The following documents give guidance on ensuring that the information you collect from your customers is done so in a secure and legal manner.
They also contain best practice information.
The best way to prepare for a disaster is to avoid the disaster. Therefore, look for any potential problems you can find and correct them. You should address those issues that you can solve and which will provide benefit. Some items to look for include: Maintain...
Privacy policies have recently become the drafting project du jour for cyberspace law practitioners. This new wave of enthusiasm can be attributed to at least three recent phenomena. First, in June, the FTC released a report entitled "Privacy Online: A Report to...
The rapid growth of online commerce has spurred federal regulators into action to protect consumer privacy rights. Companies that use their websites for collection or dissemination of consumers' personal information should be aware of standards imposed by...
Children now access the Internet at increasingly young ages and their safety and privacy remains a priority and an area that is often not addressed in standard privacy policies. eTrust requires that certified sites make it clear if they intentionally collect data...
Canada’s Anti-Spam Legislation, put in place on July 1 2014, looks to remove spam agencies from Canadians inboxes. The new legislation put in place makes it a lot harder for businesses and agencies to send emails to users, without direct consent from the user to...
Overview Binding Corporate Rules ("BCR") are internal rules (such as a Code of Conduct) adopted by multinational group of companies which define its global policy with regard to the international transfers of personal data within the same corporate group to...
The EU-U.S. and Swiss-U.S. Data Privacy Frameworks were developed by the U.S. Department of Commerce in consultation with the European Commission and Swiss Government, and with industry and other stakeholders, to provide companies on both sides of the Atlantic with a valid legal mechanism to comply with data protection requirements when transferring personal data from the European Union (EU) and Switzerland to the United States in support of transatlantic commerce.
The CCPA gives California consumers the right to know what personal information is being collected about them, the right to request that their personal information be deleted, and the right to request that their personal information not be sold.
The law applies to for-profit businesses that collect personal information from California consumers and meet certain thresholds for annual revenue, number of consumers, or amount of personal information collected. The CCPA also requires businesses to provide certain disclosures to California consumers about their data collection practices.
The General Data Protection Regulation is a series of laws that were approved by the EU Parliament in 2016. They came into affect on May 25th 2018.
The EU’s General Data Protection Regulation (GDPR) is an initiative by the EU to bring data protection legislation into line with new ways that data is now used.
The new regulations give users great control over their data, including the ability to export it, withdraw consent and request access to it.
It also makes data protection rules more or less identical throughout the EU, allowing for the easier transfer of data through out the European Union.
It affects any company that does business with Europe, whether they are based in the EU or not.
It serves as a leading regulatory model for other data protection authorities throughout the world.
Introduction: Today organizations of all sizes are grappling with the increasing complexities and risks associated with data privacy. With stricter regulations and heightened consumer expectations, it is crucial for businesses to prioritize the protection of...
Introduction The EU-US Data Privacy Framework (DPF) is a new self-certification program that enables the transfer of personal data from the European Union to companies in the United States. It was established as a replacement for the EU-US Privacy Shield, which was...
The EU-U.S. Data Privacy Framework is a set of rules that govern the transfer of personal data from the European Union (EU) to the United States. The European Commission adopted an adequacy decision for the EU-U.S. DPF on July 10, 2023, which in practice replaces...
Our team of experienced privacy attorneys & certified privacy professionals have a proven track record of delivering privacy frameworks and data privacy solutions, tailored to your business needs.