General Data Protection Regulation (GDPR)
A comprehensive regulation that sets a high standard for data protection and privacy for all individuals within the European Union and the European Economic Area.
Data Privacy
Laws filed under this category in plain English.
DirectoryEuropean Union California, USA Canada Brazil Australia European Union Singapore South Korea European Union European Union California, USA Brazil South Africa Canada European Union California, USA Virginia, USA Colorado, USA United States (Federal) United States (Federal) Brazil Brazil Utah, USA European Union California, USA USA (Federal) Brazil European Union Virginia, USA Colorado, USA Canada European Union California, USA Illinois, USA Canada Brazil Virginia, USA European Union California, USA Brazil Canada Virginia, USA Japan European Union California, USA European Union California, USA European Union California, USA Brazil Canada South Korea Japan European Union California, USA Illinois, USA Brazil Canada Japan Canada European Union California, USA United States (Federal) Brazil United States (Federal) European Union California, USA Canada Brazil USA (Federal) USA (Federal) Canada South Africa Utah, USA Connecticut, USA Singapore California, USA European Union Brazil United States California, USA Virginia, USA Colorado, USA Australia Japan Thailand
California Consumer Privacy Act (CCPA)
A state-level law that grants California residents significant control over the personal information that businesses collect about them.
Personal Information Protection and Electronic Documents Act (PIPEDA)
The federal privacy law for private-sector organizations in Canada that sets out rules for how businesses must handle personal information in commercial activities.
Lei Geral de Proteção de Dados (LGPD)
Brazil's comprehensive data protection law that regulates the processing of personal data of individuals in Brazil, regardless of the processor's location.
Privacy Act 1988
The primary piece of Australian legislation protecting the privacy of individuals and regulating how personal information is handled by government agencies and private organizations.
General Data Protection Regulation (GDPR)
A comprehensive regulation that governs data protection and privacy for all individuals within the European Union and the European Economic Area, also addressing the transfer of personal data outside these areas.
Personal Data Protection Act (PDPA)
A law that governs the collection, use, and disclosure of personal data by organizations in Singapore, ensuring that individuals' data is protected while recognizing the need of organizations to use data for legitimate purposes.
Personal Information Protection Act (PIPA)
One of the world's strictest data protection laws, regulating the processing of personal information by both public and private sector entities in South Korea.
General Data Protection Regulation (GDPR)
A comprehensive data privacy law that gives individuals control over their personal data and regulates how businesses process that data.
General Data Protection Regulation
The primary EU regulation on data protection. Key Terms: 1. Data Subject: The individual whose personal data is being processed. 2. Data Controller: The entity determining the purposes and means of processing data. 3. Right to Erasure: The right for individuals to have their data deleted.
California Consumer Privacy Act
A state statute intended to enhance privacy rights and consumer protection for residents of California. Key Terms: 1. Personal Information: Information that identifies or relates to a particular consumer. 2. Sale: Any transfer of personal info for monetary or other valuable consideration. 3. Opt-out: The right to stop a business from selling your information.
Lei Geral de Proteção de Dados
Brazil's comprehensive data protection law. Key Terms: 1. Treatment: Any operation carried out with personal data (collection, storage, use). 2. Anonymization: Use of technical means to ensure data cannot be linked to an individual. 3. Legal Basis: A justification required by law to process personal data.
Protection of Personal Information Act
Legislation to promote the protection of personal information processed by public and private bodies. Key Terms: 1. Responsible Party: The entity that decides why and how to process data. 2. Operator: A person who processes data for a responsible party. 3. De-identify: To delete information that identifies a data subject.
Personal Information Protection and Electronic Documents Act
The federal privacy law for private-sector organizations in Canada. Key Terms: 1. Commercial Activity: Any transaction or act that is of a commercial character. 2. Meaningful Consent: Organizations must state why they need data in a way people can understand. 3. Personal Information: Info about an identifiable individual.
General Data Protection Regulation (GDPR)
A comprehensive data protection law that regulates how personal data of individuals in the EU is collected, used, and stored by businesses.
California Consumer Privacy Act (CCPA)
A landmark law that provides California residents with various rights regarding how businesses handle their personal information, including the right to know what data is collected and the right to delete it.
Virginia Consumer Data Protection Act (VCDPA)
Establishes a framework for personal data protection in Virginia, requiring businesses to conduct data protection assessments and providing consumers with rights to access and correct their data.
Colorado Privacy Act (CPA)
The CPA grants Colorado residents rights over their personal data and places specific duties on data controllers regarding data security and transparency.
Health Insurance Portability and Accountability Act (HIPAA)
A federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge.
Children's Online Privacy Protection Act (COPPA)
Imposes requirements on operators of websites or online services directed to children under 13 years of age regarding the collection of personal information.
Lei Geral de Proteção de Dados (LGPD)
Brazil's comprehensive data protection law that regulates the processing of personal data of individuals in Brazil, regardless of where the data processor is located.
