Blog

Legal articles in easy to understand language.

Saudi Arabia Personal Data Protection Law (PDPL)

Saudi Arabia Personal Data Protection Law (PDPL)

Saudi Arabia joined a growing number of countries that have enacted privacy and data protection laws with its Personal Data Protection Law (PDPL), which took effect on September 14th, 2023. This article explains what the PDPL is, who it applies to, how to comply with the PDPL, and what happens if...

California AB 2426: Consumer Protection: False Advertising: Digital Goods

California AB 2426: Consumer Protection: False Advertising: Digital Goods

California AB 2426 was approved by California Governor Gavin Newsom on September 24, 2024. The law is designed to protect California consumers from false advertising as it applies to digital goods. This article will explain what this law is, who it applies to, and how to comply with it. What is California...

Rhode Island Data Transparency and Privacy Protection Act (DTPPA)

Rhode Island Data Transparency and Privacy Protection Act (DTPPA)

The Rhode Island Data Transparency and Privacy Protection Act (DTPPA) is a comprehensive privacy law designed to give Rhode Islanders greater control over their personal information, with a central focus on data transparency. As the latest addition to the growing patchwork of U.S. privacy laws, the DTPPA includes many familiar compliance...

CDP Certification: What it is and How to Get it

CDP Certification: What it is and How to Get it

Data privacy and data security go hand in hand, as unsecured data can lead to violations of global privacy laws. Obtaining a Certified in Data Protection (CDP) certification will help you master the nuances of how security and privacy work together when it comes to legally-protected data. It will also help...

Privacy Policy For When You're Using Cloud Service Providers (CSPs)

Privacy Policy For When You're Using Cloud Service Providers (CSPs)

Almost all websites use cloud hosting services these days, managed by third-party providers. These hosting services are also known as Cloud Service Providers (CSPs). If you're struggling to figure out whether you need a Privacy Policy, whether your policy should disclose that you are using a CSP, or how to talk...

GDPR With No Data Collection

GDPR With No Data Collection

Organizations that collect or use European Union (EU) residents' personal data must comply with the General Data Protection Regulation (GDPR). But what about the owners of websites and apps that don't collect data? This article explains whether the GDPR applies if you don't collect data and how to comply with the...