Is your data adequately protected? Can you demonstrate your compliance?
The Ministry of Public Security released on its website Vietnam’s Draft Decree on Personal Data Protection ("Draft Decree") for the public to submit their opinions by April 2021. If passed, it would establish the first comprehensive framework on data protection and privacy law in Vietnam.
With the effective date as set out in the Draft Decree of 1 December 2021, being prepared is key. The regulations will be binding and applicable directly to all entities storing and processing personal data.
The breach of the Personal Data Protection Decree can result in financial penalties up to 5 % of the total revenues of the company in Vietnam.
In principle, this Draft Decree is in line with international standards, such as the EU’s General Data Protection Regulation (GDPR). The new requirements will change how companies:
It adopts the broad definition of personal data, data subject’s rights, the concept of Data Protection Officer, extraterritorial applicability, and significant penalties for non-compliance. Click our Legal Newsbrief for highlights.
Who will be impacted by PDPD? Every company that processes personal data in Vietnam and abroad if a foreign entity processes personal data of Vietnamese residents. This can include sensitive personal data, transferring personal data abroad, having customers loyalty programs etc.
Please contact directly if your company is keen to: