If you have or target EU-based users, GDPR protections will apply to those users. In such cases, you must comply with GDPR requirements, but only as it relates to your EU-based users. Keep in mind that you have EU-based users as long as EU-based users can access your site or app – as even IP address is considered to be personal data under the GDPR.
If you have EU based users and you have cookies running on your site (most popular site integrations and widgets use cookies) then informed consent must be freely given by those EU-based users before any cookies are run. This typically means having a cookie notice in place and blocking cookie scripts from executing until consent is collected. If the user refuses to grant consent, then cookies should not be run. All relevant disclosures related to the use of cookies should be made available to users via an up-to-date cookie policy.
You do not need to comply with the ePrivacy/Cookie law if you do not have EU-based users accessing your site (i.e they are blocked from accessing your website) or you do not have any cookies running on your site.
CalOPPA applies to all websites that target or have California-based users. Therefore, you must comply with the state of California’s CalOPPA if California-based users access your site.
No, the CCPA does not necessarily apply to all US websites. However, you may need to comply with California’s CCPA if California-based users can visit your website and you qualify as a “business” under the CCPA.
Yes, if you’re an EU-based entity, you must comply with GDPR requirements, and grant GDPR protections to all your users – including those based in other countries, e.g the US.
It’s a bit difficult to say. Currently GDPR requirements still apply to UK-based businesses and it seems likely that similar rules will apply after Brexit. Do keep in mind that the GDPR applies if you have EU-based users – whether the country you’re based in is within the EU or not. You can read more on Brexit and the GDPR here.
Under the ePrivacy/ Cookie Law, informed consent must be freely given by the user before any non-exempt cookies are run. Few cookies fall into the very narrow category of “exempt” so it’s best to err on the side of caution in this regard.
CalOPPA applies to all websites that target or have California-based users. Therefore, you must comply with the US state of California’s CalOPPA if California-based users access your site.
No, the CCPA does not necessarily apply to all EU websites. However, you may need to comply with California’s CCPA if California-based users can visit your website and you qualify as a “business” under the CCPA.
Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.
