Compare with different regulatory event:
On 1 June 2022, the Personal Data Protection Act (PDPA) will enter into force. The PDPA establishes the main legal bases to process personal data (consent, contract, public interest, legitimate interest of data controller). The personal data controllers and processors are obliged to notify the data subject about data collection practices, maintain records of personal data processing activities, appoint a Data Protection Officer and notify data breaches. Special categories of sensitive data require dedicated legal bases. The following rights are granted to data subjects: the right to be informed on the data processing, the right to access a copy of personal data, the right to rectification of incomplete or inaccurate data, the right to erasure, the right to opt-out from certain types of data collection or use, the right to data portability, the right not to be subject to automated decision-making. Furthermore, the PDPA introduces the "Personal Data Protection Committee" as the main regulator for data protection, which will determine measures and sanctions concerning PDPA compliance and establish guidelines for personal data controllers and processors. Finally, the Act introduces administrative and criminal penalties for non-compliance.
Original source