Part 5: Privacy Law Identifier : Termageddon

This page will determine which privacy laws apply to you, based on where you do business, who's personal information you may be collecting, or other ways that a privacy law might apply to your website/application. Keep in mind that not all privacy laws apply to all businesses. Privacy laws may show inactive based on how you answered the questions above or below.

1. Select which U.S. States (if applicable) that you do business in.

2. Select which U.S. States (if applicable) that you collect the personal information of a resident of that state. “Personal information” is generally defined as any information that could be used to identify a particular person or any information that relates to an identified person.

3. If asked, please answer yes or no if you have an annual gross revenue of $25,000,000 or more. Gross revenue is the income generated from normal business operations such as sales of goods or services. Gross revenue is the total income of your business prior to expenses such as salaries, rent, or software costs.

4. US Privacy law qualifier questions: You may be asked additional, state specific questions to determine if certain laws apply to you. This is due to several US state privacy laws only applying to larger businesses who surpass certain data processing or revenue thresholds. After reviewing and answering these questions, if the law says "inactive" that means you do not need to make disclosures under this law. However, if it says active you will be prompted later on in the questionnaire to answer questions specific to that law. Below is a screenshot showing active vs inactive.

5. Additional Countries (GDPR): To answer this question, please select “yes” if you offer goods or services to residents of the European Union and/or the European Economic Area (regardless of whether you are actually located in the European Union and/or the European Economic Area).

To answer this question, please select “yes” if you monitor the behavior of residents of the European Union and/or the European Economic Area (regardless of whether you are actually located in the European Union and/or the European Economic Area).

6. Additional Countries (UK DPA): To answer this question, please select “yes” if you offer goods or services to residents of the United Kingdom (regardless of whether you are actually located in the United Kingdom).

To answer this question, please select “yes” if you monitor the behavior of residents of the United Kingdom (regardless of whether you are actually located in the United Kingdom)

7. Additional Countries (PIPEDA): To answer this question, please select “yes” if your website or application collects the personal information of Canadians or could do so.

8. Additional Countries (Quebec Law 25): To answer this question, please select “yes” if your website or application collects the personal information of residents of Quebec, Canada or could do so.

9. Additional Countries (Australia Privacy Act of 1988): To answer this question, please select “yes” if your website collects the personal information of residents of Australia or any Australian external territories.

If you do collect the personal information of residents of Australia or any Australian external territories please select “yes” or "no" if you do business in Australia or in any of the Australian external territories.

If your business is formed in Australia, you should also select "yes" if your business is one of the following;

1. A health service provider such as a private hospital, a day surgery, a medical practitioner, a pharmacist, or an allied health professional;

2. A complementary therapist, such as a naturopath or a chiropractor;

3. A gym or weight loss clinic;

4. A child care center, a private school, or a private tertiary educational institution;

5. A business that sells or purchases personal information;

6. A contractor that provides services under a Commonwealth contract;

7. An operator of a residential tenancy database;

8. A credit reporting body;

9. A reporting entity for the purposes of the Anti-Money Laundering or Counter-Terrorism Financing Act of 2006;

10. An employee association registered or recognized under the Fair Work (Registered Organisations) Act of 2009;

11. A business that conducts protection action ballots;

12. A business that is related to another business that the Australia Privacy Act of 1988 covers;

13. A business prescribed by the Privacy Regulation of 2013;

14. A business that has opted in to be covered by the Australia Privacy Act 1988.

10. Have you signed a contract requiring you to comply with any of the privacy laws listed above? To answer this question, please select "yes" if you are required to comply with any of the above privacy laws via contract. These laws usually apply to larger companies only. You may be required to comply with one of these laws by contract if you are a vendor to a large corporation that sends you the personal information of their customers for processing and thus requires you to comply with one of these laws for audit or certification purposes.

You should also answer "yes" to this question if there is another reason for which you need to be compliant with one of these privacy laws. For example, if you need to comply with one of these laws to bid on government contracts or to obtain a particular certification. If you have not signed a contract that requires you to comply with one of these laws or do not need to comply with one of these privacy laws for another reason, please select "no" this question.

Once all questions have been answered, click "Next" to continue to the next page Part 6: Select Functionalities.

Part 5: Privacy Law Identifier Print

Related Articles