What are the Transparency Requirements for GDPR, CCPA-CPRA, VCDPA, LGPD, PIPEDA & APPI?

Privacy Laws

5 mins

Dilyana Simeonova
August 30, 2022

Shedding Light on Transparency: A Comprehensive Look at Data Privacy Regulations

To ensure that your business is as transparent and compliant as possible, the GDPR, CCPA, LGPD, PIPEDA & APPI have specific requirements and guidelines for you to follow. We have gathered all of them here and created a list of the transparency requirements that you as an online merchant must follow in order to be compliant. 

Based on the law you need to comply with, you can find the respective transparency requirements below:

What GDPR requires that you tell customers

1. What your business does;

2. How they can contact you;

3. Why you are processing personal data;

4. What types of data do you collect and how long you will store it;

5. Disclosure of where data is being shared.

What the CCPA-CPRA requires that you tell customers

1. What types of information you are collecting;

2. For what purpose you are collecting data;

3. Specifics of what is being collected;

4. Disclosure of where data is being shared.

What do the VCDPA requirements include:

1. Stating what categories of personal data are collected;

2. Obtaining affirmative consent for sensitive data before collecting it

3. Providing an option for access and correct personal information.

4. Providing opt-out mechanisms

5. Providing data protection assessments

6. Honor deletion requests

7. Provide data breach notifications

The LGPD requirements

1. Explain that you collect personal data and specify what information is being collected;

2. What are your reasons for collecting it;

3. Inform people of their rights;

4. Explain how they can contact you to exercise those rights.

The PIPEDA requirements 

1. Organizations must state the purposes for data collection before or at the time of data collection;

2. Organizations must customize a privacy policy template to describe their organization’s data handling practices to comply with the PIPEDA openness requirement;

3. Organizations must honor users’ rights in accessing, reviewing, and correcting personal information.

The APPI main point for transparency

Companies looking to become APPI-compliant must ensure that they have a Privacy Policy that stipulates the purpose of using the collected information. They must apply cybersecurity measures and physical safeguards that guarantee the security of the personal information they process.

If you are in the position of an online merchant and wish to offer products in any of the regions these regulations apply, these are the things you must follow. Also, if you haven’t installed our Consentmo app yet, don’t think twice.

To keep yourself up to date on all of the ways to be compliant, follow us on our social media channels, and for questions, don't hesitate to contact us via chat or email, or simply check our FAQ page.

If you liked this article, spread the word

About the Author

Dilyana Simeonova
Dilyana is a Marketing Specialist in Consentmo with an academic background in Advertisement and Brand Management. Stumbling into the tech world with this job, she feels like she finally found her calling and is set on bringing the best compliance information to all Consentmo users.

Stay informed

Sign up for our newsletter to get the latest updates, thoughts, and ideas from Consentmo.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Is your site compliant?

Your Guide to Launching a Successful Shopify Business

Discover the essentials of launching a thriving Shopify business in our new e-book

Download