Personal Data Protection

Personal Data: Information that, directly or indirectly, identifies an individual e.g. their name, email address, phone number, identification number, physical address, work history, health records, or biometric or criminal records, among other sensitive data. Deceased persons are excluded.  

Objective: The PDPA regulates the collection, use, disclosure, and cross-border transfer, of personal data, by business operators in Thailand.







Legal Review – Data Mapping & Gap Analysis

  • Review personal data protection frameworks and management, including electronic media, forms and organization policy, and relevant documents, such as contracts with partners, alliances and customers, and those with employees.
  • Analyze data flow and categorize personal data to identify data mapping in relation with legal exposure from its collection, use or disclosure.
  • Assess risks in personal data management (Gap Analysis).

Standard Form & Documentary Generation

  • Prepare notification forms and consent letters, including those enabling the Data Subject to exercise its rights.
  • Draft a personal data protection policy, or a manual or standards for personal data protection or for its cross-border transfer.
  • Prepare or improve contracts with partners, alliances, customers and employees, including other necessary legal instruments.















Legal Support & Training

  • Render legal services and support to improve compliance with laws.
  • Arrange training for employees, including training of a Personal Data Protection Officer and a Responsible Person, as required under the PDPA.
Copyright ©2019 DRKI. All Rights Reserved.
บริษัท สำนักกฎหมายสากล ธีรคุปต์ จำกัด