GDPR and US States General Privacy Laws Deskbook

Page 6 - GDPR and US States General Privacy Laws Deskbook

P. 6

6 | General Privacy Laws Deskbook: US State Laws and GDPR
CONTENTS
Rule 6.04 CHANGES TO A PRIVACY NOTICE.......................................................................................................................................................... 136
Rule 6.05 LOYALTY PROGRAMS. ................................................................................................................................................................................. 136
Rule 6.06 PURPOSE SPECIFICATION. ........................................................................................................................................................................ 138
Rule 6.07 DATA MINIMIZATION................................................................................................................................................................................. 138
Rule 6.08 SECONDARY USE......................................................................................................................................................................................... 139
Rule 6.09 DUTY OF CARE............................................................................................................................................................................................. 139
Rule 6.10 DUTY REGARDING SENSITIVE DATA..................................................................................................................................................... 140
Rule 6.11 DOCUMENTATION CONCERNING DUTIES OF CONTROLLERS................................................................................................... 141
PART 7 CONSENT. ........................................................................................................................................................................................................ 141
Rule 7.02 REQUIRED CONSENT................................................................................................................................................................................. 141
Rule 7.03 REQUIREMENTS FOR VALID CONSENT. ............................................................................................................................................... 142
Rule 7.04 REQUESTS FOR CONSENT. ....................................................................................................................................................................... 144
Rule 7.05 CONSENT AFTER OPT-OUT. ..................................................................................................................................................................... 145
Rule 7.06 CONSENT FOR CHILDREN. ....................................................................................................................................................................... 146
Rule 7.07 REFUSING OR WITHDRAWING CONSENT.......................................................................................................................................... 146
Rule 7.08 REFRESHING CONSENT. ............................................................................................................................................................................ 147
Rule 7.09 USER INTERFACE DESIGN, CHOICE ARCHITECTURE, AND DARK PATTERNS......................................................................... 147
PART 8 DATA PROTECTION ASSESSMENTS .......................................................................................................................................................... 150
Rule 8.02 SCOPE. ............................................................................................................................................................................................................. 150
Rule 8.03 STAKEHOLDER INVOLVEMENT. .............................................................................................................................................................. 150
Rule 8.04 DATA PROTECTION ASSESSMENT CONTENT. .................................................................................................................................... 151
Rule 8.05 TIMING............................................................................................................................................................................................................ 153
Rule 8.06 ATTORNEY GENERAL REQUESTS. ........................................................................................................................................................... 153
PART 9 PROFILING...................................................................................................................................................................................................... 154
Rule 9.01 AUTHORITY AND PURPOSE..................................................................................................................................................................... 154
Rule 9.02 SCOPE. ............................................................................................................................................................................................................ 154
Rule 9.03 PROFILING OPT-OUT TRANSPARENCY................................................................................................................................................ 154
Rule 9.04 OPTING OUT OF PROFILING IN FURTHERANCE OF DECISIONS THAT PRODUCE LEGAL OR SIMILARLY SIGNIFICANT
EFFECTS CONCERNING A CONSUMER. .................................................................................................................................................................. 155
Rule 9.05 CONSENT FOR PROFILING IN FURTHERANCE OF DECISIONS THAT PRODUCE LEGAL OR SIMILARLY SIGNIFICANT
EFFECTS CONCERNING A CONSUMER. .................................................................................................................................................................. 156
Rule 9.06 DATA PROTECTION ASSESSMENTS FOR PROFILING. ...................................................................................................................... 156
PART 10 ENFORCEMENT ............................................................................................................................................................................................ 158
Rule 10.01 AUTHORITY AND PURPOSE . ................................................................................................................................................................. 158
Rule 10.02 ENFORCEMENT CONSIDERATIONS . .................................................................................................................................................. 158
PART 11 MATERIALS INCORPORATED BY REFERENCE . ................................................................................................................................ 158
Rule 11.01 AUTHORITY AND PURPOSE . ................................................................................................................................................................. 158
Rule 11.02 WEB CONTENT ACCESSIBILITY GUIDELINES . ................................................................................................................................. 158
Connecticut Consumer Data Privacy and Online Monitoring . ......................................................................................................... 159
Sec. 42-515. (Definitions. . ............................................................................................................................................................................................. 160
Sec. 42-516. Applicability. . ............................................................................................................................................................................................ 162
Sec. 42-517. Exemptions. . ............................................................................................................................................................................................. 162
Sec. 42-518. Consumers’ rights. Compliance by Controllers. Appeals. .............................................................................................................. 164
Sec. 42-519. Authorized agents and consumer opt-out. .........................................................................................................................166

4 5 6 7 8