You are here:
Privacy Center and Data Governance Laws
Data protection and privacy guidelines change depending on where your customers are located. Privacy Center helps you comply with data governance laws such as the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CPPA) in the United States.
Privacy Center helps your business uphold customer trust by handling data in the ways that customers expect. Depending on where your customers live, you’re expected to comply with unique data requirements specific to a country, region, state, or even industry.
For example, businesses must comply with the General Data Protection Regulation (GDPR) if they collect, store, or use personal information about European residents. GDPR regulates how companies can process personal data by focusing on seven major principles: fairness and transparency, purpose limitation, data minimization, accuracy, data deletion, security, and accountability. GDPR outlines individual rights on how companies can handle customer data. Protected rights under the GDPR include the right to be forgotten and the right to access your own personal information. Privacy Center helps your company create policies to address and comply with these rights so that your customer data is protected and respected.
While the European Union takes a comprehensive approach, in the US, different industries, states, and data types are governed by different privacy laws. The Consumer Financial Protection Bureau, Federal Reserve, and Office of the Comptroller of the Currency regulate the financial services industry, while the Department of Health and Human Services regulates the healthcare industry. Under these laws, businesses must protect any personally identifiable information and effectively respond to security breaches of customer data. The Federal Trade Commission (FTC) acts as the primary authority regarding privacy issues. Laws created by the FTC provide government agency oversight into collecting, maintaining, using, and disclosing customer information.
In addition to the industry-specific and nationwide standards, businesses must comply with state-specific regulations. The California Consumer Privacy Act (CCPA) regulates the collection and usage of customer data. Under the CCPA, consumers have five primary rights:
- Right to Know
- Right to Access
- Right to Opt Out
- Right to Request Deletion
- Right to Equal Services and Pricing
Privacy Center’s policies support your company in complying with these rights by helping you appropriately collect, retain, delete, and even return personal information to customers.
Several of Privacy Center’s capabilities can help your company meet data governance requirements. For example, say your company can collect customer requests about how personally identifiable information is stored, deleted, and transferred. Your company can fulfill these requests by using the Retention Policies and Right to Be Forgotten (RTBF) Policies features. You can also monitor any changes made to consent objects with the Consent Event Stream.
For a more comprehensive overview of privacy and data governance, take the Learn Privacy and Data Protection Law trail. Although Privacy Center supports your business in privacy compliance, your legal team can help you identify the specific laws relevant to your business.
