You are using an outdated browser and your browsing experience will not be optimal. Please update to the latest version of Microsoft Edge, Google Chrome or Mozilla Firefox. Install Microsoft Edge

May 31, 2019

Thailand’s Personal Data Protection Act Passes into Law

Subscribe to Updates

Thailand’s Personal Data Protection Act B.E. 2562 (2019) (PDPA), approved by the government earlier this year, was published in the Government Gazette on May 27, 2019.

Provisions relating to the collection, use, and disclosure of personal data will come into force one year after publication. The law is written to be extraterritorial, meaning that it applies to data controllers regardless of their location. Therefore, all applicable business operators who collect or process the personal data of data subjects in Thailand must be fully compliant with the PDPA by May 27, 2020.

Restrictions on the Collection and Use of Data

Personal data, in the context of the PDPA, is an extremely broad term covering any data from which an individual can be identified—notably those belonging to customers, employees, and suppliers, etc., but potentially extending to any data held by a company in the course of their business.

The most significant restrictions on the collection and use of such data under the PDPA are:

  • a requirement for data controllers to obtain consent from data subjects (in writing or online) before they can process their personal data (subject to certain exceptions);
  • more stringent requirements for sensitive personal data;
  • a requirement to arrange sufficient security measures for storing personal data and sensitive personal data;
  • restrictions on the transfer of personal data to other countries;
  • data breach notification requirements; and,
  • a requirement for data controllers outside Thailand to appoint a representative within the jurisdiction, who will have certain rights and obligations.

Rights of Data Subjects

In addition, the PDPA grants data subjects various rights over data held by others that relates to them, including, amongst others, right of access, right to erasure, right to object, and the right to data portability. Data controllers must ensure that they honor and guarantee those rights as part of their operations.

Sanctions for Non-Compliance

Penalties for noncompliance are severe, with each offence potentially incurring administrative fines of up to THB 5 million, and criminal fines of up to THB 1 million. The court can also award punitive damages of up to twice the damage caused, and imprisonment for up to a year.

How to Prepare

Given the wide impact of these amendments, and the short grace period for compliance, prudent business operators should conduct a gap analysis in order to understand the classes of data that they currently possess; identify current levels of compliance; assess and mitigate the risks involved in each activity which falls under the PDPA; and review their internal policies, agreements, practices, and any other instruments related to personal data to resolve issues identified in the gap analysis before May 27, 2020.

Business operators should also take necessary actions to ensure that their employees and personnel are fully trained and ready to handle the PDPA in a practical and efficient manner. Business operators should also take the opportunity to review their systems—both online and offline—to ensure that any personal data under their possession is secure held.

If you have any questions, please contact Athistha (Nop) Chitranukroh at [email protected] or Gvavalin Mahakunkitchareon at [email protected].

Related Professionals

Industries

Technology

Location

RELATED INSIGHTS​

July 24, 2024

Practical Law: Intellectual Property Transactions in Vietnam 2024

Experts from Tilleke & Gibbins’ intellectual property team have contributed an updated Intellectual Property Transactions in Vietnam to Thomson Reuters Practical Law, a high-level comparative overview of  laws and regulations across multiple jurisdictions. Intellectual Property Transactions focuses on business-related aspects of intellectual property, such as the value of intellectual assets in M&A transactions, and the licensing of IP portfolios. Key topics covered in the chapter include: IP assignment: Basis and formalities for assignments of patents, utility models, trademarks, copyright, design rights, trade secrets, confidential information, and domain names. IP licensing: Scope and formalities for licensing patents, utility models, trademarks, copyright, design rights, and trade secrets. Research and development collaborations. IP audits. IP aspects of M&A: Due diligence, warranties/indemnities, and transfer of IPRs. Employee and consultant agreements. Practical Law, a legal reference resource from Thomson Reuters, publishes a range of guides for hundreds of jurisdictions and practice areas. The Intellectual Property Transactions Global Guide is a valuable resource for legal practitioners, covering numerous jurisdictions worldwide. To view the latest version of the Intellectual Property Transactions in Vietnam overview, please visit the Practical Law website and enroll in the free Practical Law trial to gain full access.
Read More
July 24, 2024

