How to make your website PDPA Thailand compliant
For the past few years, improvements in computer technology have been progressing at an extremely rapid rate; one of its aspect that plays a significant role in many people’s lives is the internet. It is being used by billions on a daily basis which is a fairly good indicator of its astounding capabilities. However, like any other things, there will always be downsides. When surfing the internet, users risk losing their personal information to website operators, most often without themselves knowing. As a result, to protect their rights, website owners are bound to follow a certain set of rules which are a part of the data protection law.
The Importance of PDPA
The regulations that apply for those owning a website in Thailand regarding data security can be found in the Personal Data Protection Act or the PDPA. Similar to the General Data Protection Regulation (GDPR), which is the European’s law, PDPA protects Thai residents against illegal collection, use, and sharing of personal information. In fact, the PDPA was adapted from the GDPR. If your website collects data from Thai residents, whether it be an e-commerce website, an entertainment website, an educational website, you are automatically required to comply with the guidelines.
Here are some key points that are required in order for organizations to be able to collect, use or disclose their users’ personal data:
-
Data owners must have been informed of the purposes for the collection, use or disclosure of their data
-
The purposes for collection, use or disclosure must be considered appropriate to a reasonable person in the given circumstances
-
The website is expected to have a simple and clear language in the privacy policies section
-
Consent requests should not be misleading or deceptive
-
Data owners must have explicitly given their consent
-
Data owners must be allowed to withdraw their consent at any time
Although there are many similarities between PDPA and GDPR, there are not exactly the same. The table below taken from Construct Digital presents the differences between them.
Concept |
Personal Data Protection Act (PDPA) |
General Data Protection Regulation (GDPR) |
|
Personal Data |
Exclusions:
|
|
|
Consent |
|
|
|
Sensitive Personal data |
Not specifically defined |
Personal data revealing:
|
|
Age of Consent |
Not specified |
Threshold set at 16 years old but may be lowered by member states to between 13 to 16 years. |
|
Purpose |
|
Strictly limited to :
|
When is the law exempted?
There are special cases when this law does not apply. They include:
-
The fulfilment of contractual obligations
-
Public interest
-
Legitimate interest
Why bother?
You may be wondering about the consequences of non-compliance and the severity of the penalties. Organizations which are found to violate the law are subject to both criminal and civil fines. You risk losing ฿1,000,000 – ฿3,000,000 depending on the offence. On top of that, the courts may also enforce extra compensations (punitive damages) of up to double the amount of the actual damages and a prison sentence of one year.
If you think that this is all you can lose, unfortunately, it’s not. The PDPA also allows data owners to put forward class action lawsuits. All this gives your company a very poor image and reputation. It is therefore advised for you to familiarize yourself with and adhere to the law if you are looking to create a website or is already owning one.
Steps to take for PDPA compliance
The following steps provided by Secure Privacy is a guide that may help you to ensure that your website is PDPA compliant:
-
Understand how your company collects, processes, transmits, and stores data
-
Review your company’s internal policies, agreements, and practices related to personal data
-
Implement data management processes and operating systems
-
Update existing privacy notices and creating relevant legal documents
-
Ensure employees and personnel are fully trained on the relevant requirements of the PDPA
-
Conduct a gap assessment to identify the current levels of compliance
-
Have processes in place that exercise the rights of individuals relating to their personal data
How can you start?
Now that you understand the general basis of PDPA, it is time for you to get moving. Unsure how to start? We at KOS Design are ready to transform your business into digital. Ecommerce store, corporate website, branding, graphic design, digital marketing, and SEO, we do them all. You can begin by calling or emailing us for some advice and ask for more information. We look forward to working with you. Let’s start!
For many of us, working from home has become a new part of our lives due the COVID-19 pandemic. We have learned to live online; ordering our food via services like Grab, having a work meeting via Zoom, and searching to buy what we need in online ecommerce stores across the web. Our livelihood has changed and the so-called “new normal” is expected to stay. There is no denying that online spending has been increasing dramatically in the past few years, as fast internet is more accessible, and having a smartphone is quite common. So If your business is still offline, you are definitely running behind.
“Moving is living”
A great quote said by George Clooney in the movie “Up in the air” back in 2009 which basically means that nothing is static, and we must keep moving, growing, and evolving to catch up with an ever-changing situation. We could really consider this pandemic as a turning point where our economy must thrive with the help of online businesses. If customers' behavior has changed, why are we standing still? Let's take a closer look at the following reasons why you should take your business online.
1. The real money is online
Last year alone in Thailand, the total annual sales revenue from online market has grown by 23 percent. It is quite simple really, the more places you offer your product, the more revenue you can generate. Building an ecommerce store will allow you to reach more customers locally and internationally alike. So let’s expand your opportunities, find new markets to explore, and keep moving forward.
Let’s take a look at some more statistics data;
According to We Are Social, food and personal care products are at the top of the list with the highest growth rate from last year. Second is gadgets, toys, and hobbies related products. Third is fashion and beauty. The way things are now, people sometimes visit online markets just to have fun. They browse through what they are interested in and if they find it, they will likely make purchases right then and there.
2. Know your customers
Getting customer information is quite difficult in the real world. Anyone can walk into your store and leave without you knowing anything about them. Have you ever been asked to fill out a questionnaire after you bought something? Not too often right? That is because getting your information that way could possibly interrupt your customer experience.
Ecommerce is great because it lets you grab information from your customer without them even knowing about it. With the tools like Google Analytics or Hotjar, you can learn much more about your customers than ever before. You can track where customers are coming from, which product they are interested in, whether or not they buy your product, and much more. You then use these insights to adapt to your customer and grow your business.
3. Expand your reach with SEO
How do you think your customer knows about your store? How do they know where it is or when it opens? If your business has been in operation for a while then this may not be a problem for you. You may already have a good social media presence and a decent reputation with your local communities but why stop there.
When people want to find something specific to buy, they search. Ecommerce will allow people to find you easier than ever. Start by using SEO to allow your site to rank higher for keywords associated with your business and its products. Later on you will learn more advanced tips and tricks, and perhaps to invest a bit on Google Ads to boost up your rank even more.
4. Easy to get started
You are basically just a few clicks away from operating an ecommerce website. If you are looking for just a really basic store, ecommerce platforms like Wix, Squarespace, or BigCommerce offer many pre-build templates for you to choose from. They also take care of all the confusing stuff like hosting, SSL certificates, and maintenance on your behalf. Some even give you a free domain for the first year too. So why not go and try opening your first online business today.
Let’s start moving forward
If you are a perfectionist and want something much more than a simple and basic template store, look no further. We at KOS Design are ready to transform your business into digital. We specialize in highly customized ecommerce solutions like Shopify and Magento which empowers more than 1 millions professional businesses worldwide. Ecommerce store, corporate website, branding, graphic design, digital marketing, and SEO, we do them all. Still having doubt? Come talk to us and let us guide you through the seemingly complex online business solution. Welcome to the kingdom of service.
