California Consumer Privacy Act (CCPA): Primary US state legislation that governs consumer privacy rights in California, requiring businesses to provide specific disclosures about their data collection and processing practices
UK General Data Protection Regulation (UK GDPR): Post-Brexit UK adaptation of the EU GDPR, providing the fundamental framework for data protection in the UK, which must be considered for UK-based operations
Data Protection Act 2018: The UK's implementation of data protection laws that supplements the UK GDPR and provides specific requirements for data processing in the UK
Privacy and Electronic Communications Regulations (PECR): UK regulations governing electronic communications, including rules about cookies, email marketing, and electronic privacy
California Privacy Rights Act (CPRA): 2023 amendments to the CCPA that expand and modify consumer privacy rights and business obligations in California
FTC Guidelines: Federal Trade Commission guidelines providing requirements for clear and conspicuous privacy notices and fair information practices
E-Privacy Directive: EU directive as implemented in UK law, providing specific rules for electronic communications and digital privacy
Cross-border Data Transfer Requirements: Legal requirements for transferring personal data between the UK and California/US, including appropriate safeguards and transfer mechanisms
Dual Compliance Framework: Requirements for ensuring simultaneous compliance with both UK and California privacy laws, addressing potential overlaps and conflicts
Notice Requirements: Specific disclosure obligations required by both jurisdictions in privacy notices, including information about data collection, processing, and consumer rights
Data Subject Rights: Combined rights granted to individuals under both UK and California law, including access, deletion, correction, and opt-out rights
Processing Requirements: Legal bases and conditions for collecting and processing personal information under both jurisdictions
CCPA Disclosure Obligations: Specific disclosures required by CCPA including categories of personal information collected, purposes of collection, and third-party sharing practices
