Data Privacy & Protection
At Silk Legal, we recognize that organizations are becoming increasingly dependent on websites, apps, and other digital means to operate business, and most importantly, to communicate with customers and other members of the public. Therefore, finding solutions to issues related to the collection, retention, processing, and disclosure of personal data is a matter that organizations must begin to prioritize. If such organizations do not adhere to data protection law and have security measures in place, they can be subject to serious consequences under the law.
Although Thailand has not yet finalized its draft data protection law, it does have specific regulations related to data protection that are applicable to businesses working in different industries where data protection is of particular concern, such as telecommunications and financial services. Telecom companies are strictly regulated as to what types of data are allowed to be collected, which are strictly prohibited, as well as rules regarding necessary security measures that must be in place to protect private data, while financial service companies have requirements to hold data within the Kingdom of Thailand which makes global IT operational issues. Furthermore, the actions of data controllers in general also fall under provisions of civil law that govern unlawful and negligent actions.
As a firm with a depth of experience in working with tech startups and online-based businesses, Silk Legal is well-prepared to advise data controllers regarding the legal issues related to data collection and processing, data transfer, data security law measures, as well as protocols in case of breach. Silk Legal also has legal expertise regarding issues such as electronic marketing and online privacy. Let Silk Legal evaluate your organization’s data protection protocols to ensure that your online business platforms do not turn into a major liability.
Silk Legal’s understanding of regulations surrounding personal data, specifically Thailand’s Personal Data Protection Act (“PDPA”) and overseas regulations such as the General Data Protection Regulation (“GDPR”), puts us at an advantageous position to help companies and start-ups ensure compliance with the complex requirements of these laws. We have advised numerous clients on their rights and obligations as data collectors, data processors, and data subjects.
We also have the capacity to help establish corporate policy surrounding data transfers, data security, and appropriate protocols for various scenarios. Additionally, our team’s understanding of both local and international best practices also puts us in a position to help those with both domestic and overseas operations.