Right to be informed; [Section 23]

Right to consent withdrawal; [Section 19]

Right to data portability;[Section 31]

Right to access; [Section 30]

Right to object; [Section 32]

Right to erasure; [Section 33]

Right to restriction; [Section 34]

Right to rectification; and [Section 35]

Right to complaint. [Section 33 & 34]

Establish PDPA Compliance Under Thailand’s Personal Data Protection Act


CCPA Opt-Out of Sale
Research & Readiness

OneTrust DataGuidance
Maturity & Planning
Data Inventory & Mapping

PDPA Data Subject Rights & Consent Management

Data Subject Rights
OneTrust Targeted Data Discovery(TM)
Website & Mobile App Scanning
Cookie Consent
Consent & Preference Management
Policy & Notice Management

PDPA Data Subject Rights & Consent Management

Assessment Automation
Incident & Breach
Vendor Risk Management

Research & Readiness


Measure your current standing and build a data protection program to adhere to PDPA compliance standards.

Appoint and Empower Your Data Protection Officer (DPO) [Section 42 & 40 (3)]

How OneTrust Helps – OneTrust Data Inventory & Mapping
Assign DPO ownership to activities and maintain secure internal and external communication to fulfill data subject requests. Empower your DPO with access to evergreen information. Categorize, link and track PDPA relevant information. OneTrust Data Mapping  & Inventory technology provides an up-to-date, auditable record of processing to review, report, and export necessary information to the proper individuals or regulating authorities.

Stay Up-To-Date with the Latest Changes and Amendments to the PDPA [Section 16 (6)]

How OneTrust Helps – OneTrust DataGuidance
OneTrust  DataGuidance  provides a central repository for PDPA resources, that are indexed and categorized for optimal search functionality. Resources include the PDPA text, summaries, guides, interpretive guidance, and regular update announcements such as the latest additions or clarifications provided by PDPC.

Monitor and Measure Personal Data Risks

How OneTrust Helps – OneTrust Maturity & Planning + Program Benchmarking
OneTrust’s Maturity & Planning and Program Benchmarking tools allow you to assess and score your program’s effectiveness, identify gaps in your compliance efforts, and measure your progress over time. Utilize the research-rich resources platform to review your operations in the context of the latest PDPA and global compliance standards, as well as benchmark your readiness against other companies.

PDPA Privacy Governance Solutions


Optimize Data Collection and Survey Risk Across your Business [Section 39]

How OneTrust Helps – OneTrust Assessment Automation
OneTrust  Assessment Automation  offers updated, PDPA-specific PIAs to adhere to data minimization and purpose limitations specified in the PDPA and your internal policy. Utilize our Risk Assessments to survey your practices and auto-flag and assign a risk score to responses out of line with the PDPA or your internal policies.

Document and Respond to Breach Incidents  [section 40 part 2, Section 37 part 4]

How OneTrust Helps – OneTrust Incident & Breach Response
Use OneTrust Incident & Breach Response to analyze incidents via a built-in, PDPA Notification assessment template. Respond and implement a treatment plan with customizable workflows to streamline response and notification.

How OneTrust Helps – OneTrust Vendor Risk Management
Document vendors and data flows between your organization to measure PDPA compliance. Implement controls across your value-chain from third party suppliers, service providers and vendors around the globe. Extend data access and deletion efforts across third party reach

How OneTrust Helps – OneTrust Policy & Notice Management
Draft and document your business’s data management policy. The OneTrust Policy & Notice  Management tool supports full version control and archiving so you can ensure the most up-to-date policy is displayed as reference to potential data subjects, as well as your entire organization.

PDPA Data Subject Rights & Consent Management


By leveraging OneTrust, Organizations support Data Subject rights from the collection of valid consent to the fulfillment of data subject requests.

Uphold Data Subject Rights 

How OneTrust Helps – OneTrust Website & MobilE App Cookie Compliance, OneTrust Consent & Preference Management
Choose from our library of default cookie banners that reflect PDPA-specific messaging. Using geolocation, OneTrust can customize the session experience to display the related cookie banner with appropriate consent models depending on the website visitor’s location. With our website and mobile scanning, organizations can control tracking, personalization, and third-party cookies.

How OneTrust Helps – Consent and Preference Management
Integrate with consent documentation across data collection points to generate detailed records and produce consent reports in the event of regulatory inquiry. Configure a centralized preference center to reduces opt-outs, while still enabling data subjects to withdraw consent and change their preference settings

Secure communication and processing to fulfill data subject requests – [Chapter 3, Section 30]

How OneTrust Helps – OneTrust Data Subject Rights Management & Targeted Data Discovery
Automate the fulfillment of  Data Subject Access Requests (DSAR) at every stage with OneTrust Targeted Data Discovery™. Quickly identify where data resides throughout your systems and utilize PDPA-specific response workflows to respond to requests, document exceptions, and reduce unnecessary work.

PDPA Compliance and OneTrust software

Download our whitepaper on How OneTrust Helps with the PDPA or contact our team to learn how OneTrust’s toolset can help your organization embed privacy practices into your everyday processes and automate compliance efforts.

Request Demo Download White Paper
Quick Start Readiness Check-up

Two-day onsite review of current privacy initiatives and complete a gap analysis against PDPA requirements

Project-Based Implementation

Our team can help scope and advise your team on implementing your PDPA compliance program, create a customized implementation plan and train key members, and execute hands-on proof of concepts for your team.

Health Check

Evaluate readiness across key PDPA compliance areas, including Data Subject rights and business obligations and walk away with a detailed report.