Privacy & Legal Glossary

California's data privacy law granting consumers rights over their personal information collected by businesses.

The requirement to obtain informed, freely given, and specific user consent before placing non-essential cookies on their device.

The legal obligation to notify authorities and affected individuals when personal data is compromised.

The entity that determines the purposes and means of processing personal data.

A legally binding contract between a data controller and a data processor that governs how personal data is handled.

An entity that processes personal data on behalf of a data controller.

A license contract between a software publisher and the end user specifying the permitted uses of the software.

The EU's comprehensive data protection law that governs how personal data of EU residents must be collected, stored, and processed.

A legal basis for processing personal data under GDPR where the controller's interest outweighs the individual's privacy rights.

Any information that relates to an identified or identifiable natural person.

Canada's federal privacy law governing how private sector organizations collect, use, and disclose personal information.

A legal document disclosing how an organization collects, uses, stores, and shares personal data.

The right of individuals to request deletion of their personal data when it is no longer necessary for its original purpose.

A third party engaged by a data processor to carry out specific processing activities on behalf of the data controller.

A legal agreement between a service provider and users that governs the rules for using the service.