Do you know which Global Privacy Regulations you are bound by?

Do you know what personal data you hold, and can you evidence why?

Regulations

Trunomi solves Data Privacy anywhere in the world, so get in touch with us. We'll show you how.

Do you know which Global Privacy Regulations you are bound by?

Do you know what personal data you hold, and can you evidence why?

Trunomi solves Data Privacy anywhere in the world, so get in touch with us. We'll show you how.

Regulations
Shapes Shapes Shapes
 

GDPR EU 2018

GDPR

The European Union’s 2018 landmark regulation initiated a global shift in Data Privacy, introducing rules for businesses that protect European Citizens around the world, irrespective of where their data is processed. Trunomi is purpose-built to fully address GDPR. From personal data rights and DSRs, through to data minimisation – for any organisation, any size.

GDPR

GDPR EU 2018

The European Union’s 2018 landmark regulation initiated a global shift in Data Privacy, introducing rules for businesses that protect European Citizens around the world, irrespective of where their data is processed. Trunomi is purpose-built to fully address GDPR. From personal data rights and DSRs, through to data minimisation – for any organisation, any size.

 
Shapes Shapes Shapes
 

CCPA California 2020

CCPA

The California Consumer Privacy Act was the second extraterritorial regulation that adds special protection to the personal data of Californian citizens. As well as introducing a way for Californian's to easily opt-out of the sale of their data, the regulation gives citizens' rights - similar to those in the GDPR – to understand what data is held and why it is being processed. The ‘CCPA 2.0’ appearing in the November 2020 ballot will bring the regulation even closer to the more stringent EU GDPR-style protections.

CCPA California 2020

The California Consumer Privacy Act was the second extraterritorial regulation that adds special protection to the personal data of Californian citizens. As well as introducing a way for Californian's to easily opt-out of the sale of their data, the regulation gives citizens' rights - similar to those in the GDPR – to understand what data is held and why it is being processed. The ‘CCPA 2.0’ appearing in the November 2020 ballot will bring the regulation even closer to the more stringent EU GDPR-style protections.

CCPA
Shapes Shapes Shapes
 

LGPD Brazil 2021

LGPD

Brazil’s incoming Data Protection Law takes inspiration from the EU GDPR and aims to secure and extend the basic rights of Data Subjects, while fostering technological innovation through adoption of one comprehensive legislation. Extensive rights are given to data subjects in line with the GDPR, while the LGPD also adds additional Legal Bases for processing and additional governing principles. As the third extraterritorial regulation introduced, it protects Brazilians anywhere in the world.

LGPD

LGPD Brazil 2021

Brazil’s incoming Data Protection Law takes inspiration from the EU GDPR and aims to secure and extend the basic rights of Data Subjects, while fostering technological innovation through adoption of one comprehensive legislation. Extensive rights are given to data subjects in line with the GDPR, while the LGPD also adds additional Legal Bases for processing and additional governing principles. As the third extraterritorial regulation introduced, it protects Brazilians anywhere in the world.

Shapes Shapes Shapes
 

POPIA South Africa 2013

POPIA

At the time when the Protection of Personal Information Act was being finalized in 2013, early versions of the GDPR were already in circulation. This resulted in the early adoption of a world-class regulation for South Africa, borrowing many concepts from the GDPR including Consent, Data Subject Rights and Documentation of Processing. While companies who are either POPIA or GDPR compliant will be well prepared for the other, there are some key differences to consider for POPIA, including an emphasis on data retention periods and technological measures to limit loss, damage and access to data.

POPIA South Africa 2013

At the time when the Protection of Personal Information Act was being finalized in 2013, early versions of the GDPR were already in circulation. This resulted in the early adoption of a world-class regulation for South Africa, borrowing many concepts from the GDPR including Consent, Data Subject Rights and Documentation of Processing. While companies who are either POPIA or GDPR compliant will be well prepared for the other, there are some key differences to consider for POPIA, including an emphasis on data retention periods and technological measures to limit loss, damage and access to data.

