Impressum -

Go to content
Support > Impressum

Description :


Pex Food Shop Soi 94
Prachuap Khiri Khan 77110
Hua Hin

Kontakt: Phone: +66 (0)90 120 3238 (11am-7pm, Sunday CLOSED)





SERVER, STORE & WEBSITES are certificated with digital encrypted secured data transmission Modul Digicert (GeoTrust)

Diese Seite benutzt Cookies , lesen Sie bitte die Datenschutzhinweise.



Thailändisches Gesetz zum Schutz personenbezogener Daten
(Thailand Personal Data Protection Act)


Einhaltung wichtiger Bestimmungen des thailändischen Gesetzes zum Schutz personenbezogener Daten :

Einhaltung des thailändischen Gesetzes zum Schutz personenbezogener Daten (Thailand Personal Data Protection Act).
Das thailändische Gesetz zum Schutz personenbezogener Daten,  veröffentlicht in der Government Gazette vom 27. Mai 2019, (B.E. 2562  [2019]) befasst sich mit der Erfassung, der Nutzung und dem Schutz  personenbezogener Daten und sieht Abhilfemaßnahmen für von Verletzung  des Schutzes personenbezogener Daten betroffene Personen vor. Das Gesetz  gilt für Organisationen mit Sitz in Thailand, unabhängig davon, ob sie  die Daten in Thailand erfassen und nutzen. Es gilt auch für  Organisationen, die außerhalb Thailands ansässig sind, wenn sie Waren  und Dienstleistungen für betroffene Personen in Thailand anbieten oder  wenn sie das Verhalten von betroffenen Personen in Thailand überwachen.
Das thailändische Gesetz zum Schutz personenbezogener Daten basiert  auf der Datenschutz-Grundverordnung (DSGVO) der EU, ist aber nicht mit  dieser identisch. Durch die Einhaltung der DSGVO wird also nicht die  Einhaltung des thailändischen Gesetztes zum Schutz personenbezogener  Daten gewährleistet. Unternehmen, die in Thailand tätig sind oder mit in  Thailand wohnhaften Personen Geschäfte abwickeln, sollten sich mit dem  thailändischen Gesetz zum Schutz personenbezogener Daten vertraut  machen, um seine Einhaltung zu gewährleisten.
Eine Möglichkeit, Compliance zu gewährleisten, ist die  Sicherstellung, dass personenbezogene Daten, über die Ihre Organisation  verfügt, durch kryptographische Pseudonymisierungstechniken wie  Tokenisierung geschützt sind, und dass die zugrunde liegenden  kryptografischen Schlüssel geschützt sind, indem sie in nach FIPS und  Common Criteria zertifizierten Entrust nShield®  Hardware-Sicherheitsmodulen (HSMs) gespeichert und verwaltet werden.

Complying with Thailand’s  Personal Data Protection Act Entrust helps enterprises comply with key requirements of  Thailand’s Personal Data Protection Act • Secure personal data using a certified,  tamper-resistant platform • Protect legally shared personal data  from disclosure • Destroy personal data when retention  periods end • Prepare and maintain records of personal  data processing SUMMARY Published in the Government Gazette, May  27, 2019, Thailand’s Personal Data Protection  Act (B.E. 2562 [2019]) addresses the  collection, use and protection of personal  data and puts in place remedial measures  for data subjects whose personal data  protection is violated. The PDPA applies to  organizations located in Thailand, whether  they collect and use the data in Thailand or  not. It also applies to organizations located  outside of Thailand if they offer goods and  services to data subjects in Thailand, or if  they conduct monitoring of data subjects’  behavior in Thailand. Thailand’s PDPA is based on the EU’s General  Data Protection Regulation (GDPR), but it is  not the same. So, being in compliance with  GDPR does not ensure compliance with  PDPA. Enterprises operating in Thailand or  with Thai residents should review the PDPA  to ensure compliance. One way to ensure compliance is to make  sure personal data your organization  holds is protected through cryptographic  pseudonymization techniques, such as  tokenization, and that the underpinning  cryptographic keys are protected by storing  and managing them in FIPS and Common  Criteria certified Entrust nShield® hardware  security modules (HSMs).  Following are excerpted parts of  Thailand’s PDPA that Entrust can help  you comply with.

