Lawyer drafted & approved
Up to date with the latest laws in 2020
Compliant with GDPR, CalOPPA, COPPA, & more
There are 7 key principles in the GDPR they are:
The GDPR sets out the rights of the individual as follows:
To be GDPR compliant, an organization must make sure that the personal data is collected in a lawful and transparent way, it is protected from misuse, maintained in a secure way and that they have appointed someone to be responsible for GDPR compliance.
To ensure your organization is GDPR compliant the GDPR.EU have compiled a checklist which you can access here: https://gdpr.eu/checklist
The GDPR is applicable to any organization who operates either inside or outside of the EU who obtains personal data for any reason from residents within the EU. So even if your business is located outside of the EU, you will be required to be GDPR compliant if you offer goods and services to residents of the EU.
This means that almost all organizations should have a GDPR compliant policy in place.
CalOPPA applies to any organization or individual who operates a website or online service and collects personally identifying information from Californian residents. CalOPPA however doesn't apply to entities who store personally identifiable information for a third party.
Under CalOPPA the following are required:
You can include multiple clauses based on what your business’s data collection practices and other operations are related to your user’s privacy.
PIPEDA stands for Personal Information Protection and Electronic Documents Act. It is a federal privacy law which applies to private sector organizations in Canada who collect, use or disclose personal information for commercial activity. PIPEDA law regulates how businesses collect, use and disclose personal information from their customers for use in a commercial activity. But […]