A Regulation refers to a privacy law that has been passed in a state or a country. Generally, regulation laws apply to any public or private entity, whatever their size and line of business.

As an example, the General Data Protection Regulation (GDPR) protects consumers in Europe since 2018. In California, the Consumer Privacy Rights Act (CPRA) is into force since January 2023.

A Privacy Request refers to a Data Subject Access Request that is an important facet of privacy laws like GDRP in Europe or the Consumer Privacy Rights Act (CPRA) in California. Most of the regulations give certain data rights to consumers like the right of access or deletion.

User Rights correspond to the rights granted to data subjects who live in a state or country that has passed a data privacy law. Subjects or end-users must typically take some action, such as submitting a privacy request, to exercise their data rights.

Privacy laws give certain data rights to consumers. Some of the main rights that these laws have in common are:

  • The right of access (or right to know): The right of a user to find out what personal data a company holds on them and to receive a copy of the data held.
  • The right of deletion: The right of a user to erase the personal information that a company has collected from them.
  • The right to opt-out: The right of a data subject to withdraw their consent to the processing of their personal information (e.g., a request to “do not sell” my personal data).