You are using an outdated browser and your browsing experience will not be optimal. Please update to the latest version of Microsoft Edge, Google Chrome or Mozilla Firefox. Install Microsoft Edge

Go Back

Thao Thu Bui

Associate

Biography

Thao Thu Bui is an associate in the firm’s Hanoi office and handles a range of corporate and commercial matters as well as legal research. Her practice focuses primarily on the tech/media/telecom (TMT) space, where she has advised many clients on Vietnam’s changing data privacy landscape as well as fintech and telecommunications activities. She also assists with the firm’s franchising practice and is involved in M&A and due diligence projects.

Thao earned an LLM in France after graduating from law school in Vietnam. She worked for a top French law firm for two years, and as a program assistant or legal advisor for several international organizations in Hanoi and Paris before joining Tilleke & Gibbins.

Experience

  • Assisted a global social media giant on a range of legal issues concerning the company’s ongoing operations and new initiatives in Vietnam, including reviewing contracts and user agreements, and advising on numerous issues related to data privacy, processing, and protection.
  • Advised one of the world’s largest cryptocurrency exchanges to conduct a comprehensive analysis of the laws and regulations, licensing requirements, and restrictions applicable to its proposed launch of a copy trading product in Vietnam.
  • Assisted a Thai bank on an ongoing basis on its day-to-day banking operations in Vietnam, including advice on internet banking, lending products, data privacy and IT agreements.
  • Advised a European chocolate and confectionery company on advertising and promotion regulations and product liability issues in Vietnam.
  • Prepared a comprehensive due diligence report for a global power and renewable energy investment company’s acquisition of a target with five wind power subsidiary companies in Hanoi.
  • Assisted an Asia-based technology company during an inspection by the Vietnamese authority into its e-commerce activities.
ABOUT Thao Thu

Industries

Consumer Products

Fintech

Technology

Practices

Banking and Finance

Competition and Trade

Corporate/M&A

Location

Languages

    Vietnamese

    English

    French

Education

    LLM, University of Montesquieu – Bordeaux IV (France)

    LLB, Hanoi National University

Insights

January 5, 2026
On December 31, 2025, the government of Vietnam promulgated Decree No. 356/2025/ND-CP detailing and guiding the implementation of the new Personal Data Protection Law (PDPL) that was issued in June 2025. The new decree, like the PDPL, entered into force on January 1, 2026, with the previous Decree No. 13/2023/ND-CP on personal data protection ceasing effect on the same day. Some key points of the new decree include the following: Comprehensive lists of basic and sensitive personal data are provided, which will require companies to review again their existing documents and data type classification to ensure compliance. New timelines are established for responding to specific data subject requests. These timelines are more reasonable and longer than the previous 72-hour requirements. Additional consent guidelines are provided, prohibiting default consent or ambiguous instructions that confuse data subjects about giving or withholding consent. Mandatory content for data transfer agreements/clauses in particular cases is provided. This covers, among other things, (i) the legal basis for the transfer of personal data; (ii) responsibilities for personal data protection during the transfer and processing of personal data; (iii) responsibilities for ensuring the exercise of the rights of personal data subjects; and (iv) responsibilities for coordination and compliance of the parties in cases where violations of personal data protection regulations are detected. The qualifications and responsibilities of data protection officers (DPOs) and data protection departments include, among others, having been trained and fostered in legal knowledge and professional skills regarding personal data protection. There are no specific provisions governing the qualifications or requirements for organizations that provide data protection training or education. New mandatory templates and requirements are provided in relation to data processing impact assessment and data transfer impact assessment, and for cases in which companies need to re-submit assessments to the regulator. Stricter requirements are
Read More
December 12, 2025
Tilleke & Gibbins has updated the Cambodia, Myanmar, Thailand, and Vietnam chapters in Multilaw’s Global Data Protection Guide, which collects expert advice from Multilaw member firms in 90 jurisdictions around the world (including a Laos chapter, which is also authored by Tilleke & Gibbins). The guide provides answers to key issues concerning the fast-developing data protection and privacy laws around the world, and helps data protection officers and in-house counsel understand how the regulatory regime for data protection can affect their organizations in various jurisdictions. Each section of the guide identifies the main laws that govern data protection in that jurisdiction, and gives a detailed overview of the legal principles in place as well as the enforcement authorities responsible for overseeing compliance. The guide also covers issues related to data subject rights, data protection officers, impact assessments, data breach notification requirements, and cross border data transfers. The use of personal data in marketing is also considered, with specific information on electronic marketing rules, cookies, and marketing to businesses and consumers. Multilaw, of which Tilleke & Gibbins is a longtime member, is a global network of carefully selected independent law firms able to provide expert legal advice in complex environments around the globe. The full guide is available for free on the Multilaw website.
Read More
November 7, 2025
Tilleke & Gibbins has contributed the Vietnam chapter to the latest edition of the Global FinTech Guide published by Multilaw. The guide provides a comprehensive overview of the legal and regulatory framework governing financial technology across major jurisdictions around the world. Compiled by experienced practitioners from Multilaw member firms, the Global FinTech Guide examines how technological innovation is transforming financial services and how regulators are adapting to developments such as digital payments, virtual assets, and online financial platforms. The publication offers comparative insights into regulatory regimes and presents detailed, jurisdiction-specific analysis for companies, investors, and entrepreneurs active in the FinTech sector. The Vietnam chapter, prepared by lawyers in Tilleke & Gibbins’ technology, media, and telecommunications team, surveys the key legal and regulatory developments shaping the country’s FinTech ecosystem. It covers the following areas: Payment services Asset and portfolio management Financial advisory and broking services (including robo-advisory and auto-trading) Trading platforms, social trading platforms, and signal following Crowdfunding, crowdinvesting, and crowdlending Distributed ledger technology (DLT) and cryptocurrencies Loan services, factoring, loan broking, and finetrading Identification Online banking services Initial coin offerings (ICOs) and token sales Insurtech Regtech and compliance management Know-your-customer (KYC) requirements Tilleke & Gibbins also contributed the Thailand chapter to the Global FinTech Guide. The full guide is available on the Multilaw website.
Read More
September 22, 2025
On September 15, 2025, Vietnam’s Ministry of Science and Technology announced that the country will issue an updated version of its National AI Strategy (first issued in 2021) and its first-ever AI Law by the end of this year. The ministry emphasized that the AI strategy is not just a legal framework, but a commitment to embracing AI to drive Vietnam into a new era. The AI adoption plan is set as a priority of the country, and marks a significant step in shaping Vietnam’s AI governance and innovation landscape. Highlights of the plan include the following: Strategic vision. Vietnam’s ambition is to leverage AI for economic growth, social development, and global competitiveness, under the guiding principle “AI for humans – safe, autonomous, cooperative, inclusive, and sustainable.” AI as national infrastructure. The updated strategy positions AI as core national infrastructure, comparable to electricity or the internet, aiming to provide every citizen with a “personal digital assistant.” Core principles for AI legislation. The AI Law will be built around the following six core principles: Risk-based regulation Transparency and accountability Human-centric development Domestic AI autonomy AI as a driver of sustainable growth Digital sovereignty, with data, infrastructure, and AI technology being three strategic pillars Ethics and openness. A National AI Ethics Code will accompany the upcoming law, aligned with international standards but tailored to the Vietnamese context. The government emphasizes open standards and open-source development. Market development and incentives. The government plans to expand domestic AI adoption, particularly in public services and key industries. The National Technology Innovation Fund (NATIF) will allocate at least 40% of its budget to AI projects, prioritizing SMEs through vouchers for locally developed AI solutions. Background on AI Law Development Regulations on AI are found in various Vietnamese laws and regulations, notably the recently adopted Law
Read More

