Privacy Act in Canada
We are based in Canada but have clients and, to some extent, operate in the US, Australia, and the UK." Is it sufficient to specify conformance with PIPEDA as defined in Canada's Privacy Act or do we have a separate requirement in each country we operate in? Thanks
Assign topic to the user
I’m assuming that by PIPEDA you mean the Personal Information Protection and Electronic Documents Act.
Considering that, since you have customers in other countries, you should assess privacy-related laws and regulations in these countries to check if those define some kind of requirement related to the protection of their citizens’ private data stored/processed in other countries.
In case there are no such requirements, it would be sufficient to specify conformance with PIPEDA.
For further information, see:
- How to comply with EU GDPR, UK GDPR, and Data Protection Act https://advisera.com/eugdpracademy/blog/2021/05/25/how-to-comply-with-eu-gdpr-uk-gdpr-and-data-protection-act/
- Comparison of GDPR With Leading Privacy Regulations Worldwide [free webinar on demand] https://advisera.com/eugdpracademy/webinar/comparison-of-gdpr-with-leading-privacy-regulations-worldwide-free-webinar-on-demand/
Comment as guest or Sign in
Nov 15, 2022