Jul 31, 2025
The CAN-SPAM Act: Compliance guide with best practices
The CAN-SPAM Act regulates electronic mail messages sent within the US and to US residents. Understand how it affects your email marketing, how to achieve compliance, and best practices to maintain trust with your target audience.
Jul 22, 2025
GDPR data subject rights: An in-depth guide with examples
The GDPR gives individuals control over how their personal data is collected, stored, and used. This article breaks down all eight data subject rights with real-world examples and tips on how to uphold them and maintain compliance at scale
Jul 21, 2025
EU cookie compliance explained: A 2025 guide
Learn about EU cookie compliance requirements under the GDPR and the ePrivacy Directive. This guide covers what EU cookie laws mean in practice, common pitfalls to avoid, and managing cookies in line with evolving standards.
Jun 26, 2025
Facebook privacy policy: A complete guide for businesses
Learn how Facebook’s privacy policy affects your business. See what data is collected, how it’s used, and what your responsibilities are.
Jun 3, 2025
What is the GDPR right to be forgotten? Data deletion requests explained
The GDPR right to be forgotten enables individuals in EU/EEA to request the deletion of their personal data under specific circumstances. Learn the six grounds for erasure, the time limit to take action, and how organizations can handle deletion requests properly.
May 13, 2025
GDPR penalties: What is the maximum fine for GDPR breaches?
GDPR fines make headlines because of their high dollar values. We look at why companies may be fined, who enforces the GDPR, who is responsible for compliance, and how companies can protect themselves against GDPR violations.
May 9, 2025
Who is responsible for GDPR compliance?
Data controllers and processors are mainly responsible for ensuring that their data collection and processing is GDPR-compliant. Data protection authorities in EU countries manage GDPR enforcement.
Mar 27, 2025
The ePrivacy Directive, GDPR, and future of EU privacy regulation: What it means for your business
The ePrivacy Directive and GDPR impact companies doing business in the EU. How are their requirements evolving, and how will data privacy compliance and enforcement change now that the push for the ePrivacy Regulation has been abandoned? We look at ePrivacy, cookies and data protection in the EU.
Mar 5, 2025
UK government demands access to Apple users’ encrypted data
Under a controversial law, the UK government demanded that Apple provide access to currently encrypted files and user data stored in Apple’s cloud servers. The action would give the UK government access to worldwide user data, however, not just Apple users in the UK.
Feb 27, 2025
European Court of Justice fines European Commission for US data transfer violation
A login option on a conference website the European Commission managed made it possible for personal data to be transferred to the United States without authorization or adequate security measures. We look at the complaint, how the violation happened, and how it was resolved.
Feb 19, 2025
EU regulators scrutinize DeepSeek for data privacy violations
Chinese AI company DeepSeek has caused a stir with its R1 model. EU regulators are also paying attention and expressing concern over the app’s collection and use of EU residents’ personal data. We look at why data protection authorities are investigating and what action they’re taking.
Feb 3, 2025
New regulatory updates for cookie use in Norway: What to know and how to comply
Norway’s data privacy protections have become stricter and in line with EU standards, with regulatory updates for cookie use taking effect as part of the E-Com Act (Ekomloven). We explore what the new rules are, how companies can comply with them, and what penalties are for violations.
Jan 30, 2025
The BeReal case: Use of dark patterns for app consent?
Privacy advocacy group noyb filed a complaint against social networking app BeReal for allegedly manipulating its users into consenting to specific uses of their data. Is consent by banner fatigue a violation of the GDPR? We look into the case.
Jan 13, 2025
CCPA penalties and fines: What are the consequences of noncompliance?
Jan 8, 2025
Québec Law 25: an overview
Québec Law 25 modernizes privacy laws for the Canadian province, introducing stricter rules for obtaining consent, protecting personal information, and individuals' rights. Learn what this means for organizations that operate in Québec, and how they can comply with the law’s requirements.
Jan 3, 2025
What is a Data Protection Officer and does your company need one?
A Data Protection Officer can be essential for complying with privacy regulations and protecting personal data. By understanding evolving legal requirements, a DPO helps build a strong foundation for data protection and long-term success.
Jan 3, 2025
Australia’s Online Safety Amendment (Social Media Minimum Age) Bill: Will the social media ban for teens work?
Australia has passed a strict new law banning much social media access for children under age 16. The ban is intended to address safety and mental health concerns for children and teens online. Access to various social platforms is prohibited and implementing age-gating measures is required.
Dec 17, 2024
A complete overview of student privacy laws around the world
Student data privacy laws protect confidential information about students’ enrollment, academic performance, financial arrangements, and more. Understand worldwide regulations that educational institutions must abide by.
Dec 13, 2024
The European Accessibility Act (EAA): an overview
The European Accessibility Act (EAA) sets accessibility standards for products and services across the EU, aiming to improve inclusion for people with disabilities and older adults. Learn what it covers, who must comply, and how to prepare for the June 2025 enforcement deadline.
Dec 12, 2024
What you need to know about the 7 principles of GDPR
If you operate in the EU or serve EU customers, it’s important to understand the 7 GDPR principles and how to apply them to your data practices. Below are clear examples and actionable steps you can take to help your business stay compliant and build trust.
Dec 3, 2024
CCPA vs GDPR: key differences and similarities
The CCPA/CPRA and the GDPR are landmark data privacy regulations that impact organizations worldwide. We look at the differences and similarities between the two laws, and how organizations can achieve compliance with both.
Dec 3, 2024
CCPA vs CPRA: Key differences for businesses to know
The CCPA and CPRA give consumers control over their personal information and impose obligations on businesses. This guide explains differences between the two laws, ways the CPRA amends or replaces the CCPA, new consumer rights under the CPRA, and businesses’ compliance requirements.
Nov 28, 2024
Fair use disclaimer: complete guide with template
Learn what a fair use disclaimer is and whether your website could need one, then create your own with our customizable template.
Nov 25, 2024
What you need to know about data processing agreements (DPAs)
A Data Processing Agreement (DPA) is a legal contract that outlines how personal data should be shared, processed, and secured between businesses and their third-party providers. It ensures that businesses remain compliant with data protection laws.
Nov 25, 2024
A guide to CIPP certification: What it is and how to get it
Data privacy is only growing in importance, and CIPP certification could be a valuable credential to those working in or transitioning into the field. Learn about what this certification is, how it can benefit your career, and how to earn it.
Jun 13, 2024
Understanding the Washington My Health My Data Act: a comprehensive guide
The Washington My Health My Data Act is a state-level data privacy law that focuses solely on consumer health data, but it has wide-reaching implications for businesses both in and out of the state.
Jun 3, 2024
Brazil’s General Data Protection Law / Lei Geral de Proteção de Dados (LGPD) – an overview
Brazil’s LGPD builds on existing Brazilian law and the legislation was influenced by the GDPR. We look at how it addresses consumer rights, companies’ responsibilities, and enforcement.
May 26, 2024
How the EU Data Act affects businesses and consumers
The European Union's Data Act sets new rules to regulate the way data holders and users can manage and use the vast amounts of data generated from connective devices. We look at what this means for personal and non-personal data sharing, and the obligations laid down by the regulation.
May 26, 2024
Canada's Personal Information Protection and Electronic Documents Act (PIPEDA): An Overview
Canada’s data privacy law has been active since 2020, through big changes in digital markets and business and personal reliance on the internet. PIPEDA has been updated multiple times, and is again due for an overhaul. Learn about PIPEDA compliance requirements, the 10 Principles, and more.
Apr 18, 2024
Digital Markets Act uncovered: top 30 DMA questions answered
We provide answers to the most frequently asked questions about the Digital Markets Act (DMA). Gain insights into the latest regulatory measures and discover how they are shaping the digital landscape and impacting businesses.
Apr 12, 2024
TCF 2.2 publishers’ guide: updates, insights, and best practices
The Interactive Advertising Bureau (IAB) has recently announced the latest version of its Transparency and Consent Framework (TCF) — TCF v2.2. In this blog post, we'll explore the key updates in TCF v2.2 and what they mean for the digital advertising industry.
Mar 28, 2024
The EU’s General Data Protection Regulation (GDPR) – an overview
The EU’s GDPR is a well-known, influential European data privacy law. We look at how it addresses consumer rights, companies’ responsibilities, and enforcement.
Mar 18, 2024
Tailoring Asian businesses’ marketing strategies for European privacy compliance and success
Both Asia and Europe are large geographies with significant audience and business opportunities. However, there are particular business challenges, and data privacy regulation is an especially important consideration for Asian companies looking to establish a foothold in European markets.
Mar 5, 2024
What is a sovereign cloud why is it important for your data protection strategy?
