GDPR and CCPA both provide rights to individuals regarding the control and protection of their personal data. The rights are similar but different and individuals are referred to as data subjects in GDPR and consumers in CCPA. In addition, COPPA in the US deals specifically with the privacy rights of children under the age of 13. Under GDPR, data subjects must agree to how their data is used and the controller must ensure that their data is only used as allowed by law or by contract.
While the following focuses on GDPR and CCPA, generally privacy regulations provide basic rights to individuals regarding their personal data, including the right to be forgotten, portability, access, error correction, and expectation of security.
For CCPA, consumers own and control their data and can hold companies responsible for the security of their data.
Sign up for a demo