Data Protection Policy managed by SNRU’s Office of Corporate & Legal Affairs

Description:

Sakon Nakhon Rajabhat University (SNRU) is fully committed to compliance with the Thailand Personal Data Protection Act (PDPA), which aligns with the global General Data Protection Regulation (GDPR) frameworks. The university protects stakeholder privacy through strict technological governance, clear institutional policies, and transparent administrative procedures.

  • Technical Measures & Access Control: Data privacy is embedded directly into the university’s core infrastructure. Digital systems enforce Role-Based Access Control (RBAC) coupled with centralized Single Sign-On (SSO) Authentication via the official SNRU Account. This architecture ensures that personal data is accessible only on a need-to-know basis. Furthermore, comprehensive Activity Logs (Audit Trails) are automatically maintained to track user actions, ensuring data integrity and rapid investigation capabilities in compliance with legal data breach requirements.
  • Institutional Policies & Transparency: Under national transparency and integrity guidelines, the university officially publishes its personal data protection policies, privacy notices, and cybersecurity measures on its public portals. These frameworks govern how student and staff information is lawfully collected, processed, and securely stored.
  • System Longevity & Data Security: Backed by the Office of Academic Resources and Information Technology (ARIT), the university enforces automated backup regimes and strict cybersecurity protocols to mitigate risks of data loss, unauthorized access, or digital leakage across all academic and administrative workflows.

Additional evidence link (i.e., for videos, more images, or other files that are not included in this file):

1) Publicly Accessible Data Protection Policy

2) Data Protection Notices (including Staff Data Protection Notice)

  • General Data Protection Notices – SNRU: https://pdpa.snru.ac.th/

3) Designation of Data Protection Officer / Information Compliance Manager

Data Protection Officer details: https://pdpa.snru.ac.th/

4) Data Subject Rights & Consent Principles (in Policy)

As outlined in SNRU’s Data Protection Policy under data subject rights and consent sections: https://pdpa.snru.ac.th/

5) Personal Data Security Breach Procedure (Example of Operational Procedure)