does not constitute legal advice. Consult a qualified attorney familiar with Thai PDPA and other relevant regulations for full compliance.