PDPA Regulations :

Section 37--The Data Controller shall have the following duties: 1. Provide appropriate security measures for preventing the unauthorized or unlawful  loss, access to, use, alteration, correction or disclosure of Personal Data… 2. In the circumstance where the Personal Data is to be provided to other Persons or  legal persons, apart from the Data Controller, the Data Controller shall take action  to prevent such person from using or disclosing such Personal Data unlawfully or  without authorization; 3. Put in place the examination system for erasure or destruction of the Personal Data  when the retention period ends, or when the Personal Data is irrelevant or beyond  the purpose necessary for which it has been collected, or when the data subject has  request to do so, or when the data subject withdraws consent… • The customized tokenization solution from Digizert Professional Services converts plain text data to  tokens that cannot be traced back to the original  data. • Stolen tokens cannot be reversed without access to  the
Digizert solution. • Altered tokens cannot be used to recreate the  original data. • The Digizert solution can partially mask data before  sending it to third-party entities to maintain data  confidentiality. • The solution authenticates legitimate users to  prevent unlawful users from gaining plaintext data. • Tokens are based on cryptographic keys protected  in Entrust nShield HSMs.
Upon retention expiry of data, token keys can be  removed from nShield HSMs. • Without token keys, tokens cannot be de-tokenized  – ensuring retired data invalidity. Section 40--The Personal Data Processor shall have the following duties:  3. Prepare and maintain records of personal data processing activities in accordance  with the rules and methods set forth by the Committee. • The Digicert solution provides logs of tokenization,  de-tokenization and masking calls for audit  reference. Section 42--The data protection officer shall have the following duties: 4. Keep confidentiality of the Personal Data known or acquired in the course of his or  her performance of duty under this Act. The Data Controller or the Data Processor shall support the data protection officer  in performing the tasks by providing adequate tools or equipment as well as  facilitate the access to the Personal Data in order to perform the duties. • The Entrust solution tokenizes data to maintain  confidentiality.  • Access to Digicert solution is limited to users who  hold the cryptographic keys credentials.
The Data  Protection Officer can obtain personal data with  application de-tokenization calls using the correct key secret DIGICERT TRUST MODULE.



Personal websites rights and federal laws § 5 TMG, § 55 Abs.2 RStV
As a rule, there is an imprint obligation for every homepage, unless it is used exclusively for personal or family purposes. The obligation to keep an imprint goes back to Section 5 of the Telemedia Act (TMG).
Please note that you are dependent a special legal form must provide additional information that is not listed here (e.g. register court, HRB number, sales tax identification number,
Mention of a managing director of the company authorized to represent). In addition, according to § 5 TMG, if available, the competent supervisory authority and chamber,
the legal job title and the professional regulations are specified. All rights reserved.

Liability for content as a service provider, we are responsible for our own content on these pages in accordance with general law in accordance with Section 7 (1) of the German Telemedia Act (TMG) and international laws.
According to §§ 8 to 10 TMG, as a service provider, we are not obliged to monitor transmitted or stored third-party information or to research circumstances that indicate illegal activity.
Obligations to remove or block the use of information according to general laws remain unaffected. However, liability in this regard is only possible from the point in time at which we become aware of a specific legal violation. As soon as we become aware of such legal violations, we will remove this content immediately.
Liability for links :
Our offer contains links to external third-party websites over whose content we have no influence. Therefore, we cannot accept any liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time they were linked. No illegal content was found at the time the link was created.
A permanent control of the content of the linked pages is not reasonable without concrete evidence of a violation of the law. As soon as we become aware of legal violations, we will remove such links immediately.
The content and works on these pages created by the website operator are subject to german and international copyright laws. The duplication, processing, distribution and any kind of exploitation outside the limits of copyright law require the written consent of the respective author or creator. Downloads and copies of this website are only permitted for private, non-commercial use.
Insofar as the content on this site was not created by the operator, the copyrights of third parties are observed. In particular contents of third parties are marked as such. If you should nevertheless become aware of a copyright infringement, we would ask you to notify us accordingly. As soon as we become aware of legal violations, we will remove such content immediately.

It is stricktly permitted to copy, assemble, dissassemble our content and design without our permission.

Pex Food Shop Soi 94
Prachuap Khiri Khan 77110
Hua Hin Thailand  
Telefon :
+66 (0)90 120 3238
(10am-7pm, Sunday CLOSED)

Webhosting & Design
Back to content