GDPR and US States General Privacy Laws Deskbook

Page 7 - GDPR and US States General Privacy Laws Deskbook

P. 7

CONTENTS
Connecticut Consumer Data Privacy and Online Monitoring . ......................................................................................................... 160
Sec. 42-515. Definitions. . .............................................................................................................................................................................................. 161
Sec. 42-516. Applicability. . ............................................................................................................................................................................................ 163
Sec. 42-517. Exemptions. . ............................................................................................................................................................................................. 163
Sec. 42-518. Consumers’ rights. Compliance by Controllers. Appeals. .............................................................................................................. 165
Sec. 42-519. Authorized agents and consumer opt-out. .........................................................................................................................167
Sec. 42-520. Controllers’ duties. Sale of personal data to third parties. Notice and disclosure to consumers. Consumer opt-out. . ... 167
Sec. 42-521. Processors’ duties. Contracts between controllers and processors. . .......................................................................................... 169
Sec. 42-522. Controllers’ data protection assessments. Disclosure to Attorney General. ............................................................................. 170
Sec. 42-523. De-identified and pseudonymous data. Controllers’ duties. Exceptions. Applicability of consumers’ rights. Disclosure and
oversight. . .......................................................................................................................................................................................................................... 171
Sec. 42-524. Construction of controllers’ and processors’ duties. ...................................................................................................................... 172
Sec. 42-525. Enforcement by Attorney General. Notice of violation. Cure period. Report. Penalty. . .......................................................... 174
Secs. 42-526 to 42-530. Reserved for future use.................................................................................................................................................... 175
Delaware Personal Data Privacy Act. ...................................................................................................................................................... 176
§ 12D-101. Short title..................................................................................................................................................................................................... 177
§ 12D-102. Definitions................................................................................................................................................................................................... 177
§ 12D-103. Applicability of chapter............................................................................................................................................................................. 180
§ 12D-104. Consumer personal data rights............................................................................................................................................................... 182
§ 12D-105. Designation of agent to exercise rights of consumer, including through universal opt-out mechanisms............................. 184
§ 12D-106. Duties of controllers.. ................................................................................................................................................................................ 184
§ 12D-107. Duties of processors.. ................................................................................................................................................................................ 186
§ 12D-108. Data protection assessments.................................................................................................................................................................. 187
§ 12D-109. De-identified data.. .................................................................................................................................................................................... 188
§ 12D-110. Exclusions.................................................................................................................................................................................................... 188
§ 12D-111. Enforcement.. .............................................................................................................................................................................................. 190
Indiana Code Concerning Trade Regulation. .......................................................................................................................................... 192
ARTICLE 15. CONSUMER DATA PROTECTION. .................................................................................................................................................. 193
24-15-1-1 Application of article................................................................................................................................................................................... 193
Sec. 1................................................................................................................................................................................................................................ 193
24-15-1-2 Exemptions from article............................................................................................................................................................................. 193
Sec. 2................................................................................................................................................................................................................................ 193
24-15-1-3 Compliance with federal law . ................................................................................................................................................................... 195
Sec. 3................................................................................................................................................................................................................................ 195
24-15-2-0.5 Application of definitions. ....................................................................................................................................................................... 195
24-15-2-1 “Affiliate”........................................................................................................................................................................................................ 195
24-15-2-2 “Aggregate data” . ......................................................................................................................................................................................... 195
24-15-2-3 “Authenticate” . ............................................................................................................................................................................................. 195
24-15-2-4 “Biometric data” .......................................................................................................................................................................................... 196
24-15-2-5 “Business associate” ................................................................................................................................................................................... 196
24-15-2-6 “Child” . ........................................................................................................................................................................................................... 196
24-15-2-7 “Consent” . ..................................................................................................................................................................................................... 196
24-15-2-8 “Consumer” .................................................................................................................................................................................................. 196
24-15-2-9 “Controller” . .................................................................................................................................................................................................. 196
24-15-2-10 “Covered entity” ....................................................................................................................................................................................... 197
24-15-2-11 “Decision that produces legal or similarly significant effects concerning a consumer” . ........................................................... 197
General Privacy Laws Deskbook: US State Laws and GDPR
7 |

5 6 7 8 9