Privacy Policy
Background: GDPR stands for General Data Protection Regulation, which are a mandatory set of guidelines set forth from the European Union as of May 25, 2018. They consist of a variety of items you need to adhere to for European customers.
A privacy policy should be available to your web site visitors from your web site. The privacy policy should be written in a clear way that explains what you do with the private data you collect.
If your site uses tracking cookies for retargeting, then you should have an option for visitors to approve the tracking cookies. If they select do not allow tracking cookies, then you must not re-target them.
Most systems store data that does not meet GDPR guidelines. This includes forms that are used on your web site. Google claims to be GDPR compliant with their products. A Google form should be fine for collecting data from your visitors. Other methods most likely do not meet GDPR requirements for data storage.
General Data Protection Regulation GDPR https://gdpr-info.eu/
GDPR Portal: Site Overview https://www.eugdpr.org/
Opt-In and Privacy Laws in North America and Europe http://www.lsoft.com/resources/optinlaws.asp
GDPR Compliance with Google Analytics https://www.jeffalytics.com/gdpr-compliance/
Privacy Policy Generator https://digital.com/blog/best-privacy-policy-generators/
Children's Online Privacy Protection Rule ("COPPA")
https://www.ftc.gov/legal-library/browse/rules/childrens-online-privacy-protection-rule-coppa
Canada (PIPEDA) Personal Information Protection and Electronic Documents Act
California Consumer Privacy Act (CCPA)
https://oag.ca.gov/privacy/ccpa
https://privacyrights.org/resources/california-consumer-privacy-act-basics
https://www.jdsupra.com/legalnews/the-california-privacy-rights-act-of-24679/
Nevada Privacy Law - Nevada Revised Statutes Chapter 603A (specific laws)
https://termageddon.com/nevada-revised-statutes-chapter-603a/
Delaware Online Privacy and Protection Act (DOPPA) (specific laws)
https://delcode.delaware.gov/title6/c012c/index.shtml
Maine
http://www.mainelegislature.org/legis/bills/getPDF.asp?paper=SP0275&item=1&snum=129
SB 190 Colorado Privacy Act (2021; effective July 1, 2023)
https://leg.colorado.gov/bills/sb21-190
SB 6 Connecticut Data Privacy Act (2022; effective July 1, 2023)
https://www.cga.ct.gov/2022/ACT/PA/PDF/2022PA-00015-R00SB-00006-PA.PDF
SB 1392 Virginia Consumer Data Protection Act (2021; effective Jan. 1, 2023)
https://legiscan.com/VA/text/SB1392/id/2328317
SB 227 Utah Consumer Privacy Act (2022; effective Dec. 31, 2023)
https://le.utah.gov/~2022/bills/static/SB0227.html
Resources:
Shopify privacy policy generator
https://www.shopify.com/tools/policy-generator
Other Free (with paid options) generators
Termsfeed
Getterms
https://getterms.io/?ref=digitalcom
US State Privacy Legislation Tracker
Comprehensive Consumer Privacy Bills 2022
https://iapp.org/media/pdf/resource_center/State_Comp_Privacy_Law_Chart.pdf
The Growth of State Privacy Legislation
https://iapp.org/media/pdf/resource_center/growth_of_state_privacy_chart.pdf
A comprehensive resource for tracking U.S. state privacy legislation.
https://www.huschblackwell.com/2022-state-privacy-law-tracker
State Laws Related to Digital Privacy
The State of U.S. State Privacy Laws: A Comparison
https://www.natlawreview.com/article/state-us-state-privacy-laws-comparison
U.S. State Privacy Laws
https://epic.org/issues/privacy-laws/state-laws/
Articles:
Does the GDPR apply to companies outside of the EU?
https://gdpr.eu/companies-outside-of-europe/
June 2022
Canadian Privacy bill sets out rules on use of personal data, artificial intelligence
https://www.cbc.ca/news/politics/privacy-bill-artificial-intelligence-1.6490665