Lei Geral de Proteção de Dados (LGPD)
A unified legal framework for the use and processing of personal data of individuals located in Brazil, regardless of where the data processor is located.
Utah Consumer Privacy Act (UCPA)
A consumer-friendly privacy law that outlines the responsibilities of data controllers and processors while providing residents with data control.
General Data Protection Regulation (GDPR)
A comprehensive data protection framework that governs how the personal data of individuals in the EU can be collected, used, and processed by organizations worldwide.
California Consumer Privacy Act (CCPA)
Provides California residents with greater control over the personal information that businesses collect about them, including the right to opt-out of the sale of their data.
Health Insurance Portability and Accountability Act (HIPAA)
Federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge.
Lei Geral de Proteção de Dados (LGPD)
Brazil's primary data protection law which regulates the processing of personal data of all individuals located in Brazil, regardless of where the data processor is headquartered.
General Data Protection Regulation (GDPR)
A comprehensive data privacy and security law that imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU.
Virginia Consumer Data Protection Act (VCDPA)
Establishes a framework for personal data rights in Virginia, requiring businesses to provide consumers with notice and the ability to opt-out of certain data uses.
Colorado Privacy Act (CPA)
Provides Colorado residents with rights regarding their personal data and requires entities to follow specific data protection duties.
Personal Information Protection and Electronic Documents Act (PIPEDA)
The federal privacy law for private-sector organizations in Canada that sets out ground rules for how businesses must handle personal information.
General Data Protection Regulation (GDPR)
A comprehensive data privacy law that regulates how companies collect, use, and store personal data of individuals within the European Union, imposing strict requirements on data handling and cross-border transfers.
California Consumer Privacy Act (CCPA)
A state statute intended to enhance privacy rights and consumer protection for residents of California, providing residents with control over their personal information.
Biometric Information Privacy Act (BIPA)
Governs the collection, use, and storage of biometric identifiers and information by private entities in Illinois.
Personal Information Protection and Electronic Documents Act (PIPEDA)
The federal privacy law for private-sector organizations in Canada that sets out ground rules for how businesses handle personal information in the course of commercial activity.
Lei Geral de Proteção de Dados (LGPD)
A comprehensive data protection law that unifies over 40 different statutes in Brazil to regulate the processing of data of individuals within the country.
Virginia Consumer Data Protection Act (VCDPA)
A state-level privacy framework that provides Virginia consumers with specific rights and requires businesses to adhere to data minimization and security practices.
General Data Protection Regulation (GDPR)
A comprehensive data protection framework that governs how the personal data of individuals in the EU is collected, used, and stored, applying to any organization worldwide that targets or collects data from EU residents.
California Consumer Privacy Act (CCPA)
A state statute intended to enhance privacy rights and consumer protection for residents of California, giving them more control over the personal information businesses collect.
Lei Geral de Proteção de Dados (LGPD)
Brazil's primary data protection law which creates a legal framework for the use of personal data of individuals regardless of where the data processor is located.
Personal Information Protection and Electronic Documents Act (PIPEDA)
The federal privacy law for private-sector organizations in Canada that sets out ground rules for how businesses must handle personal information in the course of commercial activity.
Virginia Consumer Data Protection Act (VCDPA)
A comprehensive data privacy law in Virginia that grants consumers rights over their data and imposes duties on businesses to protect that data.
Act on the Protection of Personal Information (APPI)
The central data privacy law in Japan that regulates the handling of personal information by business operators, including cross-border data transfers.
General Data Protection Regulation (GDPR)
A comprehensive data privacy law that regulates how companies collect, use, and share the personal data of individuals within the EU.
California Consumer Privacy Act (CCPA)
Provides California residents with significant control over the personal data that businesses collect about them.
General Data Protection Regulation (GDPR)
A comprehensive data privacy law that regulates how personal data of individuals in the EU is collected and processed.
California Consumer Privacy Act (CCPA)
Provides California residents with the right to know what personal information is being collected and the right to stop its sale.
General Data Protection Regulation (GDPR)
A comprehensive privacy law that regulates how the personal data of individuals in the EU is collected, used, and protected, applying to any organization worldwide that targets or collects data from EU residents.
California Consumer Privacy Act (CCPA)
A state statute intended to enhance privacy rights and consumer protection for residents of California, giving them more control over the personal information that businesses collect about them.
Lei Geral de Proteção de Dados (LGPD)
Brazil's primary data protection law that creates a legal framework for the use of personal data of individuals in Brazil, regardless of where the data processor is located.
Personal Information Protection and Electronic Documents Act (PIPEDA)
A federal law governing how private-sector organizations collect, use, and disclose personal information in the course of for-profit, commercial activities in Canada.
Personal Information Protection Act (PIPA)
One of the world's strictest data protection regimes, governing the processing of personal information by almost all entities and individuals in South Korea.