Companies increasingly take to the cloud to store data, and sovereign clouds can help comply with regulatory requirements. Learn how an EU Sovereign Cloud impacts data sovereignty and residency as required by EU laws like the General Data Protection Regulation (GDPR).
Jan 18, 2024
How the European Digital Markets Act (DMA) shapes user privacy and consent management
The European Digital Markets Act (DMA) came into force in November 2022 and gatekeepers have been nominated by the European Commission. But how does the DMA privacy law impact user privacy and consent management?
Jan 16, 2024
What is the Google EU user consent policy?
Google's EU user consent policy sets the foundation for responsible data handling in digital advertising. We explore how websites that have received a noncompliance notice from Google can use a Consent Management Platform (CMP) to enable compliance and avoid suspension from Google's platforms.
Jan 3, 2024
Data privacy regulation in 2024: what we’re watching
Data privacy saw a lot of change and advancement in 2023. More regulations, more requirements from businesses and more consumer expectations. There is unprecedented opportunity for innovation and 2024 promises that change will accelerate even faster. Let’s look at what to expect in data privacy.
Nov 2, 2023
US privacy law compliance for EU companies
If you are an EU company looking to do business in the US, this article provides you with some of the answers you will need to know about the US Privacy Law.
Aug 18, 2023
Saudi Arabia Personal Data Protection Law (PDPL): An Overview
The Saudi Arabia Personal Data Protection Law came into effect in March 2022, though enforcement did not begin for a year. The PDPL is quite similar to the EU’s GDPR in scope.
Aug 17, 2023
Understanding the EU-U.S. Data Privacy Framework: What it means for your data?
The European Union and United States again have an adequacy agreement governing privacy and security for international data transfers. The Data Privacy Framework went into effect July 10th, providing new safeguards for EU residents and enabling US companies to self-certify.
Aug 16, 2023
What is the best protection method for sharing PII?
Companies collect consumers’ data to improve user experiences, target advertising, and more. When organizations obtain and share personally identifiable information (PII) in the course of business operations, they have to ensure that it’s protected.
Jul 25, 2023
How does the GDPR affect B2B sales?
GDPR compliance applies to personal data used for B2B sales and marketing operations just as it does to B2C operations. It’s as important to build trust with partners as with customers. We look at how the GDPR affects the B2B outbound sales process and how organizations can achieve compliance.
Jul 18, 2023
Guide to the EU AI Act
The EU AI Act was adopted in March 2024, making it the world’s first comprehensive AI regulation. It has become influential on future AI legislation around the world. Usercentrics delves into what the EU AI regulation includes, who it affects, and what it means for data privacy.
Feb 1, 2023
Japan Act on the Protection of Personal Information (APPI): An Overview
Japan has had data privacy laws for two decades. The APPI has notable differences from the GDPR, and was most recently amended in 2020.
Apr 14, 2022
South Africa’s Protection of Personal Information Act (POPIA): A complete guide
South Africa’s POPIA is a data privacy law that preceded the GDPR by five years. We look at how it addresses consumer rights, companies’ responsibilities and enforcement.
Nov 18, 2021
The Telecommunications Telemedia Data Protection Act (TTDPA): what’s changed for companies
As of December 2021, a new data protection law with an expanded scope will apply to companies in or operating in Germany.
Nov 3, 2021
China’s Personal Information Protection Law - An Overview of PIPL
We look at what China’s Personal Information Protection Law means for the data privacy rights of citizens and for companies’ responsibilities.
Oct 20, 2021
Canada's Consumer Privacy Protection Act - an overview
Canada’s B-C11 would greatly modernize the country’s privacy law. We will take a look at one of the two acts it includes, the Consumer Privacy Protection Act.
Oct 18, 2021
Italian DPA announces new guidelines and tighter deadlines
How can you make sure to navigate data privacy correctly? This article provides you with the relevant information regarding GDPR in Italy.
Sep 13, 2021
European Data Protection Board guidelines for consent
In this article, we have compiled a summary of the most important points from the European Data Protection Board's, new guidelines for Consent.
Aug 30, 2021
POPIA vs GDPR: an overview
What is POPIA compliance, and how does it compare to GDPR compliance? You can learn this and more in our POPIA Vs GDPR article.
Aug 31, 2020
Poland: New data protection regulations including consent under GDPR
May 24, 2019
European elections: Websites of German top candidates checked on GDPR compliance
European elections: A check shows that the candidates' websites are far from being GDPR compliant. Learn more!