Support Centre
Global Privacy Laws
workspace-icon
Back

Global Privacy Laws

Comparing privacy laws

Comparing Privacy Laws

Comply with laws around the world

The Global Privacy Laws portal is the latest feature to be added to the OneTrust DataGuidance Research platform and provides the most comprehensive way of comparing privacy laws around the world. New jurisdictions are being added to the portal every week. 

To research a jurisdiction not currently included, you can utilise the Laws Around The World Map to visit that country's dashboard and resources.

The US presents a plethora of laws and privacy bills posing relevant compliance challenges for privacy professionals. OneTrust DataGuidance has therefore built the USA State Law Tracker, a dedicated hub for US state law developments where organisations are able to access and understand how potential laws might affect their daily operations.

OneTrust DataGuidance's GDPR Portal also provides a central resource for more detailed research into the GDPR, its implementation in each Member State, and how such laws vary.

  • There is a requirement in place.
  • Click to view information for additional detail.
  • There is no requirement in place.

Law and Authority

Compare Reset
    title
  • Law
  • Bill
    Scope
  • Personal
  • Territorial
  • Material
    title
  • Authority
  • Albania
  • Alberta
  • Algeria
  • Angola
  • Argentina
  • Armenia
  • Australia
  • Austria
  • Azerbaijan
  • Bahrain
  • Bangladesh
  • Barbados
  • Belarus
  • Belgium
  • Bermuda
  • Bolivia
  • Bosnia & Herzegovina
  • Botswana
  • Brazil
  • British Columbia
  • British Virgin Islands
  • Bulgaria
  • California
  • Cambodia
  • Cameroon
  • Canada Federal
  • Cape Verde
  • Chad
  • Chile
  • China
  • Colombia
  • Colorado
  • Connecticut
  • Costa Rica
  • Croatia
  • Cyprus
  • Czech Republic
  • Democratic Republic of Congo
  • Ecuador
  • Egypt
  • El Salvador
  • Estonia
  • Ethiopia
  • Finland
  • France
  • Gabon
  • GDPR
  • Georgia
  • Germany
  • Ghana
  • Greece
  • Guatemala
  • Guernsey
  • Honduras
  • Hong Kong
  • Hungary
  • Iceland
  • India
  • Indiana
  • Indonesia
  • Iowa
  • Iraq
  • Ireland
  • Isle of Man
  • Israel
  • Italy
  • Ivory Coast
  • Jamaica
  • Japan
  • Kazakhstan
  • Kenya
  • Kyrgyzstan
  • Lao PDR
  • Latvia
  • Lebanon
  • Liechtenstein
  • Lithuania
  • Macau
  • Madagascar
  • Malaysia
  • Mali
  • Malta
  • Mauritius
  • Mexico
  • Moldova
  • Montenegro
  • Myanmar
  • Namibia
  • Nepal
  • Netherlands
  • New Zealand
  • Niger
  • Nigeria
  • Norway
  • Oman
  • Ontario
  • Pakistan
  • Panama
  • Paraguay
  • Peru
  • Philippines
  • Poland
  • Portugal
  • Quebec
  • Republic of Congo
  • Republic of North Macedonia
  • Romania
  • Russian Federation
  • Rwanda
  • Saskatchewan
  • Serbia
  • Seychelles
  • Singapore
  • Slovakia
  • Slovenia
  • South Africa
  • South Korea
  • Spain
  • Sri Lanka
  • Sweden
  • Switzerland
  • Taiwan
  • Tajikistan
  • Tanzania
  • Tennessee
  • Thailand
  • The Gambia
  • Timor-Leste
  • Tunisia
  • Turkey
  • Turkmenistan
  • UAE - ADGM
  • UAE - DIFC
  • UAE - Federal
  • Uganda
  • UK
  • Uruguay
  • Utah
  • Uzbekistan
  • Vietnam
  • Virginia
  • Zambia

Definitions

Compare Reset
    title
  • Data Controller
  • Data Processor
  • Personal Data
  • Sensitive Data
  • Health Data
  • Biometric Data
  • Pseudonymisation
  • Albania
  • Alberta
  • Algeria
  • Angola
  • Argentina
  • Armenia
  • Australia
  • Austria
  • Azerbaijan
  • Bahrain
  • Bangladesh
  • Barbados
  • Belarus
  • Belgium
  • Bermuda
  • Bolivia
  • Bosnia & Herzegovina
  • Botswana
  • Brazil
  • British Columbia
  • British Virgin Islands
  • Bulgaria
  • California
  • Cambodia
  • Cameroon
  • Canada Federal
  • Cape Verde
  • Chad
  • Chile
  • China
  • Colombia
  • Colorado
  • Connecticut
  • Costa Rica
  • Croatia
  • Cyprus
  • Czech Republic
  • Democratic Republic of Congo
  • Ecuador
  • Egypt
  • El Salvador
  • Estonia
  • Ethiopia
  • Finland
  • France
  • Gabon
  • GDPR
  • Georgia
  • Germany
  • Ghana
  • Greece
  • Guatemala
  • Guernsey
  • Honduras
  • Hong Kong
  • Hungary
  • Iceland
  • India
  • Indiana
  • Indonesia
  • Iowa
  • Iraq
  • Ireland
  • Isle of Man
  • Israel
  • Italy
  • Ivory Coast
  • Jamaica
  • Japan
  • Kazakhstan
  • Kenya
  • Kyrgyzstan
  • Lao PDR
  • Latvia
  • Lebanon
  • Liechtenstein
  • Lithuania
  • Macau
  • Madagascar
  • Malaysia
  • Mali
  • Malta
  • Mauritius
  • Mexico
  • Moldova
  • Montenegro
  • Myanmar
  • Namibia
  • Nepal
  • Netherlands
  • New Zealand
  • Niger
  • Nigeria
  • Norway
  • Oman
  • Ontario
  • Pakistan
  • Panama
  • Paraguay
  • Peru
  • Philippines
  • Poland
  • Portugal
  • Quebec
  • Republic of Congo
  • Republic of North Macedonia
  • Romania
  • Russian Federation
  • Rwanda
  • Saskatchewan
  • Serbia
  • Seychelles
  • Singapore
  • Slovakia
  • Slovenia
  • South Africa
  • South Korea
  • Spain
  • Sri Lanka
  • Sweden
  • Switzerland
  • Taiwan
  • Tajikistan
  • Tanzania
  • Tennessee
  • Thailand
  • The Gambia
  • Timor-Leste
  • Tunisia
  • Turkey
  • Turkmenistan
  • UAE - ADGM
  • UAE - DIFC
  • UAE - Federal
  • Uganda
  • UK
  • Uruguay
  • Utah
  • Uzbekistan
  • Vietnam
  • Virginia
  • Zambia

Controller and Processor Obligations

Compare Reset
    title
  • Data Processing Registration
  • Data Transfers
  • Data Processing Records
  • DPIAs
  • DPOs
  • Breach Notification
  • Data Retention
  • Children's Data
  • Special Categories
  • Vendor Contracts
  • Albania
  • Alberta
  • Algeria
  • Angola
  • Argentina
  • Armenia
  • Australia