Shedding Light on Transparency: A Comprehensive Look at Data Privacy Regulations
To ensure that your business is as transparent and compliant as possible, the GDPR, CCPA, LGPD, PIPEDA & APPI have specific requirements and guidelines for you to follow. We have gathered all of them here and created a list of the transparency requirements that you as an online merchant must follow in order to be compliant.
Based on the law you need to comply with, you can find the respective transparency requirements below:
What GDPR requires that you tell customers
1. What your business does;
2. How they can contact you;
3. Why you are processing personal data;
4. What types of data do you collect and how long you will store it;
5. Disclosure of where data is being shared.
What the CCPA-CPRA requires that you tell customers
1. What types of information you are collecting;
2. For what purpose you are collecting data;
3. Specifics of what is being collected;
4. Disclosure of where data is being shared.
What do the VCDPA requirements include:
1. Stating what categories of personal data are collected;
2. Obtaining affirmative consent for sensitive data before collecting it
3. Providing an option for access and correct personal information.
4. Providing opt-out mechanisms
5. Providing data protection assessments
6. Honor deletion requests
7. Provide data breach notifications
The LGPD requirements
1. Explain that you collect personal data and specify what information is being collected;
2. What are your reasons for collecting it;
3. Inform people of their rights;
4. Explain how they can contact you to exercise those rights.
The PIPEDA requirements
1. Organizations must state the purposes for data collection before or at the time of data collection;
2. Organizations must customize a privacy policy template to describe their organization’s data handling practices to comply with the PIPEDA openness requirement;
3. Organizations must honor users’ rights in accessing, reviewing, and correcting personal information.
The APPI main point for transparency
Companies looking to become APPI-compliant must ensure that they have a Privacy Policy that stipulates the purpose of using the collected information. They must apply cybersecurity measures and physical safeguards that guarantee the security of the personal information they process.
If you are in the position of an online merchant and wish to offer products in any of the regions these regulations apply, these are the things you must follow. Also, if you haven’t installed our Consentmo app yet, don’t think twice.
To keep yourself up to date on all of the ways to be compliant, follow us on our social media channels, and for questions, don't hesitate to contact us via chat or email, or simply check our FAQ page.