POPIA
Shapes Shapes Shapes
 

ePrivacy EU 2021

ePrivacy

From 2021 ePrivacy - known as the ‘cookie consent’ regulation - will require organisations to obtain GDPR-standard consent for all cookies, location tracking and other e-communications data collected. Today's cookie solutions already cause confusion, consent fatigue and loss of customer interaction. Companies need to treat cookies as they would any GDPR data set and make it easy for customers to use, change and understand their cookie preferences.

ePrivacy

ePrivacy EU 2021

From 2021 ePrivacy - known as the ‘cookie consent’ regulation - will require organisations to obtain GDPR-standard consent for all cookies, location tracking and other e-communications data collected. Today's cookie solutions already cause confusion, consent fatigue and loss of customer interaction. Companies need to treat cookies as they would any GDPR data set and make it easy for customers to use, change and understand their cookie preferences.

Shapes Shapes Shapes
 

PSD2 EU 2019 & Open Banking UK 2018

PSD2 and Open Banking

PSD2, often referred to as ‘Open Banking’, is designed to allow interoperability across the banking sector. It forces traditional financial institutions to open up their APIs to easily initiate payments and account access for Third Party Providers (TPPs) – but only when strong and secure customer consent & permissions are present. Banks and TPPs must be able to prove customer consent, make permissions easy to share across organisations (interoperability) and must offer customers the strongest privacy mechanisms in order to maintain trust around financial data.

PSD2 EU 2019 & Open Banking UK 2018

PSD2, often referred to as ‘Open Banking’, is designed to allow interoperability across the banking sector. It forces traditional financial institutions to open up their APIs to easily initiate payments and account access for Third Party Providers (TPPs) – but only when strong and secure customer consent & permissions are present. Banks and TPPs must be able to prove customer consent, make permissions easy to share across organisations (interoperability) and must offer customers the strongest privacy mechanisms in order to maintain trust around financial data.

PSD2 and Open Banking
Shapes Shapes Shapes
 

The Privacy Bill New Zealand 2020

The Privacy Bill

In line with recent global regulations, the new Privacy Bill puts in place extraterritorial protections for its residents and citizens, with New Zealand’s Privacy Commissioner citing it as an endorsement of the significance of Privacy as a universal human right. With individuals’ rights to access their data, mandatory breach notifications and requirements for international transfers, businesses will have to comply if they process New Zealanders' data, no matter where their servers are based.​

The Privacy Bill

The Privacy Bill New Zealand 2020

In line with recent global regulations, the new Privacy Bill puts in place extraterritorial protections for its residents and citizens, with New Zealand’s Privacy Commissioner citing it as an endorsement of the significance of Privacy as a universal human right. With individuals’ rights to access their data, mandatory breach notifications and requirements for international transfers, businesses will have to comply if they process New Zealanders' data, no matter where their servers are based.​

Shapes Shapes Shapes
 

The Privacy Act Austrailia 1988

The Privacy Act

The Privacy Act was introduced as the basis for a nationally consistent regulation and has provided Australia with robust Privacy laws for over 30 years. The Privacy Act that protects and promotes the Privacy of individuals, and regulates the collection, storage, use and disclosure of ‘personal information’.

The Privacy Act Austrailia 1988

The Privacy Act was introduced as the basis for a nationally consistent regulation and has provided Australia with robust Privacy laws for over 30 years. The Privacy Act that protects and promotes the Privacy of individuals, and regulates the collection, storage, use and disclosure of ‘personal information’.

The Privacy Act
Shapes Shapes Shapes
 

PIPEDA Canada 2020

PIPEDA

The Personal Information Protection and Electronic Documents Act provides Canada with strong Privacy laws, notably with consent as a necessary condition to the collection, use and disclosure of personal information. Consent is also only considered valid if it is reasonable to expect that the individual granting consent would understand the nature, purpose and consequences of the data shared. For this reason Canada is partially designated as ‘adequate’ under the GDPR, facilitating data transfers from the EU to Canada – however this only applies to areas in Canada subject to PIPEDA, excluding others such as Quebec.

