Which regulations reference Privacy Notice / Privacy Policy?

Privacy Notice / Privacy Policy is referenced in or relevant to: gdpr, ccpa-cpra, dpdpa, lgpd, pipeda.

Compliance

What is Privacy Notice / Privacy Policy?

A privacy notice is a public-facing document that informs individuals about how an organization collects, uses, stores, shares, and protects their personal data, as required by data protection regulations.

A privacy notice (also commonly called a privacy policy) is a disclosure document required by virtually all data protection regulations that informs individuals about an organization's personal data processing practices. Under the GDPR (Articles 13 and 14), the notice must include the identity of the controller, purposes of processing, lawful basis, recipients of data, international transfer details, retention periods, data subject rights, right to complain, and whether data provision is a statutory or contractual requirement.

The CCPA/CPRA requires businesses to disclose categories of personal information collected, purposes of collection, categories of third parties with whom information is shared, and consumer rights. Privacy notices must be concise, transparent, intelligible, easily accessible, and written in clear and plain language. They should be provided at the time of data collection and updated whenever processing practices change significantly.

ComplyIQ helps organizations create and maintain jurisdiction-specific privacy notices that meet the requirements of all applicable regulations, track when notices need updating based on changes in processing activities, and maintain version history for accountability purposes.

Relevant Regulations

GDPR (General Data Protection Regulation)CCPA/CPRA (California Consumer Privacy Act / California Privacy Rights Act)DPDPA (Digital Personal Data Protection Act)LGPD (Lei Geral de Protecao de Dados)PIPEDA (Personal Information Protection and Electronic Documents Act)

How IQWorks Helps

ComplyIQ

Privacy Compliance, Simplified

ConsentIQ

Consent Lifecycle Management

Related Terms

Consent Management

Consent management is the systematic process of obtaining, recording, tracking, and managing individuals' consent for the collection and processing of their personal data in compliance with privacy regulations.

Lawful Basis for Processing

A lawful basis for processing is a legal ground under data protection law that justifies an organization's collection and use of personal data, such as consent, contractual necessity, or legitimate interest.

Data Subject Rights (DSR)

Data Subject Rights are the legal rights granted to individuals under data protection laws, enabling them to control how their personal data is collected, used, stored, and shared by organizations.

Cookie Consent

Cookie consent is the requirement under privacy laws for websites to obtain user permission before placing non-essential cookies or similar tracking technologies on a user's device.

Explore More Terms

Browse our complete data protection glossary with 107+ terms.

View Full Glossary