Privacy Act in Canada
We are based in Canada but have clients and, to some extent, operate in the US, Australia, and the UK." Is it sufficient to specify conformance with PIPEDA as defined in Canada's Privacy Act or do we have a separate requirement in each country we operate in? Thanks
Assign topic to the user
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
I’m assuming that by PIPEDA you mean the Personal Information Protection and Electronic Documents Act.
Considering that, since you have customers in other countries, you should assess privacy-related laws and regulations in these countries to check if those define some kind of requirement related to the protection of their citizens’ private data stored/processed in other countries.
In case there are no such requirements, it would be sufficient to specify conformance with PIPEDA.
For further information, see:
- How to comply with EU GDPR, UK GDPR, and Data Protection Act https://advisera.com/eugdpracademy/blog/2021/05/25/how-to-comply-with-eu-gdpr-uk-gdpr-and-data-protection-act/
- Comparison of GDPR With Leading Privacy Regulations Worldwide [free webinar on demand] https://advisera.com/eugdpracademy/webinar/comparison-of-gdpr-with-leading-privacy-regulations-worldwide-free-webinar-on-demand/
Comment as guest or Sign in
Nov 15, 2022