Thailand Personal Data Protection Act.
Thailand's PDPA is a comprehensive data protection law governing the collection, use, and disclosure of personal data by data controllers and processors in Thailand or processing data of individuals in Thailand.
Maximum penalty
THB 5M + criminal penalties
Source: PDPA B.E. 2562
Key requirements
Consent-based processing
DPO appointment (for specific categories)
Data breach notification within 72 hours
Cross-border transfer restrictions
+2 more requirements in the complete guide.
Get the full TH PDPA compliance guide →Enforcement examples
Full enforcement from June 2022
PDPC building enforcement capacity; first penalties expected 2025
-
2022
How Tessera automates TH PDPA compliance
TH PDPA consent management
72-hour breach notification workflow
Cross-border transfer compliance
Data subject rights automation
TH PDPA compliance checklist
Essential steps to achieve and maintain TH PDPA compliance.
Implement consent management
Appoint DPO if required
Establish 72-hour breach notification
+2 more steps in the full checklist.
Get your complete TH PDPA compliance checklist - free →Industries affected
Calculate your TH PDPA exposure.
See exactly how TH PDPA penalties apply to your revenue and industry profile.