WLTT
Login

Policies & Regulations

Thai labor law compliance guide for Time & Attendance

This is a summary guide based on the Thai Labour Protection Act B.E. 2541. For specific legal advice, consult a qualified Thai labor attorney.

This policy complies with the Thailand Personal Data Protection Act (PDPA) B.E. 2562 (2019), effective June 1, 2022.

Data We Receive

Our service receives ONLY attendance timestamps (clock-in/clock-out times) and employee identifiers from your terminals. We do NOT receive, store, or process any biometric data (fingerprints, facial images, iris scans). All biometric processing occurs exclusively on YOUR equipment — terminals only send us time registration events.

Legal Basis for Processing

Attendance time data is processed under Contractual Obligation (Section 24(3) PDPA) — it is necessary for the performance of the SaaS service agreement with your company. No separate consent is required for this operational data.

Data Security

All data transmitted between terminals and our service is encrypted via HTTPS/TLS. Data at rest is encrypted in our cloud database. Access is strictly limited to authorized company administrators only.

Data Retention

Attendance records are retained for the duration of the service agreement plus the legally required retention period (minimum 2 years per Thai Labor Protection Act). Upon contract termination, data can be exported and then deleted upon request.

Data Breach Notification

In the event of a data breach affecting attendance records, WLTT will notify the affected client within 72 hours and the PDPC if required. Breach response procedures follow PDPC guidelines.

© 2024-2026 WLTT Co.,Ltd. All rights reserved.