EURONEXX GROUP
Anggun Residences 50300 WP
Kuala Lumpur
Malaysia
www. euronexxgroup.com
mail@euronexxgroup.com
Dedicaded at several locations & server hosting in :
Singapur
Malaysia Kuala Lumpur KLCC
Thailand
Australia
Europe
United Kindom
Backbone
---------------------------------------------------------------------------------------------------------------------------------------------------------------
DATENVERSCHLÜSSELUNG :
SERVER, STORE & WEBSITES are certificated with digital encrypted secured data transmission Modul Digicert (GeoTrust)
Diese Seite benutzt Cookies , lesen Sie bitte die Datenschutzhinweise.
---------------------------------------------------------------------------------------------------------------------------------------------------------------
TPDPA / DSGVO / TMG
Thailändisches Gesetz zum Schutz personenbezogener Daten
(Thailand Personal Data Protection Act)
TPDPA
TPDPA :
Einhaltung wichtiger Bestimmungen des thailändischen Gesetzes zum Schutz personenbezogener Daten :
Einhaltung des thailändischen Gesetzes zum Schutz personenbezogener Daten (Thailand Personal Data Protection Act).
Das thailändische Gesetz zum Schutz personenbezogener Daten, veröffentlicht in der Government Gazette vom 27. Mai 2019, (B.E. 2562 [2019]) befasst sich mit der Erfassung, der Nutzung und dem Schutz personenbezogener Daten und sieht Abhilfemaßnahmen für von Verletzung des Schutzes personenbezogener Daten betroffene Personen vor. Das Gesetz gilt für Organisationen mit Sitz in Thailand, unabhängig davon, ob sie die Daten in Thailand erfassen und nutzen. Es gilt auch für Organisationen, die außerhalb Thailands ansässig sind, wenn sie Waren und Dienstleistungen für betroffene Personen in Thailand anbieten oder wenn sie das Verhalten von betroffenen Personen in Thailand überwachen.
Das thailändische Gesetz zum Schutz personenbezogener Daten basiert auf der Datenschutz-Grundverordnung (DSGVO) der EU, ist aber nicht mit dieser identisch. Durch die Einhaltung der DSGVO wird also nicht die Einhaltung des thailändischen Gesetztes zum Schutz personenbezogener Daten gewährleistet. Unternehmen, die in Thailand tätig sind oder mit in Thailand wohnhaften Personen Geschäfte abwickeln, sollten sich mit dem thailändischen Gesetz zum Schutz personenbezogener Daten vertraut machen, um seine Einhaltung zu gewährleisten.
Eine Möglichkeit, Compliance zu gewährleisten, ist die Sicherstellung, dass personenbezogene Daten, über die Ihre Organisation verfügt, durch kryptographische Pseudonymisierungstechniken wie Tokenisierung geschützt sind, und dass die zugrunde liegenden kryptografischen Schlüssel geschützt sind, indem sie in nach FIPS und Common Criteria zertifizierten Entrust nShield® Hardware-Sicherheitsmodulen (HSMs) gespeichert und verwaltet werden.
Complying with Thailand’s Personal Data Protection Act Entrust helps enterprises comply with key requirements of Thailand’s Personal Data Protection Act • Secure personal data using a certified, tamper-resistant platform • Protect legally shared personal data from disclosure • Destroy personal data when retention periods end • Prepare and maintain records of personal data processing SUMMARY Published in the Government Gazette, May 27, 2019, Thailand’s Personal Data Protection Act (B.E. 2562 [2019]) addresses the collection, use and protection of personal data and puts in place remedial measures for data subjects whose personal data protection is violated. The PDPA applies to organizations located in Thailand, whether they collect and use the data in Thailand or not. It also applies to organizations located outside of Thailand if they offer goods and services to data subjects in Thailand, or if they conduct monitoring of data subjects’ behavior in Thailand. Thailand’s PDPA is based on the EU’s General Data Protection Regulation (GDPR), but it is not the same. So, being in compliance with GDPR does not ensure compliance with PDPA. Enterprises operating in Thailand or with Thai residents should review the PDPA to ensure compliance. One way to ensure compliance is to make sure personal data your organization holds is protected through cryptographic pseudonymization techniques, such as tokenization, and that the underpinning cryptographic keys are protected by storing and managing them in FIPS and Common Criteria certified Entrust nShield® hardware security modules (HSMs). Following are excerpted parts of Thailand’s PDPA that Entrust can help you comply with.
PDPA Regulations :
Section 37--The Data Controller shall have the following duties: 1. Provide appropriate security measures for preventing the unauthorized or unlawful loss, access to, use, alteration, correction or disclosure of Personal Data… 2. In the circumstance where the Personal Data is to be provided to other Persons or legal persons, apart from the Data Controller, the Data Controller shall take action to prevent such person from using or disclosing such Personal Data unlawfully or without authorization; 3. Put in place the examination system for erasure or destruction of the Personal Data when the retention period ends, or when the Personal Data is irrelevant or beyond the purpose necessary for which it has been collected, or when the data subject has request to do so, or when the data subject withdraws consent… • The customized tokenization solution from Digizert Professional Services converts plain text data to tokens that cannot be traced back to the original data. • Stolen tokens cannot be reversed without access to the
Digizert solution. • Altered tokens cannot be used to recreate the original data. • The Digizert solution can partially mask data before sending it to third-party entities to maintain data confidentiality. • The solution authenticates legitimate users to prevent unlawful users from gaining plaintext data. • Tokens are based on cryptographic keys protected in Entrust nShield HSMs.
Upon retention expiry of data, token keys can be removed from nShield HSMs. • Without token keys, tokens cannot be de-tokenized – ensuring retired data invalidity. Section 40--The Personal Data Processor shall have the following duties: 3. Prepare and maintain records of personal data processing activities in accordance with the rules and methods set forth by the Committee. • The Digicert solution provides logs of tokenization, de-tokenization and masking calls for audit reference. Section 42--The data protection officer shall have the following duties: 4. Keep confidentiality of the Personal Data known or acquired in the course of his or her performance of duty under this Act. The Data Controller or the Data Processor shall support the data protection officer in performing the tasks by providing adequate tools or equipment as well as facilitate the access to the Personal Data in order to perform the duties. • The Entrust solution tokenizes data to maintain confidentiality. • Access to Digicert solution is limited to users who hold the cryptographic keys credentials.
The Data Protection Officer can obtain personal data with application de-tokenization calls using the correct key secret DIGICERT TRUST MODULE.
---------------------------------------------------------------------------------------------------------------------------------------------------------------
TMG :
Personal websites rights and federal laws § 5 TMG, § 55 Abs.2 RStV
As a rule, there is an imprint obligation for every homepage, unless it is used exclusively for personal or family purposes. The obligation to keep an imprint goes back to Section 5 of the Telemedia Act (TMG).
Please note that you are dependent a special legal form must provide additional information that is not listed here (e.g. register court, HRB number, sales tax identification number,
Mention of a managing director of the company authorized to represent). In addition, according to § 5 TMG, if available, the competent supervisory authority and chamber,
the legal job title and the professional regulations are specified. All rights reserved.
Disclaimer
Liability for content as a service provider, we are responsible for our own content on these pages in accordance with general law in accordance with Section 7 (1) of the German Telemedia Act (TMG) and international laws.
According to §§ 8 to 10 TMG, as a service provider, we are not obliged to monitor transmitted or stored third-party information or to research circumstances that indicate illegal activity.
Obligations to remove or block the use of information according to general laws remain unaffected. However, liability in this regard is only possible from the point in time at which we become aware of a specific legal violation. As soon as we become aware of such legal violations, we will remove this content immediately.
Obligations to remove or block the use of information according to general laws remain unaffected. However, liability in this regard is only possible from the point in time at which we become aware of a specific legal violation. As soon as we become aware of such legal violations, we will remove this content immediately.
Liability for links :
Our offer contains links to external third-party websites over whose content we have no influence. Therefore, we cannot accept any liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time they were linked. No illegal content was found at the time the link was created.
A permanent control of the content of the linked pages is not reasonable without concrete evidence of a violation of the law. As soon as we become aware of legal violations, we will remove such links immediately.
copyright
The content and works on these pages created by the website operator are subject to german and international copyright laws. The duplication, processing, distribution and any kind of exploitation outside the limits of copyright law require the written consent of the respective author or creator. Downloads and copies of this website are only permitted for private, non-commercial use.
Insofar as the content on this site was not created by the operator, the copyrights of third parties are observed. In particular contents of third parties are marked as such. If you should nevertheless become aware of a copyright infringement, we would ask you to notify us accordingly. As soon as we become aware of legal violations, we will remove such content immediately.
Our offer contains links to external third-party websites over whose content we have no influence. Therefore, we cannot accept any liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time they were linked. No illegal content was found at the time the link was created.
A permanent control of the content of the linked pages is not reasonable without concrete evidence of a violation of the law. As soon as we become aware of legal violations, we will remove such links immediately.
copyright
The content and works on these pages created by the website operator are subject to german and international copyright laws. The duplication, processing, distribution and any kind of exploitation outside the limits of copyright law require the written consent of the respective author or creator. Downloads and copies of this website are only permitted for private, non-commercial use.
Insofar as the content on this site was not created by the operator, the copyrights of third parties are observed. In particular contents of third parties are marked as such. If you should nevertheless become aware of a copyright infringement, we would ask you to notify us accordingly. As soon as we become aware of legal violations, we will remove such content immediately.
It is stricktly permitted to copy, assemble, dissassemble our content and design without our permission.