Amity Solutions’ GDPR/PDPA Commitment

At Amity Solutions Corporation Co., Ltd. (referred to as “Amity Solutions”), we are fully committed to being compliant, where applicable, with the provisions of the General Data Protection Regulation (referred to as “GDPR”) and the Personal Data Protection Act 2019 (B.E. 2562) (referred hereto as "PDPA") and to help our customers and users to understand this regulation. Hence, the goal of this GDPR/PDPA Commitment is to explain what steps we took – and what we will take in the future – to ensure and maintain a secure and compliant environment for our customers and users under GDPR/PDPA.

GDPR went into effect on May 25, 2018, with the goal of further regulating and strengthening the privacy rights of EU citizens. It is the most comprehensive privacy regulation ever adopted in the European Union.

PDPA went into effect on May 28, 2019, with the goal of further regulating and strengthening the privacy rights of Thai citizens and citizens who disclosed his or her personal data within Thailand territory.

GDPR and PDPA set out standards to comply with for all the organizations that collect and/or process Personal Data (i.e. all the information relating to an identified or identifiable natural person) and ensures full transparency throughout the collection and/or processing of such Personal Data.

1) Why Amity Solutions is GDPR/PDPA compliant

Please find below the measures that we have taken to guarantee our compliance with GDPR/PDPA:

Policy Reviews and Updates

We’ve updated our Terms and Policies according to GDPR and PDPA provisions. Indeed, as set forth in GDPR and PDPA, our new Privacy Policy guides you through all the data we collect, use and disclose, and explains to you in detail how we collect, use and disclose it. Importantly, any customer or user can always modify the data we collect. You can ask us to remove your Personal Data simply by sending us an email at legal@amitysolutions.com In any case, please have a look at our Privacy Policy. Kindly note that you always have rights in relation to your Personal Data as set forth in the GDPR/PDPA provisions.

Investments in Security Infrastructure and Certifications

Amity Solutions is committed to always guarantee to its customers and users the best technical and organizational measures to protect their Personal Data against unauthorized disclosure or access and / or accidental or unlawful destruction or alteration. To this end, we have highly invested in building up a solid security infrastructure to ensure the best protection possible of your Personal Data. ( You can find more details on our security infrastructure and certification in paragraph no. 3 below).

Partnering only with Third-Parties that Meet our Requirements

We are committed to cooperate and work exclusively with partners who are 100% GDPR/PDPA compliant, and have updated their terms and policies according to its provisions.

2) Our Certifications and Security Infrastructure

Obviously, your privacy is extremely important to us, and we have invested time and resources in guaranteeing to our customers and users the highest standards of security.

Our security protocols are aligned to the ISO/IEC 27001 standards and are regularly assessed by third party auditors and customers. All data going through Amity Solutions is encrypted both in-transit and at-rest. Data in-transit is always encrypted with the latest TLS 1.2 protocol, a security protocol widely known and used for encryption of personal information in the e-commerce and banking industries. Qualys Grade A+ compliance report of Amity Solutions servers.

Data at rest is encrypted via AES-256 encryption before being stored. AES-256 currently offers the highest level of encryption of any standard and it is widely used by both banks and government agencies around the world to protect sensitive information. For user generated content such as messages or files, Amity Solutions will use a unique encryption key for every individual piece of content. The encryption keys are then encrypted a second time using a separate encryption key, and stored in a special key management server, on a seperate network, in order to add an additional layer of security.

Amity Solutions’s servers are hosted with Amazon Web Services (AWS) in their Frankfurt, Singapore, and North Virginia regions. AWS is a global data center & cloud computing provider with secure locations all over the world. Amity Solutions’s data centers are SSAE16 SOC1 / SOC2 / SOC3 and ISO 27001 compliant. This means our physical servers all have 24/7 video surveillance, biometric locks, and strict personnel access controls.

Your Opinion Matters

Should you have any question that was not addressed so far, or should you simply wish to better understand how Amity Solutions deals with your Personal Data or, in general, your rights under GDPR and PDPA, please please feel free to email us at legal@amitysolutions.com