Compare with different regulatory event:
On 10 November 2023, Thailand’s Personal Data Protection Committee (PDPC) closed the public consultation on the draft Rules regarding the criteria for protecting personal data sent or transferred abroad according to Section 29 of the Personal Data Protection Act (PDPA). The draft specifies that entities can transfer personal data to other entities engaging in the same affiliated business or part of the same group of undertakings based on a policy for personal data protection (binding corporate rules) reviewed and certified by the PDPC. In the absence of adequacy decisions or binding corporate rules, the entities would be able to transfer data to foreign countries based on appropriate safeguards, such as contractual clauses, certifications or agreements that Thailand is a party to. Furthermore, the draft outlines the international model contractual clauses that Thailand recognises. The Rule would be effective 90 days after its publication in the Royal Gazette.
Original source