Are Privacy Notices Just About the GDPR?

A judge's hammer and gavel.
Photo by Tingey Injury Law Firm.

Every company has been focused on ensuring their privacy notices are compliant for GDPR, however there could be a blind spot. The GDPR may be the strongest privacy regulation in the world, but it isn’t the only one. For example, when your website uses cookies, your organisation must ensure that the Privacy and Electronic Communications Regulations (PECR) is also followed.

The PECR sits alongside the Data Protection Act 2018 and the GDPR. Between the PECR and GDPR there is some overlap, given that both aim to protect people’s privacy. The PECR and GDPR sit side by side. You must make sure you comply with both.

For global businesses there may be a number of other local regulations you need to consider. If you have customers in California or New York, then you will need to consider California’s Consumer Privacy Act (CCPA) – effective 1st January 2020 and New York (SHIELD Act) effective 21st March 2020.

When drafting Privacy Notices for your business, assess your target audiences and ensure you’ve ticked all the boxes across the multiple data privacy regulations.


About Us: Tacita is a leading General Data Protection Regulation (GDPR) compliance specialist operating from their base in the United Kingdom. Tacita helps clients obtain and maintain GDPR compliance in a cost effective and time effective manner. Get in contact if you want to explore our range of GDPR services.

Share this article:

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp