We offer a globally recognized gap analysis and remediation report, which can be completed within days. Depending on your organization’s scale, our remediation consultant will conduct an onsite gap analysis assessment covering Ten core areas and seventy-three controls. All gaps will be provided with a remediation step report. Depending on the size of the organization the assessment will be completed within 5-7 days. Completed either onsite or remotely via Zoom.
Define, document, communicate and assign accountability for your privacy policies and processes.
Notify data subjects about your privacy policies, purposes and procedures for collecting, using and retaining their data.
Provide, manage and process data access rights for your data subjects according to the latest data privacy laws.
Regularly monitor compliance with all privacy policies, procedures. Put appropriate measures in place.
Use and retain data for the intended purpose and according to the data subjects' consent and PDPA regulations.
Ensure all data collected and stored is accurate, complete and relevant to the purposes outlined in your policies.
Correctly outline the choices availability to the data subjects regarding the data they disclose.
Disclose personal data to third parties while keeping in line the purposes outlined in your policies and contracts.
Protect personal information from unauthorized access, both from a logical and physical standpoint.
Irrespective of your enterprise’s scale, when you outsource the Data Protection Officer’s (DPO), we basically manage your compliance solutions on your behalf and allows you more time to focus on your business priorities. Our outsourced DPO service includes without limitation:
Full End-to-end data mapping of all data processing activities. We carry out departmental interviews to discover all data processing operations.
Completely free access to our best-in-class data privacy management platform for the first twelve months representing a minimum saving of 8,000THB per month.
Creation of policies and processes, and maintaining documentation saving resource sapping internal workloads. Our dedicated DPO will take care of it all.
We'll build and maintain a central record of all processing activities as required by ongoing regulations. This document is mandated to be ready at all times.
As a controller or processor engaging sub-processors, you must ensure they are capable of processing your subjects' personal data. We'll do this for you.
Keeping your employees up-to-date on data regulations requires proactive training and process acceptance on all the relevant data policies. We ensure this is maintained.
Working with your technical and project teams, we'll advise on DPIA's to ensure compliance when introducing new 'high risk' technologies and data processing activities.
A data breach can permanently damage your reputation and inflict financial loss. Our DPO helps you stay on top of things, via 24-hour emergency phone mobile number.
Under the current circumstances, we have made it easy for organizations to conduct PDPA training on employees’ PC or mobile devices. The VinarcoFormiti LMS Platform delivers easy onboarding and delivers PDPA training through:
refers to any individual person who can be identified, directly or indirectly, via an identifier such as a name, an ID number, location data, or via factors specific to the person’s physical, physiological, genetic, mental, economic, cultural, or social identity.
refers to any information relating to a “Data Subject” an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural, or social identity.
means any freely given specific, informed and explicit indication of his or her wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to “Personal data” relating to them being processed.
PDPA identifies a data controller as the authority that determines the means and purpose of collecting, using, and sharing personal data.
any individual or party that gathers, uses, or shares personal information as directed by the data controller.
For full details, please visit us here: