The Data Protection Act (DPA) 2018 is the UK’s updated data protection law which became effective on 25th May 2018 and was recently amended on the 1st January 2021 to reflect the United Kingdom’s exit from the EU. It sits alongside the UK GDPR and replaces the Data Protection Act 1998. The United Kingdom is […]
Privacy Law: A quick look at the major online privacy laws (part 1)
Online privacy laws regulate and standardize the storing and using of personally identifiable information of individuals. This information is usually collected by entities like governments, big businesses, organizations or other individuals operating as contractors of sole traders.
Let’s take a look at some of the major privacy laws around the globe.
On this page
Three privacy laws We’re reviewing:
GDPR (General Data Protection Regulation)
The General Data Protection Regulation is an European Union (EU) privacy law on data protection and privacy for all individual citizens of the EU and the European Economic Area (EEA). This privacy law aims to protect the privacy and use of the EEA resident’s personal data in an increasingly digital world.
The GDPR states that companies/websites need to comply with the following in relation to their users personal information:
- the right to information
- the right to access
- the right to rectification
- the right to erasure
- the right to restrict processing
- the right to data portability
- rights to automated decision making including profiling
For further information check out :
CalOPPA (California Privacy Rights)
The California Civil Code permits residents of California to request information regarding the disclosure of their personal information to third parties for direct marketing purposes. It also permits requests from residents, who are users of your site, under the age of 18 years, to and have content or information they have posted publicly removed.
For further information check out:
CCPA (California Consumer Privacy Act)
CCPA applies to your business if one or more of these apply to your business:
- Has an annual gross revenues in excess of $25 million;
- Buys, receives, or sells the personal information of $50,000 or more consumers or households; or
- Derives more than half of its annual revenue by selling consumers’ personal information.
This privacy law intends to strengthen the privacy of California residents by providing them with a right to:
- Know what personal data is being collected about them.
- Know whether their personal data is sold or disclosed and to whom.
- Say no to the sale of personal data.
- Access their personal data.
- Request a business to delete any personal information about a consumer collected from that consumer.
- Not be discriminated against for exercising their privacy rights.
For more information, see the official fact sheet:
How to be compliant with privacy laws
More specifically it should include the following:
- the personally-Identifying information (PII) that you collect
- the non personally-identifying information you collect
- where you share the PII (if at all)
- what type of cookies you use and options for you to opt out of cookie tracking.
- contact information so you can answer any queries and your users can request their information if desired.
Personal information that may be collected:
- Full Name
- Residential and Mailing Address
- Date of Birth
- Phone Number
- Email address
- Passport Number
- Drivers License
- Bank Account Details
Write in as basic language as possible, so that it can be easily understood by your users.