Awards & Rankings

December 12, 2025
Tilleke & Gibbins has maintained its strong market position in the newly released Chambers Asia-Pacific 2026 rankings, with six Band 1 honors in core practices and consistently strong performance across the entire region. In addition to the exceptional practice-area rankings, 33 lawyers were recognized across 11 practice areas.
Read More
December 1, 2025
Tilleke & Gibbins is pleased to announce that the firm has been honored with two awards at the 2025 Lexology Index Awards in London, this time picking up both the Thailand and Vietnam Country Awards. Formerly known as the Who’s Who Legal Awards, the Lexology Index Awards celebrate outstanding achievements by firms and individuals identified through Lexology’s extensive global research process. Tilleke & Gibbins’ continued success in this forum reflects the exceptional expertise and dedication of its team, whose commitment to delivering the highest caliber of legal services continues to set a benchmark in the industry. The firm extends its gratitude to its talented professionals and valued clients for their continued trust and support. A full list of the winners of the 2025 Lexology Index Awards is available on the Lexology website.
Read More
September 12, 2025
The 2025/2026 edition of the IFLR1000 Asia-Pacific rankings, released by International Financial Law Review (IFLR), highlights Tilleke & Gibbins’ continued excellence in financial and corporate transactional work. The firm has maintained its strong rankings across multiple jurisdictions and practice areas while achieving notable upgrades and new recognitions, reaffirming its position as a leading firm in the Asia-Pacific region. This year, Tilleke & Gibbins received firmwide rankings in key jurisdictions, including: Thailand Banking & Finance—Tier 3 Capital Markets: Debt—Tier 3 Capital Markets: Equity—Tier 3 M&A—Tier 2 Project Development—Tier 2 Restructuring & Insolvency—Tier 3 Vietnam Banking & Finance—Tier 4 M&A—Tier 3 Project Development—Tier 3 Cambodia Financial & Corporate—Tier 2 Project Development—Tier 2 Laos Financial & Corporate—Tier 2 In addition to these firmwide rankings, Tilleke & Gibbins had several standout individual recognitions, with 12 lawyers honored in the 2025/2026 individual rankings—an increase from last year’s 10. This year’s results include upgraded rankings for John Frangos and new rankings for Charupat Boon-Long, Derrick Khoo, Prisna Sungwanna, and Saravut Krailadsiri. The full list is as follows: Charunun Sathitsuksomboon—Highly Regarded, M&A, Thailand; Women Leader Charupat Boon-Long—Rising Star, M&A, Thailand (new ranking) David Mol—Rising Star, Corporate and M&A, Cambodia Derrick Khoo—Rising Star (Partner), Financial and Corporate, Thailand (new ranking) Jay Cohen—Highly Regarded, Banking, Cambodia John Frangos—Highly Regarded, Restructuring & Insolvency, Thailand (upgraded ranking) Niti Muangkote—Rising Star, Financial & Corporate and Project Development, Laos; Highly Regarded, Banking & Finance, Thailand Prisna Sungwanna—Highly Regarded, Financial & Corporate, Laos (new ranking) Saithong Rattana—Notable Practitioner, Project Development and M&A, Laos Santhapat Periera—Highly Regarded, Banking & Finance and M&A, Laos; Highly Regarded, Banking & Finance, Thailand Saravut Krailadsiri—Notable Practitioner, Thailand (new ranking) Tram Ngoc Bich Nguyen—Highly Regarded, M&A, Vietnam To see the full set of IFLR1000 rankings for Tilleke & Gibbins’ jurisdictions, please see the Cambodia, Laos, Thailand, and Vietnam pages
Read More

Other Professionals

See All Professionals