Skip to main content

Services & Solutions Personal Data Protection Act (PDPA) Solutions

  • Security

Personal Data Protection Act (PDPA) Solutions

What is PDPA?

PDPA overview

Effective Date:Published on May, 2019, Fully effective on 31 May, 2021

Applicable to:Companies that collect and manage personal information in Thailand, or companies that handle personal information


Privacy Notice

Companies must provide with a privacy notice when collection personal data.


Companies must obtain explicit consent from the data subject at the time of collection.

Security Obligations

Companies have duties to keep personal data secure.

Data Protection Officer

Companies must appoint of an agent or data protection officer in Thailand.

Cross Border Data Transfer

Companies are only allowed to transfer personal data to foreign countries which have adequate data protection standards.

Breach Notification

Companies are required to notify the Office within 72 hours after becoming aware of breach of personal data.


Administrative penalties of up to 5 million Bht, plus criminal penalties of up to one year's imprisonment or fines of up to 1 million Bht can be imposed on directors and managers.

What IT measures should be taken to comply with PDPA?

What the IIJ Group can do for you

Network Security Survey

Visualize security risks

On-site survey of the customer's network environment to identify security issues

Analysis, reports and countermeasures

Report on the issues found in the survey and propose further measures.

IIJ Secure MX Service

Prevent information leak via email

Prevents information leaks by responding to various email threats, such as spam and malware. 

Click here for details on "IIJ Secure MX Service".

Prevent misdirected email

Control mail transmission under predefined criteria to reduce risk of information leak


Prevent information leak due to internal fraud

Web access management and device control to prevent data leaks from inside the company.

Click here for details on "LanScope Cat on GIO".

Log archive

PC operation logs can be used to confirm facts in case of information leak.

To further strengthening the security

IIJ ID Service

Added advanced authentication security, such as multi-factor authentication. 

Click here for details

IIJ Firewall Management Service

24/7 operational support for our proprietary "Anomaly Detection System" that detects communication anomalies. 

Click here for details

Leap GIO Cloud

Providing Japanese quality cloud from DC in Thailand. 

Click here for details

Try for free

The IIJ Secure MX service, LanScope Cat on GIO, is available for a free one-month trial.For details, please contact our sales.

Services & Solutions List

Read more