Target GDPR compliance with voluntary data protection services


In the era of big data, privacy is not just an issue of security but also of trust. To inspire trust in your data management, it is essential not only to implement appropriate management procedures, but also to achieve certification.

The EU General Data Protection Regulation (in force as of May 25, 2018) tightens controls on companies dealing with EU citizens’ personal data wherever they are located and imposes hefty fines for non-compliance.

As you increase the range of activities and operations that are digitised, you need to demonstrate to your clients, staff and other stakeholders that you respect their right to privacy and take data security seriously.



In response to this, we have developed a technical standard and a voluntary certification programme for businesses, which is based on best practice and the content of the regulation.

Certification of your data protection procedures is a tool that enables your organisation to achieve and proactively demonstrate compliance with regulations. Moreover, should breaches occur, certification demonstrates due diligence and can help to mitigate potential penalties.




  • Ensure

    compliance with increasingly stringent regulations

  • Demonstrate corporate digital responsibility

    and achieve certification

  • Improve brand reputation

    and ethics

  • Limit the risk

    of potentially costly security breaches

  • Safeguard the privacy of customers

    and other stakeholders

  • Protect valuable data assets

    that are crucial to your business.

  • Support from a global leader

    in testing, inspection and certification

  • Dedicated team of certification specialists

    with experience of data protection regulations and processes

data protection infographic


Meet Thailand's Data Privacy Regulations

Personal Data Protection Act or PDPA is developed to protect user's personal data and to meet international regulations. Demonstrating compliance with PDPA proves that the personal data of your clients, employees, and stakeholder in your database is well-organised and never been used without consent.

Bureau Veritas’ work as an independent third party enables companies to ensure that the organization, processes, and practices are conforming to Thailand's Personal Data Protection Act.