Act on the Protection of Personal Information (APPI)
The central data privacy law in Japan that regulates the handling of personal information by private enterprises.
General Data Protection Regulation (GDPR)
A comprehensive data protection framework that sets a high standard for how the personal data of EU citizens is collected, processed, and stored by organizations worldwide.
California Consumer Privacy Act (CCPA)
A state-level law that provides California residents with various rights regarding their personal information and regulates how businesses handle that data.
Biometric Information Privacy Act (BIPA)
Governs the collection, storage, and usage of biometric identifiers, such as fingerprints, facial scans, and retina scans by private entities.
Lei Geral de Proteção de Dados (LGPD)
Brazil's comprehensive regulatory framework for the protection of personal data, heavily inspired by the GDPR.
Personal Information Protection and Electronic Documents Act (PIPEDA)
Applies to private-sector organizations across Canada that collect, use, or disclose personal information in the course of commercial activities.
Act on the Protection of Personal Information (APPI)
The primary law in Japan regulating the handling of personal data by business operators, including cross-border data transfers.
Personal Information Protection and Electronic Documents Act (PIPEDA)
Federal privacy law for private-sector organizations in Canada that sets out rules for how businesses handle personal information in the course of commercial activity.
General Data Protection Regulation (GDPR)
A comprehensive data protection framework that governs how the personal data of individuals in the EU is collected, processed, and stored.
California Consumer Privacy Act (CCPA)
A state statute intended to enhance privacy rights and consumer protection for residents of California.
Children's Online Privacy Protection Act (COPPA)
Regulates the collection of personal information from children under the age of 13 by operators of websites and online services.
Lei Geral de Proteção de Dados (LGPD)
Brazil's comprehensive data protection law that creates a legal framework for the use of personal data of individuals in Brazil.
Children's Online Privacy Protection Act (COPPA)
Imposes requirements on operators of websites or online services directed to children under 13 years of age regarding data collection.
General Data Protection Regulation (GDPR)
A comprehensive data protection law that regulates how the personal data of EU citizens is collected, used, and protected globally.
California Consumer Privacy Act (CCPA)
A state-level law providing California residents with increased control and transparency regarding their personal information held by businesses.
Personal Information Protection and Electronic Documents Act (PIPEDA)
Federal legislation governing how private-sector organizations handle personal information during commercial activities.
Lei Geral de Proteção de Dados (LGPD)
Brazil's primary legal framework for the protection of personal data, largely modeled after the European GDPR.
Children's Online Privacy Protection Act (COPPA)
A federal law designed to protect the privacy of children under the age of 13 by regulating websites and online services.
HIPAA Privacy Rule
Establishes national standards for the protection of certain health information, ensuring patient records are kept confidential.
Personal Information Protection and Electronic Documents Act (PIPEDA)
A federal law that sets the rules for how private-sector organizations collect, use, and disclose personal information in the course of commercial business.
Protection of Personal Information Act (POPIA)
South Africa's primary data protection law that regulates the processing of personal information by public and private bodies.
Utah Consumer Privacy Act (UCPA)
A state-level law giving Utah residents more control over their personal data when interacting with large-scale businesses.
Connecticut Data Privacy Act (CTDPA)
A comprehensive data privacy statute that mandates strict data minimization and provides residents with specific data control rights.
Personal Data Protection Act (PDPA)
The baseline law for personal data protection in Singapore, governing the collection, use, and disclosure of data by organizations.
California Consumer Privacy Act (CCPA)
Grants California consumers robust control over the personal information that businesses collect about them.
General Data Protection Regulation (GDPR)
A comprehensive data protection framework that governs how the personal data of individuals in the EU is collected, used, and protected, applying to any organization worldwide that targets or collects data related to people in the EU.
Lei Geral de Proteção de Dados (LGPD)
Brazil's comprehensive data protection law that aligns closely with the GDPR, establishing rules for the processing of personal data of individuals located in Brazil.
HIPAA Privacy Rule
Federal standards to protect individuals' medical records and other personal health information, applying to health plans, health care clearinghouses, and health care providers.
California Consumer Privacy Act (CCPA)
Provides California residents with transparency and control over how businesses collect and use their personal information, including the right to opt-out of data sales.
Virginia Consumer Data Protection Act (VCDPA)
A comprehensive state privacy law that grants Virginia consumers rights over their data and imposes obligations on data controllers and processors.
Colorado Privacy Act (CPA)
Establishes a framework for personal data protection in Colorado, requiring businesses to implement security safeguards and honor consumer privacy requests.
Privacy Act 1988
The primary federal law regulating how Australian government agencies and many private sector organizations handle personal information.
Act on the Protection of Personal Information (APPI)
Japan's core privacy law regulating the handling of personal information by private enterprises, significantly amended to align with international standards.
Personal Data Protection Act (PDPA)
Thailand's first comprehensive data protection law, modeled after the GDPR, governing the collection, use, and disclosure of personal data.