Privacy Policy

Effective June 8, 2026

This Privacy Policy applies to thira.co (the “Website”), operated by Sakae, Inc. (“we,” “us,” or “our”), the parent company of Thira. It explains how we collect, use, and protect personal data in accordance with applicable data protection laws. By using the Website, you agree to the practices described below.

This policy complies with the General Data Protection Regulation (EU GDPR), the United Kingdom GDPR (UK GDPR), the UK Privacy and Electronic Communications Regulations (PECR), and where applicable, the California Consumer Privacy Act (CCPA).

1. Information We Collect

1.1 Browsing the Website

Visitors can explore our stories, objects, and guides without creating an account. However, we may collect non-personally identifiable information through automated technologies, such as:

  • Device Information: The type of device used (mobile, tablet, or desktop), operating system, and browser type.
  • IP Address: Used to estimate general location (e.g., city or country) for performance optimization and fraud detection.
  • Website Usage Data: Page views, time on site, and referral sources, collected via analytics tools.
  • Cookies and Tracking Technologies: Managed through our consent-based banner. Details are available in our Cookie Policy.

1.2 Membership and Purchases

Thira membership is by invitation only and is not available for direct purchase. To purchase a guide or order an object, users must provide:

  • Full Name (for access and shipping)
  • Email Address (for login, updates, and confirmations)
  • Shipping and Billing Address (for fulfillment and verification)
  • Phone Number (optional, for delivery coordination)
  • Payment Information (processed securely via third-party services; we do not store card details)
  • Login Credentials (for registered accounts, stored securely)

1.3 Advisory Inquiries

If you contact us by email regarding Bespoke Itineraries, Art Advisory, or Seasonal Interiors, we may collect your name, email address, and any personal details you voluntarily share as part of your inquiry. This information is used solely to respond to and manage your engagement. Advisory correspondence is handled by Sakae, Inc. and is not shared with third parties except as required to fulfill the engagement (e.g., hotel or reservation partners acting on your behalf).

1.4 Communication and Support

If you contact us for any other reason, we may retain the information you voluntarily share for reference and quality assurance.

2. How We Use Your Information

We process personal data only when we have a valid legal basis, including:

  • Consent: For email marketing and cookies.
  • Contract: To process purchases, manage memberships, and fulfill obligations.
  • Legal Obligation: For tax, accounting, or compliance with laws.
  • Legitimate Interest: To protect against fraud, analyze site performance, and improve user experience.

Your information is used to:

  • Deliver content, fulfill purchases, and manage your membership.
  • Send transactional communications (e.g., order confirmations, account updates).
  • Respond to advisory inquiries and manage ongoing engagements.
  • Analyze site usage to improve layout and performance.
  • Detect fraudulent or unauthorized activity.

Sakae, Inc. does not sell personal data or use it for third-party advertising purposes.

3. Data Storage and Retention

Personal data from purchases, memberships, and advisory engagements is stored securely for one year from the end of the relevant membership period, transaction, or engagement, unless a longer retention period is required by law (e.g., for tax or accounting purposes). Browsing data collected via analytics tools such as Google Analytics is stored according to those providers’ own policies.

4. Age Restrictions

The Website is intended for users aged 18 and above. We do not knowingly collect personal data from minors. If we become aware that a minor has provided personal data, it will be deleted promptly. Parents or guardians may contact us at hello@thira.co with any concerns.

5. Data Sharing and Third-Party Services

We share data only with trusted third parties who help us operate the Website and deliver our services:

  • Payment Processors: Stripe, PayPal—for secure transaction handling
  • Email Marketing: Benchmark Email—for newsletters, member communications, and account notifications
  • Analytics: Google Analytics—for visitor behavior insights
  • Delivery Partners: Used only when physical products are shipped
  • Advisory Partners: Hotels, galleries, suppliers, and reservation services engaged on a client’s behalf, using only the information necessary to fulfill the engagement
  • Legal Authorities: If required by law, regulation, or legal process

All service providers are required to follow applicable privacy laws and implement appropriate security practices. We do not permit third parties to use personal data for their own marketing purposes.

6. Cookies and Tracking Technologies

We use cookies to manage preferences, enhance your experience, and understand traffic patterns. Non-essential cookies require your explicit consent and can be managed at any time via our cookie banner. For full details on the cookies we use and how to control them, see our Cookie Policy.

7. Your Rights and Choices

Depending on your location, you have the right to:

  • Access your data and request a copy
  • Correct inaccurate or outdated information
  • Request deletion of your data (subject to legal exceptions)
  • Withdraw consent where processing is based on consent
  • Object to the use of your data for analytics or tracking
  • Data portability—request your data in a structured, machine-readable format (EU and UK users)
  • Lodge a complaint with your local supervisory authority (EU and UK users)

California residents have additional rights under the CCPA, including the right to know what categories of personal data we collect, the right to request deletion, and the right to non-discrimination for exercising these rights. While we do not sell personal data, we honor all applicable CCPA requests.

EU and UK residents may contact their national data protection authority if they believe their rights have not been respected. Sakae, Inc. processes EU and UK personal data on the basis of contract, consent, and legitimate interest as described in Section 2.

To exercise any of these rights, contact us at hello@thira.co with “Privacy Policy” in the subject line. We will respond within 30 days.

8. International Data Transfers

Sakae, Inc. is based in New York, United States. If you are accessing the Website from the EU, UK, or elsewhere, your data may be transferred to and processed in the United States. Where required by law, we ensure appropriate safeguards are in place for such transfers, including reliance on standard contractual clauses or other lawful transfer mechanisms under GDPR and UK GDPR.

9. Data Security Measures

We implement industry-standard measures including:

  • Secure data encryption (SSL/TLS)
  • Limited access controls for sensitive data
  • Secure third-party services for payment and email handling

While no method of transmission is 100% secure, we continually review and improve our security practices. In the event of a data breach that affects your rights and freedoms, we will notify affected users and relevant authorities as required by applicable law.

10. Policy Updates

We may update this Privacy Policy to reflect changes in our services or legal obligations. The current version will always be available at thira.co/privacy-policy/ with the effective date noted above. For material changes, we will make reasonable efforts to notify registered members by email. Continued use of the Website after any update indicates acceptance of the revised policy.

11. Contact

For any privacy-related inquiries, data access requests, or concerns, contact us at hello@thira.co with “Privacy Policy” in the subject line. We will respond within 30 days.