Blog: Legal Requirements
Page 16
How the GDPR Affects Consent Under Canadian Privacy Laws
The European Union's General Data Protection Regulation (GDPR) has indirectly led to tighter rules in Canada for getting "meaningful consent." Federal and provincial regulators issued more explicit guidelines on making sure individuals really do understand the permission they give. Despite the GDPR connection, these guidelines involve domestic laws that Canadian...
India's Personal Data Protection Bill (PDPB)
Note: This bill has been withdrawn as of 2022. India's Personal Data Protection Bill (PDPB) is currently in draft form and set to be tabled in Parliament. The PDPB looks set to be one of the strictest and most comprehensive data privacy laws in the world. In fact, it's stricter in some...
Illinois Biometric Information Privacy Act
The Illinois Biometric Information Privacy Act (BIPA) regulates how companies collect, store, use, and share biometric information. In the past few years, several companies have been taken to court for allegedly violating the BIPA. The Illinois courts treat this law very seriously and are prepared to enforce it against non-Illinois companies. In...
Privacy Policy for Android Apps
If your Android app collects personal information (and it's highly likely that it does), you must create a legally compliant Privacy Policy. Google regularly penalizes developers that fail to maintain a Privacy Policy. A high-profile incident occurred in 2017 when Google threatened to permanently remove non-compliant apps from the Play Store....
Privacy Policy for iOS Apps
Every app hosted on the Apple App Store must work properly, collect user data responsibly, and have a legally-compliant Privacy Policy. Apple sets strict rules about what your iOS App Privacy Policy must disclose. Your iOS app will be rejected from the App Store unless your Privacy Policy meets Apple's...
Transferring Personal Data Out of the EU
The EU General Data Protection Regulation (GDPR) applies to all EU companies, and to many non-EU companies engaged in commercial activity within the EU. Businesses must comply with strict rules about how they collect, use and share personal data. There would be little point in enforcing these rules within the EU...