PIPEDA

PIPEDA Canada 2020

The Personal Information Protection and Electronic Documents Act provides Canada with strong Privacy laws, notably with consent as a necessary condition to the collection, use and disclosure of personal information. Consent is also only considered valid if it is reasonable to expect that the individual granting consent would understand the nature, purpose and consequences of the data shared. For this reason Canada is partially designated as ‘adequate’ under the GDPR, facilitating data transfers from the EU to Canada – however this only applies to areas in Canada subject to PIPEDA, excluding others such as Quebec.

Shapes Shapes Shapes
 

PDPO Hong Kong 1996

PDPO

The Personal Data (Privacy) Ordinance introduces six Data Protection Principles (DPPs) that should be followed by anyone (legal person, public authority, agency or other body) responsible for handling data. These include specific purpose, accuracy & retention, security, access The DPPs form the core of the PDPO and covers the entire lifecycle of a piece of personal data.ser’ (a person who, either alone or jointly or in common with other persons, controls the collection, holding, processing or use of the data); criminalisation and prosecution are possible under the PDPO and individuals affected (suffering ‘injury to feelings’) may seek compensation from Data Users.​

PDPO Hong Kong 1996

The Personal Data (Privacy) Ordinance introduces six Data Protection Principles (DPPs) that should be followed by anyone (legal person, public authority, agency or other body) responsible for handling data. These include specific purpose, accuracy & retention, security, access The DPPs form the core of the PDPO and covers the entire lifecycle of a piece of personal data.ser’ (a person who, either alone or jointly or in common with other persons, controls the collection, holding, processing or use of the data); criminalisation and prosecution are possible under the PDPO and individuals affected (suffering ‘injury to feelings’) may seek compensation from Data Users.​

PDPO
Shapes Shapes Shapes
 

PDPA Singapore 2012

PDPA

While the Personal Data Protection Act can be described as ‘lighter touch’, it is an early adopter of the extraterritorial effect, which governs personal data collected, even if the individual does not have a presence in Singapore. While many exemptions exist in the PDPA, it introduces rights such as access and rectification (‘correction’), with heavy emphasis on data security, to prevent unauthorised access, collection, disclosure, use, copying and other risks.

PDPA

PDPA Singapore 2012

While the Personal Data Protection Act can be described as ‘lighter touch’, it is an early adopter of the extraterritorial effect, which governs personal data collected, even if the individual does not have a presence in Singapore. While many exemptions exist in the PDPA, it introduces rights such as access and rectification (‘correction’), with heavy emphasis on data security, to prevent unauthorised access, collection, disclosure, use, copying and other risks.

Shapes Shapes Shapes
 

All Future Personal Data Privacy Regulations

All Data Regulations

Relax, you're in safe hands. Trunomi is built to be flexible, scalable and agnostic to data sets and regulations – today, tomorrow and forever.​

Future-proof your Privacy strategy, protect your business, your brand and your Customer with a single solution.​

GET IN TOUCH

All Future Personal Data Privacy Regulations

Relax, you're in safe hands. Trunomi is built to be flexible, scalable and agnostic to data sets and regulations – today, tomorrow and forever.​

Future-proof your Privacy strategy, protect your business, your brand and your Customer with a single solution.​

GET IN TOUCH

All Data Regulations
Shapes Shapes Shapes

Analysed by

as a zero-risk solution to global data privacy.

We’re Certified to NSA Security Standards.

Trunomi
We Love Data Privacy
Trunomi, being the world leader in Data Privacy, knows the importance of handling your Personal Data with care. This is why we have taken the appropiate steps to ensure only the absolutely essential pieces of data are needed for you to enjoy our site and learn more about what we do.

For more details on the minimal dataset we need please take a look at our easy to use and informative
Privacy Policy.