country: Thailand framework: PDPA (Thailand) region: Asia Pacific language: en version: "2019" status: published last_updated: "2025-11-20" source_verified: true authority: Personal Data Protection Committee (PDPC) notes: - Thailand's Personal Data Protection Act 2019 establishes comprehensive data protection rules based on GDPR principles. - Mandatory data breach notification within 72 hours to PDPC. - Data Protection Officer appointment required for certain organizations. categories: - name: Thai National ID Number type: national_identifier subtype: government_id required_masking: true tags: - pii - sensitive citations: - regulation: PDPA (Thailand) section: Section 6 description: 13-digit national identification number issued to Thai citizens - name: Passport Number type: direct_identifier subtype: government_id required_masking: true tags: - pii citations: - regulation: PDPA (Thailand) section: Section 6 - name: Taxpayer Identification Number type: national_identifier subtype: tax_identifier required_masking: true tags: - pii - financial citations: - regulation: PDPA (Thailand) section: Section 6 - name: Social Security Number type: national_identifier subtype: insurance_id required_masking: true tags: - pii - sensitive citations: - regulation: PDPA (Thailand) section: Section 6 - name: Bank Account Number type: financial_identifier subtype: bank_account required_masking: true tags: - pii - financial citations: - regulation: PDPA (Thailand) section: Section 6 - name: Credit Card Number type: financial_identifier subtype: financial_identifier required_masking: true tags: - pii - financial citations: - regulation: PDPA (Thailand) section: Section 6 - name: Driver's License Number type: direct_identifier subtype: government_id required_masking: true tags: - pii citations: - regulation: PDPA (Thailand) section: Section 6 - name: Vehicle Registration Number type: quasi_identifier subtype: vehicle_identifier required_masking: false tags: - pii citations: - regulation: PDPA (Thailand) section: Section 6 - name: Health Insurance Number type: financial_identifier subtype: insurance_id required_masking: true tags: - pii - health - sensitive citations: - regulation: PDPA (Thailand) section: Section 26 - name: Medical Record Number type: special_category subtype: medical required_masking: true tags: - phi - sensitive citations: - regulation: PDPA (Thailand) section: Section 26 - name: Biometric Data type: special_category subtype: biometric required_masking: true tags: - sensitive citations: - regulation: PDPA (Thailand) section: Section 26 - name: DNA Information type: special_category subtype: genetic required_masking: true tags: - sensitive citations: - regulation: PDPA (Thailand) section: Section 26 - name: Educational Records type: contextual_identifier subtype: education required_masking: false tags: - pii citations: - regulation: PDPA (Thailand) section: Section 6 - name: Employment Records type: contextual_identifier subtype: employment required_masking: false tags: - pii citations: - regulation: PDPA (Thailand) section: Section 6 - name: Religious Information type: special_category required_masking: true tags: - sensitive citations: - regulation: PDPA (Thailand) section: Section 26 - name: Political Opinions type: special_category required_masking: true tags: - sensitive citations: - regulation: PDPA (Thailand) section: Section 26 - name: Racial/Ethnic Origin type: special_category required_masking: true tags: - sensitive citations: - regulation: PDPA (Thailand) section: Section 26 - name: Sexual Orientation type: special_category required_masking: true tags: - sensitive citations: - regulation: PDPA (Thailand) section: Section 26 - name: Criminal Records type: special_category required_masking: true tags: - sensitive citations: - regulation: PDPA (Thailand) section: Section 26 - name: Location Data type: quasi_identifier subtype: geolocation required_masking: false tags: - pii citations: - regulation: PDPA (Thailand) section: Section 6