PDPA Second Postponement

THANATHIP & PARTNERS

We use cookies, including third party cookies, to personalise and optimise your experience when exploring our website. For more detailed information about our cookies, please refer to cookies section in our privacy notice .
If you agree to the use of cookies, please click “Accept”. To manage your cookies settings, please click “Cookies Settings”.

	Cookies Settings
	Necessary cookies These cookies are essential for the operation of our website. Without these cookies, our website cannot function properly and you may not be able to browse the website effectively. You may change your browser settings to disable these cookies, but it may affect your access or use of the website.
	Analytics cookies These cookies collect information about visitor to our website, particularly with regard to data relating to user’s device, browser, IP address and browsing behavior. This enables us to measure user interactions and volume and nature of traffic to our website in order to improve the performance of our website, as well as record and resolve any difficulties that you may have from the use of our website. In this connection, we use Google Analytics services provided by [Google LLC and its affiliates] for this purpose.

May 2021

By Nat Boonjunwetvat, Punnapa Vorapanyasakul

Following the approval of the Cabinet on 5 May 2021, the Royal Decree on Entities and Businesses of Data Controllers that are Exempted from the Personal Data Protection Act B.E. 2562 (2019) (No. 2) B.E. 2564 (2021) was published in the Royal Gazette on 8 May 2021 to defer the full enforcement of the Personal Data Protection Act B.E. 2562 (A.D. 2019) (the “PDPA”) for another year. Accordingly, the date of full implementation of the PDPA has been delayed for a second time to 1 June 2022.

Whilst data controllers remain obliged to observe certain interim security measures in accordance with the relevant Notification of Ministry of Digital Economy and Society, the postponement presents the opportunity for business operators to further brace for the PDPA impact as well as review their data processing activities to ensure compliance before the PDPA finally comes into full force.

^{This document is solely intended to provide an update on recent development in Thailand legislation and is not purported to provide a legal opinion, nor a legal advice to any person.}

Cross-Border Transfer of Personal Data

January 2024

On 25 December 2023, the Personal Data Protection Commission (the “PDPC”) issued two notifications relating to cross-border transfer of personal data, namely:

New Tax Guideline on Foreign-Sourced Income of Thai Tax Residents

September 2023

The Revenue Department of Thailand has made a radical change to its longstanding principal as regards its treatment of foreign-souced income of an individual “Thai tax resident”.

Amendment to Takeover Regulations to Reduce Burdens and Increase Flexibility

May 2022

With effect from 1 May 2022, the Office of the Securities and Exchange Commission (the “SEC”) has amended takeover regulations with an aim to reducing burdens of private sectors,