Support Centre

Thai PDPA

Comply with the PDPA

The Personal Data Protection Act 2019 ('PDPA') is the first consolidated legislation providing general data protection within Thailand and was originally expected to come into full effect on 27 May 2020. This date, however, was postponed until 27 May 2021 due to the COVID-19 ('Coronavirus) pandemic. The PDPA is based on the GDPR and contains many similar provisions, although they differ in areas such as anonymisation. While the PDPC is provided for by the PDPA, which further requires the PDPC to draft and issue sub-regulations on data protection by 27 May 2021, the PDPC has yet to be established.

OneTrust DataGuidance's PDPA Portal provides you with the ability to track developments regarding PDPA and understand its obligations.


PDPA v. GDPR

OneTrust DataGuidance, in collaboration with Blumenthal Richter & Sumet, have produced a PDPA v. GDPR Report, which you can download here, and which assists organisations in understanding and comparing key provisions of the PDPA comparative to the GDPR. You can also leverage this information through our PDPA v. GDPR Comparison in the tab above.


Thailand Privacy Landscape Overview


Watch our Thailand Overview video to understand the state of privacy in Thailand today.

PDPA v GDPR

GDPR Benchmark

This Chart aims at assisting organisations in understanding and comparing key provisions of the GDPR with relevant data protection law from around the globe. This Chart provides a comparison of the following key provisions:

  1. Scope
  2. Definitions and legal basis
  3. Rights
  4. Enforcement

Each topic includes relevant articles and sections from the law compared, a summary of the comparison, and a detailed analysis of the similarities and differences. The degree of similarity for each section can be identified using the key.

EU-California: GDPR v. CCPA
This analysis has been carried out in collaboration with Future of Privacy Forum. The information in the Chart is also available in a free Report, which you can download here.

EU-Japan: GDPR v. APPI
This analysis has been conducted on the basis of an English unofficial translation of the APPI (as amended) available on the PIPC website. The information in the Chart is also available in a free Report, which you can download here.

EU-Brazil: GDPR v. LGPD
This analysis has been conducted in collaboration with Baptista Luz Advogados. DataGuidance and Baptista Luz Advogados would also like to thank Pereira Neto | Macedo Advogados for their efforts and making a translation of the LGPD available for use. The information in the Chart is also available in a free Report, which you can download here.

EU-Russia: GDPR v. Law on Personal Data
This analysis has been conducted in collaboration with Gorodissky & Partners. This analysis has been conducted on the basis of an English unofficial translation of the Law on Personal Data. The information in the Chart is also available in a free Report, which you can download here.

EU-Thailand: GDPR v. PDPA
This analysis has been conducted in collaboration with Blumenthal Richter & Sumet. The information in the Chart is also available in a free Report, which you can download here.

EU-Australia: GDPR v. Privacy Act
This analysis has been conducted in collaboration with Mills Oakley. The information in the Chart is also available in a free Report, which you can download here.

EU-Nigeria: GDPR v. Nigeria Data Protection Regulation
This analysis has been conducted based on the Nigeria Data Protection Regulation 2019 ('NDPR'). The information in the Chart is also available in a free Report, which you can download here.

EU-Turkey: GDPR v. LPPD
This analysis has been conducted in collaboration with Esin Attorney Partnership. The information in the Chart is also available in a free Report, which you can download here.

EU-Singapore: GDPR v. PDPA
This analysis has been conducted in collaboration with Rajah & Tann Singapore LLP. The information in the Chart is also available in a free Report, which you can download here.

EU-Canada: GDPR v. PIPEDA
This analysis has been conducted in collaboration with Edwards, Kenny & Bray LLP. The information in the Chart is also available in a free Report, which you can download here.

Scope Benchmark

    title
  • Personal scope
  • Territorial scope
  • Material scope
  • Australia
    • Fairly inconsistent

    • Fairly consistent

    • Fairly consistent

  • Brazil
    • Fairly consistent

    • Fairly consistent

    • Fairly consistent

To view this Comparison and more, request your free 7-day trial of the full OneTrust DataGuidance platform

Try Free

Rights Benchmark

    title
  • Right to deletion
  • Right to be informed
  • Right to object
  • Right to access
  • Right not to be subject to discrimination
  • Right to data portability
  • Australia
    • Inconsistent

    • Fairly consistent

    • Inconsistent

    • Fairly consistent

    • Consistent

    • Inconsistent

  • Brazil
    • Fairly consistent

    • Fairly consistent

    • Fairly consistent

    • Fairly inconsistent

    • Inconsistent

    • Fairly inconsistent

To view this Comparison and more, request your free 7-day trial of the full OneTrust DataGuidance platform

Try Free

Enforcement Benchmark

    title
  • Monetary penalties
  • Supervisory authority
  • Civil remedies
  • Australia
    • Fairly consistent

    • Fairly consistent

    • Fairly inconsistent

  • Brazil
    • Fairly inconsistent

    • Fairly consistent

    • Fairly consistent

To view this Comparison and more, request your free 7-day trial of the full OneTrust DataGuidance platform

Try Free
Consent
Data Controller
Data Processor
Cloud Computing
Critical Infrastructure
Cybersecurity
Security Incident
Breach Notification
Data Breach
Data Security
Data Controller
Data Processor
Notification | Registration
Anti-money Laundering
Banking Secrecy
Compliance
Financial Data
Insurance
Payments Services
Data Subject Rights
Biometric Data
CCTV
Data Retention
Employee Monitoring
Employment
Notification | Registration
Data Transfer
Employee Records
Employment
Recruitment and Selection
Data Retention
Employee Records
Employment
Recruitment and Selection
Health | Pharmaceutical
Data Protection Impact Assessment
Employee Records
Employment
Whistleblowing