How long does Cookie Consent + Consent Management Platform take?

ePrivacy Directive + GDPR + PDPA takes 7-21 working days at 35,000-145,000 บาท — includes discovery, gap analysis, drafting, implementation, training, and ongoing support.

Cookie Consent + Consent Management Platform

ePrivacy Directive + GDPR + PDPA · For EU-visitor websites · AdTech compliance · Google Ads/Analytics 4

From 35,000-145,000 บาท7-21 working days

083-249-4999 Chat on LINE

NYC Legal's Data Protection team has delivered 500+ Cookie Consent + Consent Management Platform engagements across PDPA, GDPR, CCPA, PIPA, APPI and ISO/IEC 27701.

Partner network — Bird & Bird, OneTrust, BSI, DNV — for ISO certification, cross-border SCC, EU representative service.

Cookie Consent + Consent Management Platform takes 7-21 working days at 35,000-145,000 บาท — includes gap analysis + drafting + implementation + training + ongoing support.

We coordinate with PDPC Thailand, EDPB and destination DPAs across Schrems II adequacy jurisdictions.

Privacy program coverage: PDPA Pack · GDPR Pack · CCPA · DPO · DPIA · ROPA · SCC/BCR · Breach · CMP · DSAR · Privacy Policy · ISO/IEC 27701.

95% DSAR backlog reduction — automated DSAR portal + 30-day SLA + audit trail.

Coverage

🇹🇭 For Thailand (PDPA)

PDPA B.E. 2562

🇪🇺 For European Union (GDPR)

Regulation 2016/679

🇬🇧 For United Kingdom (UK GDPR + DPA 2018)

UK GDPR + Data Protection Act 2018

🇺🇸 For California (CCPA/CPRA)

CCPA 2018 + CPRA 2020

🇸🇬 For Singapore (PDPA 2012)

Personal Data Protection Act 2012

🇦🇺 For Australia (Privacy Act 1988)

Privacy Act 1988 + APP

🇯🇵 For Japan (APPI)

Act on Protection of Personal Information (APPI)

🇰🇷 For South Korea (PIPA)

Personal Information Protection Act (PIPA)

🇨🇳 For China (PIPL)

Personal Information Protection Law 2021

🇧🇷 For Brazil (LGPD)

Lei Geral de Proteção de Dados

🇦🇪 For UAE (Federal PDPL 2021)

Federal Decree-Law No. 45 of 2021

🇮🇳 For India (DPDPA 2023)

Digital Personal Data Protection Act 2023

How it works

1
Data discovery + mapping
System audit + data-owner interviews + identification of processing activities + data-flow diagram.
2
Gap analysis + risk
Map against PDPA/GDPR/CCPA + risk register + DPIA for high-risk processing.
3
Drafting + controls
Draft policies + procedures + DPA + consent + security controls per NIST SP 800-53 / ISO 27001.
4
Implementation + training
Roll out CMP/DSAR portal + train DPO + staff awareness + privacy-by-design checklist.
5
Audit + ongoing support
Annual audit + monthly DPO report + breach drills + ROPA refresh + DPA inspection prep.

Frequently asked questions

Who needs Cookie Consent + Consent Management Platform?

EU-visitor websites, AdTech compliance, Google Ads/Analytics 4 and any organisation processing personal data.

Total cost?

35,000-145,000 บาท, scaling with size and number of processing activities.

Timeline?

7-21 working days — faster if ISO 27001 baseline exists.

Is a DPO mandatory?

PDPA Sec. 41 mandates DPOs for public authorities, large processors, and sensitive data — GDPR Art. 37 mirrors the trigger.

Can we notify PDPC within 72 hours?

Triage likelihood + severity within 24h → notify decision within 72h — Tier-1 incident runbook included.

What is required for cross-border transfers?

PDPA Sec. 28: SCC, BCR, adequacy, consent, or derogation — we draft SCC + TIA.

DSAR SLA?

GDPR 30 days (extend 60) · PDPA 30 days · CCPA 45 days (extend 90) — DSAR portal tracks all.

Does ISO 27701 require ISO 27001?

Yes — 27701 is an extension of 27001 (combined implementation 9-12 months).

Related services

Thailand PDPA Compliance Pack (PDPA B.E. 2562) EU GDPR Compliance Pack (Regulation 2016/679) CCPA/CPRA Compliance (California Consumer Privacy Act) DPO Appointment Service (PDPA & GDPR) DPIA (Data Protection Impact Assessment) Record of Processing Activities (Art. 30 GDPR · PDPA ม.39) IP Rights Citizenship

Cookie Consent + Consent Management Platform

Coverage

How it works

Data discovery + mapping

Gap analysis + risk

Drafting + controls

Implementation + training

Audit + ongoing support

Frequently asked questions

Related services