For full of details of the below, please visit us here

PDPA Gap Assessment

VinarcoPDPA Gap Assessment provides a snapshot of the overall/current story of the organization’s PDPA compliance status. Our assessment accurately identifies objective gaps in the organization by function/role, and try to expose weaknesses in order to quickly plan for remediation actions.

8 Core PDPA Gap Assessment Principles:

PDPA compliance

Policy and Procedure Management

How does your organization define, document, communicate your privacy policies and processes


Internal & External Notices

How does your organization notify data subjects about your privacy policies and procedures.

Data Access Rights

How does your organization provide, manage, and process access to data subjects.

PDPA compliance

Collection & Quality of Data

How does your organization manage the collection of personal data ensuring that t is only used inline with purposes

PDPA compliance

Use, Retention and Disposal

Is your organization using only for purpose given consent for, and period of data retention


Choices and Consent

How do you outline the choices available to the data subjects about the data they disclose

Third-party Disclosures

Is there any disclosures given out to third parties who are receiving personal data

PDPA compliance

Security & Enforcement

How does your organization protect personal data collected

For more information, please click

Outsourced Data Protection Officer (DPO)

VinarcoPDPA’s Outsourced Data Protection Officer (DPO) services eliminates the challenge and stress of managing your organization’s PDPA compliance journey, by outsourcing the DPO role to us. Our team of experienced consultants will take the lead in developing protocols and structure for your organization.

Data Mapping

Full End-to-end data mapping of all data processing activities. We carry out departmental interviews to discover all data processing operations.


VInarcoPDPA Platform

Completely free access to our best-in-class data privacy management platform for the first twelve months representing a minimum saving of 8,000THB per month.

PDPA compliance

Policy and Design

Creation of policies and processes, and maintaining documentation saving resource sapping internal workloads. Our dedicated DPO will take care of it all.

PDPA compliance

Processing Activity Tracking

We'll build and maintain a central record of all processing activities as required by ongoing regulations. This document is mandated to be ready at all times.

PDPA compliance

Third-party Due Diligence

As a controller or processor engaging sub-processors, you must ensure they are capable of processing your subjects' personal data. We'll do this for you.

Data Regulation Training

Keeping your employees up-to-date on data regulations requires proactive training and process acceptance on all the relevant data policies. We ensure this is maintained.

PDPA compliance

Data Protection Impact Assessments

Working with your technical and project teams, we'll advise on DPIA's to ensure compliance when introducing new 'high risk' technologies and data processing activities.

PDPA compliance

Data Breach Management

A data breach can permanently damage your reputation and inflict financial loss. Our DPO helps you stay on top of things, via 24-hour emergency phone mobile number.

DPO Advisory

Suitable for organizations that have a dedicated DPO and/or DPO working team, VinarcoPDPA DPO Advisory service provides your DPO with full support in maintaining your organization’s PDPA compliance status with industry-specific tools and support.

For more information, please click

PDPA Training

PDPA knowledge and awareness is essential for all organizations to reach full PDPA compliance. Our selection of PDPA Training courses vary from 1-hour to 2-day courses designed to raise awareness and build internal capabilities for organization staff members to utilize personal data within the PDPA guidelines.
Under the current circumstances, we have made it really easy for organisations to conduct PDPA training on employees’ PC or mobile devices.

For more information, please click

Key Terminology

refers to any individual person who can be identified, directly or indirectly, via an identifier such as a name, an ID number, location data, or via factors specific to the person’s physical, physiological, genetic, mental, economic, cultural, or social identity.

refers to any information relating to a “Data Subject” an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural, or social identity.

means any freely given specific, informed and explicit indication of his or her wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to “Personal data” relating to them being processed.

PDPA identifies a data controller as the authority that determines the means and purpose of collecting, using, and sharing personal data.

any individual or party that gathers, uses, or shares personal information as directed by the data controller.

For full details, please visit us here:

We use cookies to improve performance. and good experience using your website You can study the details at PDPA Terms and can manage your own privacy by clicking setting

Privacy Preferences

You can choose cookie settings by on/off. Cookies of each type are available on request, except for essential cookies.

Allow All
Manage Consent Preferences
  • Always Active