GDPR and US States General Privacy Laws Deskbook

Page 9 - GDPR and US States General Privacy Laws Deskbook

P. 9

9 | General Privacy Laws Deskbook: US State Laws and GDPR
CONTENTS
Section 13....................................................................................................................................................................................................................... 241
501.71 Controller duties.............................................................................................................................................................................................. 241
Section 14....................................................................................................................................................................................................................... 242
501.711 Privacy notices............................................................................................................................................................................................... 242
Section 15....................................................................................................................................................................................................................... 243
501.712 Duties of processor. . .................................................................................................................................................................................... 243
Section 16....................................................................................................................................................................................................................... 244
501.713 Data protection assessments.. .................................................................................................................................................................... 244
Section 17....................................................................................................................................................................................................................... 245
501.714 Deidentified data, pseudonymous data, and aggregate consumer information. ........................................................................... 245
Section 18....................................................................................................................................................................................................................... 245
501.715 Requirements for sensitive data.— ........................................................................................................................................................... 245
Section 19....................................................................................................................................................................................................................... 246
501.716 Exemptions for certain uses of consumer personal data. . ................................................................................................................... 246
Section 20....................................................................................................................................................................................................................... 247
501.717 Collection, use, or retention of data for certain purposes. ................................................................................................................. 247
Section 21....................................................................................................................................................................................................................... 247
501.718 Disclosure of personal data to third-party controller or processor. . ................................................................................................. 247
Section 22. . .................................................................................................................................................................................................................. 247
501.719 Processing of certain personal data by controller or other person.................................................................................................... 247
Section 23....................................................................................................................................................................................................................... 248
501.72 Enforcement and implementation by the Department of Legal Affairs. . ............................................................................................ 248
Section 24....................................................................................................................................................................................................................... 249
501.721 Preemption..................................................................................................................................................................................................... 249
Section 25....................................................................................................................................................................................................................... 250
501.171 Security of confidential personal information.. ....................................................................................................................................... 250
Section 26....................................................................................................................................................................................................................... 250
16.53 Legal Affairs Revolving Trust Fund.. ................................................................................................................................................................ 250
Section 27....................................................................................................................................................................................................................... 250
Montana Consumer Data Privacy Act .................................................................................................................................................... 251
Section 1. Short title. . ..................................................................................................................................................................................................... 252
Section 2. Definitions. . ................................................................................................................................................................................................... 252
Section 3. Applicability. . ................................................................................................................................................................................................. 255
Section 4. Exemptions. . .................................................................................................................................................................................................. 255
Section 5. Consumer personal data -- opt-out -- compliance -- appeals. .......................................................................................................... 257
Section 6. Authorized agent. . ........................................................................................................................................................................................ 259
Section 7. Data processing by controller -- limitations. . ......................................................................................................................................... 260
Section 8. Data processor -- allowances -- limitations. .......................................................................................................................................... 261
Section 9. Data protection assessment. . .................................................................................................................................................................... 262
Section 10. Deidentified data. . ..................................................................................................................................................................................... 263
Section 11. Compliance by controller or processor. . ............................................................................................................................................... 264
Section 12. Enforcement. .............................................................................................................................................................................................. 266
Section 13. Codification instruction. .......................................................................................................................................................................... 266
Section 14. Effective date. ............................................................................................................................................................................................ 266
Section 15. Termination. . ............................................................................................................................................................................................... 266

7 8 9 10 11