Practical Law: Intellectual Property Transactions in Thailand 2024

Intellectual property specialists from Tilleke & Gibbins in Thailand have contributed an updated Intellectual Property Transactions in Thailand overview for Thomson Reuters Practical Law, an online publication that provides comprehensive legal guides for jurisdictions worldwide. The Thailand overview was authored by Darani Vachanavuttivong, managing partner of Tilleke & Gibbins and managing director of the firm’s regional IP practice; Titikaan Ungbhakorn, senior associate and patent agent; and San Chaithiraphant, senior associate. The chapter delivers a high-level examination of critical aspects of IP law, including IP assignment and licensing, research and development collaborations, IP in mergers and acquisitions (M&A), securing loans with intellectual property rights, settlement agreements, employee-related IP issues, competition law, taxation, and non-tariff trade barriers. Key topics covered in the chapter include: IP assignment: Basis and formalities for assignments of patents, utility models, trademarks, copyright, design rights, trade secrets, confidential information, and domain names. IP licensing: Scope and formalities for licensing patents, utility models, trademarks, copyright, design rights, and trade secrets. Research and development collaborations: Management of improvements, derivatives, and joint ownership of IP. IP aspects of M&A: Due diligence and critical considerations during mergers and acquisitions. Practical Law, a legal reference resource from Thomson Reuters, publishes a range of guides for hundreds of jurisdictions and practice areas. The Intellectual Property Transactions Global Guide is a valuable resource for legal practitioners, covering numerous jurisdictions worldwide. To view the latest version of the Intellectual Property Transactions in Thailand overview, please visit the Practical Law website and enroll in the free Practical Law trial to gain full access.
Read More
July 24, 2024

Acted for Nordic Transport Group in its Acquisition of Freightzen Logistics

Acted as lead counsel for Nordic Transport Group A/S (NTG), an international freight forwarding company based in Denmark, in its acquisition of a stake in Asia-based Freightzen Logistics Ltd., Inc. through a newly established subsidiary, NTG APAC Holding Pte. Ltd.
Read More
July 23, 2024

Tilleke & Gibbins Lawyers Recognized in Who’s Who Legal Southeast Asia Guide 2024

In the Who’s Who Legal (WWL) Southeast Asia guide for 2024, a total of 12 Tilleke & Gibbins lawyers have been distinguished as market leaders in various legal practice areas. The firm’s 12 recognized lawyers, singled out for their commitment to delivering exceptional legal services to Tilleke & Gibbins’ clients, are grouped into seven practice areas: Asset Recovery: Thawat Damsa-ard Data: Alan Adcock, Athistha (Nop) Chitranukroh Franchise: Alan Adcock, Jay Cohen Intellectual Property: Alan Adcock (Patents, Trademarks), Darani Vachanavuttivong (Patents, Trademarks), Kasama Sriwatanakul (Trademarks), Linh Thi Mai Nguyen (Trademarks), Somboon Earterasarun (Trademarks), Wongrat Ratanaprayul (Patents) Investigations: John Frangos and Thawat Damsa-ard Labor, Employment, and Benefits: Pimvimol (June) Vipamaneerut Life Sciences: Alan Adcock, Loc Xuan Le The annual WWL Southeast Asia rankings guide, published by the London-based group Law Business Research, aims to identify the foremost legal practitioners across a range of business law practice areas. The rankings are largely based on feedback and nominations received from other WWL-ranked and nominated attorneys around the world. These peer-driven recognitions highlight Tilleke & Gibbins’ dedication to maintaining the highest standards of legal service and helping clients achieve success. To read more about the WWL Southeast Asia guide, or to browse the full results, please visit the WWL website.
Read More
Load More

Contact

We have seven offices in six countries
across Southeast Asia.

Contact Us

Careers

We are always seeking great people to grow
our amazing team.

Join Us

Networks

© 2023 Tilleke & Gibbins International Ltd. All rights reserved.

© 2020 Tilleke & Gibbins International Ltd. All rights reserved.

Privacy Policy

| Legal Notice