CalOPPA

The California Online Privacy Protection Act (CalOPPA) was the original privacy law in
the US which mandated that websites make privacy policies available to users. The
act also outlines what information needs to be made available regarding data
handling — including what data is collected, where from, and whether it’s shared or
sold.

CCPA

Currently the most comprehensive data privacy law based in the US, the California
Consumer Privacy Act (CCPA) builds on the online privacy policy requirements of
CalOPPA. It builds on CalOPPA’s privacy policy standards, demanding that businesses
and websites implement even more transparent and comprehensive policies.

In effect since January 1, 2020, the CCPA sets an annual update requirement for
privacy policies. Therefore, you will need to update your CCPA privacy policy every
year.

Updating your web pages as your business evolves is to be expected. Your legal policies are
no exception — privacy policy updates are necessary as your data practices and privacy laws
change.
PIPEDA

For businesses operating in Canada, the Personal Information Protection and

Electronic Documents Act (PIPEDA) outlines ten fair information privacy practices and
principles, including “openness.”

In action, complying with this principle means website operators need to make
transparent privacy policies available to their users.

Other Notable Laws

Depending on where your website is based, who your audience is, and what data you
collect, there are various laws that may apply to you and your privacy policy.

For example, if you send marketing emails or newsletters, you’re subject to comply
with the CAN-SPAM Act, which requires a clearly posted privacy policy.

If your website is “significantly engaged” in financial activities, you may be subject to

the Federal Trade Commission’s (FTC) Gramm-Leach-Bliley Act, which requires the
publication of “clear, conspicuous and accurate statements” regarding information
collection and sharing practices.
There are over one hundred privacy laws around the world and new internet
laws coming out each year. Creating and maintaining a good privacy policy is
essential to legally running your website or business.

An impressum is a legal statement similar to a privacy policy, and is legally required for
websites in Germany, Austria, and Switzerland.