You are using an outdated browser and your browsing experience will not be optimal. Please update to the latest version of Microsoft Edge, Google Chrome or Mozilla Firefox. Install Microsoft Edge

Go Back

Gvavalin Mahakunkitchareon

Senior Associate

Biography

Gvavalin Mahakunkitchareon is a senior associate in Tilleke & Gibbins’ corporate and commercial group in Bangkok. She provides assistance and advice to both international and local clients on a wide range of corporate and commercial matters, including corporate services, company formation, data protection, foreign investment (particularly in obtaining foreign business licenses), technology and media, and e-commerce transactions. The depth of her business and legal knowledge and the international scope of her experience make her a much sought-after advisor for clients in a wide range of industries.

Gvavalin graduated from the University of Tasmania (Australia) with an LLB and a Graduate Diploma in Legal Practice. She also holds an MBA from Assumption University in Bangkok. She is admitted to the Supreme Court of Tasmania as a legal practitioner. She is also a member of the Lawyers Council of Thailand, a qualified notarial services attorney, and a Certified Information Privacy Professional/Europe (CIPP/E) recognized by the International Association of Privacy Professionals.

Experience

  • Provided advice to clients in various industries on data privacy and data protection law, including by conducting data mapping exercises, gap analyses, and personal data protection law training sessions.
  • Assisted a leading online travel agency to provide comprehensive advice on data privacy and protection as it relates to their local business operations in Thailand and their relationships with approximately 12,000 partners in Thailand.
  • Prepared a comprehensive handbook for a major tech company on compliance with Thai laws regulating data protection, cybersecurity, fintech, and various other key topics.
  • Drafted and reviewed numerous privacy policies, privacy notices, and terms and conditions for clients across various industries, including luxury goods, automotive, banking and finance, e-commerce, energy, insurance, healthcare, technology, and telecommunication.
  • Advised and assisted international clients in establishing companies in Thailand and provided advice on the setup of subsidiaries, representative offices, and branch offices.
  • Assisted an international logistics company on a complex M&A transaction.
  • Assisted clients in drafting and reviewing a wide range of commercial contracts.
ABOUT Gvavalin

Industries

Aviation

Fintech

Technology

Practices

Banking and Finance

Capital Markets

Corporate/M&A

Employment

Location

Languages

    Thai

    English

Education

    MBA, Assumption University

    GDip (Legal Practice), University of Tasmania

    LLB, University of Tasmania

Insights

January 9, 2026
Thailand continues to advance its legal and regulatory framework for the technology sector, with several key laws undergoing review and proposed amendments. These developments reflect Thailand’s broader efforts to ensure that its regulatory landscape keeps pace with rapid technological change and aligns more closely with international standards and best practices. The following are key legal developments and proposed legislative reforms in 2026 that are expected to impact businesses operating in the technology sector and the broader Thai business landscape. Data Privacy and Cybersecurity Personal Data Protection Act B.E. 2562 (2019) Following the full enforcement of Thailand’s Personal Data Protection Act (PDPA) in June 2022, businesses and practitioners have identified practical implementation challenges and interpretative issues. These challenges were reflected in an effectiveness assessment conducted by the Personal Data Protection Committee (PDPC) in late 2024. The PDPC published a set of principles for public consultation to identify issues and directions for potential amendments to the PDPA. Key issues: Emerging issues include clarifying the definitions of “data controller,” “data processor,” and “criminal record”; revisiting the scope of sensitive personal data to better reflect Thailand’s context; proposing amendments to the hierarchy of legal bases to avoid misconceptions of consent as the default legal basis; and clarifying the required level of expressiveness for explicit consent, as well as rules for collecting personal data from other sources. Current status: The first round of public consultation has concluded. Next steps: The proposed amendments are proceeding to a revised draft following the consultation outcomes. Cybersecurity Act B.E. 2562 (2019) Thailand is moving forward with proposed amendments to enhance the effectiveness of its national cybersecurity framework, as evolving digital technologies bring new risks such as misinformation, system intrusions, and attacks on critical infrastructure, making cybersecurity a national priority. Key issues: The amendments aim to clarify and strengthen
Read More
December 12, 2025
Tilleke & Gibbins has updated the Cambodia, Myanmar, Thailand, and Vietnam chapters in Multilaw’s Global Data Protection Guide, which collects expert advice from Multilaw member firms in 90 jurisdictions around the world (including a Laos chapter, which is also authored by Tilleke & Gibbins). The guide provides answers to key issues concerning the fast-developing data protection and privacy laws around the world, and helps data protection officers and in-house counsel understand how the regulatory regime for data protection can affect their organizations in various jurisdictions. Each section of the guide identifies the main laws that govern data protection in that jurisdiction, and gives a detailed overview of the legal principles in place as well as the enforcement authorities responsible for overseeing compliance. The guide also covers issues related to data subject rights, data protection officers, impact assessments, data breach notification requirements, and cross border data transfers. The use of personal data in marketing is also considered, with specific information on electronic marketing rules, cookies, and marketing to businesses and consumers. Multilaw, of which Tilleke & Gibbins is a longtime member, is a global network of carefully selected independent law firms able to provide expert legal advice in complex environments around the globe. The full guide is available for free on the Multilaw website.
Read More
October 31, 2025
On September 29, 2025, Thailand’s Office of the Personal Data Protection Committee (PDPC Office) published its Regulations on the Review and Certification of Binding Corporate Rules B.E. 2568 (2025) (the Regulations). The Regulations provide clarity on the PDPC Office’s approach to reviewing and certifying binding corporate rules (BCRs) under Section 29 of the Personal Data Protection Act B.E. 2562 (2019) (PDPA), and aim to facilitate international data transfers within a group of undertakings or enterprises (a “corporate group”). In conjunction with this development, the PDPC Office also approved BCRs for two companies operating in Thailand on September 30, 2025. This milestone represents the first concrete progress since the PDPC’s Notification on Criteria for the Protection of Personal Data Sent or Transferred to a Foreign Country pursuant to Section 29 of the PDPA B.E. 2566 (2023) came into effect in March 2024. Some key features of the Regulations are set out below. Categorization of BCRs BCRs are classified into two types: (1) BCRs for Controllers (BCR-C) and (2) BCRs for Processors (BCR-P). The category must be clearly specified when submitting the BCRs to the PDPC Office. Documentation Requirement The applicant must prepare and submit the application (a standard template may be provided by the PDPC Office in the future) along with supporting documents for review and certification in the Thai language. If the supporting documents are in a foreign language, a certified Thai translation should be provided. The translation must be notarized by a notary public or qualified person. Supporting documents may include, among others, a binding instrument such as an intra-group agreement, or a list of entities subject to the BCRs. Expedited Process Requirement Organizations with existing BCR approvals under the EU or UK GDPR, or from countries announced by the PDPC under Section 28, may apply through an
Read More
August 21, 2025
Tilleke & Gibbins is pleased to announce that the firm has adopted Harvey, a leading enterprise-grade AI platform for the global legal industry. The firm is proceeding with a rollout of Harvey’s legal AI solutions, which are supported by robust security and confidentiality protections, across the firm’s full-service regional practice in Southeast Asia. This initiative builds on the firm’s recent deployment of Microsoft Copilot and represents another advancement in Tilleke & Gibbins’ commitment to leveraging technology for enhanced legal service delivery. Under the program, legal professionals across the firm’s offices in Cambodia, Indonesia, Laos, Myanmar, Thailand, and Vietnam will have access to the full Harvey platform, equipping them to deliver practical, impactful, and results-driven legal services for clients throughout the region. The firm will also develop bespoke agentic workflows within Harvey tailored to the firm’s core practices and the unique requirements of Southeast Asian legal markets. Commenting on the initiative, Managing Partner Tiziana Sucharitkul stated, “At Tilleke & Gibbins, we have consistently invested in developing and adopting technology to improve the speed, precision, and overall excellence of our legal services. The firm’s decision to invest in Harvey exemplifies our commitment to innovation, further differentiating Tilleke & Gibbins within Southeast Asia’s legal landscape.” Managing Partner Darani Vachanavuttivong remarked, “By combining the deep regional expertise of our lawyers with Harvey’s market-leading domain-specific AI, we are empowering our regional team to streamline drafting, research, and review processes for complex legal matters, all while maintaining the high standards of quality and security our clients expect from us.” Harvey’s Chief Business Officer John Haddock added, “It’s clear Tilleke & Gibbins is investing heavily in innovation, and it’s clear their global clients will benefit significantly from their focus and investment. The Harvey team is thrilled to support the firm’s journey with our platform.”
Read More

Awards & Rankings

December 12, 2025
Tilleke & Gibbins has maintained its strong market position in the newly released Chambers Asia-Pacific 2026 rankings, with six Band 1 honors in core practices and consistently strong performance across the entire region. In addition to the exceptional practice-area rankings, 33 lawyers were recognized across 11 practice areas.
Read More
December 1, 2025
Tilleke & Gibbins is pleased to announce that the firm has been honored with two awards at the 2025 Lexology Index Awards in London, this time picking up both the Thailand and Vietnam Country Awards. Formerly known as the Who’s Who Legal Awards, the Lexology Index Awards celebrate outstanding achievements by firms and individuals identified through Lexology’s extensive global research process. Tilleke & Gibbins’ continued success in this forum reflects the exceptional expertise and dedication of its team, whose commitment to delivering the highest caliber of legal services continues to set a benchmark in the industry. The firm extends its gratitude to its talented professionals and valued clients for their continued trust and support. A full list of the winners of the 2025 Lexology Index Awards is available on the Lexology website.
Read More
September 12, 2025
The 2025/2026 edition of the IFLR1000 Asia-Pacific rankings, released by International Financial Law Review (IFLR), highlights Tilleke & Gibbins’ continued excellence in financial and corporate transactional work. The firm has maintained its strong rankings across multiple jurisdictions and practice areas while achieving notable upgrades and new recognitions, reaffirming its position as a leading firm in the Asia-Pacific region. This year, Tilleke & Gibbins received firmwide rankings in key jurisdictions, including: Thailand Banking & Finance—Tier 3 Capital Markets: Debt—Tier 3 Capital Markets: Equity—Tier 3 M&A—Tier 2 Project Development—Tier 2 Restructuring & Insolvency—Tier 3 Vietnam Banking & Finance—Tier 4 M&A—Tier 3 Project Development—Tier 3 Cambodia Financial & Corporate—Tier 2 Project Development—Tier 2 Laos Financial & Corporate—Tier 2 In addition to these firmwide rankings, Tilleke & Gibbins had several standout individual recognitions, with 12 lawyers honored in the 2025/2026 individual rankings—an increase from last year’s 10. This year’s results include upgraded rankings for John Frangos and new rankings for Charupat Boon-Long, Derrick Khoo, Prisna Sungwanna, and Saravut Krailadsiri. The full list is as follows: Charunun Sathitsuksomboon—Highly Regarded, M&A, Thailand; Women Leader Charupat Boon-Long—Rising Star, M&A, Thailand (new ranking) David Mol—Rising Star, Corporate and M&A, Cambodia Derrick Khoo—Rising Star (Partner), Financial and Corporate, Thailand (new ranking) Jay Cohen—Highly Regarded, Banking, Cambodia John Frangos—Highly Regarded, Restructuring & Insolvency, Thailand (upgraded ranking) Niti Muangkote—Rising Star, Financial & Corporate and Project Development, Laos; Highly Regarded, Banking & Finance, Thailand Prisna Sungwanna—Highly Regarded, Financial & Corporate, Laos (new ranking) Saithong Rattana—Notable Practitioner, Project Development and M&A, Laos Santhapat Periera—Highly Regarded, Banking & Finance and M&A, Laos; Highly Regarded, Banking & Finance, Thailand Saravut Krailadsiri—Notable Practitioner, Thailand (new ranking) Tram Ngoc Bich Nguyen—Highly Regarded, M&A, Vietnam To see the full set of IFLR1000 rankings for Tilleke & Gibbins’ jurisdictions, please see the Cambodia, Laos, Thailand, and Vietnam pages
Read More

Other Professionals

See All Professionals