This document provides an overview of the different privacy regulations supported by Adobe Experience Cloud.
Through the use of Adobe Experience Platform Privacy Service, Experience Cloud supports access and delete requests based on the following regulations:
|CCPA (California)||The California Consumer Privacy Act (CCPA) enhances privacy rights and consumer protection for residents of California, United States. The CCPA provides new data privacy rights to California residents, including the right to access and delete their personal data, to know whether their personal data is sold or disclosed (and to whom), and the right to opt out of having their data sold to third parties.|
|GDPR (European Union)||The General Data Protection Regulation (GDPR) introduced several new data privacy rights for members of the European Economic Area (EEA), including the Right to Access and the Right to be Forgotten. This means that any person living in the EEA whose personal data has been collected by your business can request to access or delete their data at any time.
The United Kingdom (post-Brexit) has its own version of the regulation, UK-GDPR, which provides its citizens with the same rights as the EEA version.
|LGPD (Brazil)||The Lei Geral de Proteção de Dados (LGPD) aims to regulate the treatment of personal data of all individuals or natural persons in Brazil. The LGPD gives Brazil citizens the rights to access and delete their personal data, to know whether their personal data is sold or disclosed (and to whom), and the right to opt out of having their data sold to third parties.|
|New Zealand Privacy Act||The New Zealand Privacy Act controls how agencies can collect, use, disclose, store, and give access to the personal information of New Zealand citizens and organizations. In 2020, the latest version of the act introduced significant updates to these privacy laws, including new offences, increasing fines, mandatory notifications for data breaches, and increasing the powers of the Privacy Commissioner.|
|PDPA (Thailand)||The Personal Data Protection Act (PDPA) was introduced to safeguard Thai data owners from the illegal collection, use, or disclosure of their personal data. Inspired by the European Union’s GDPR, the regulation grants Thai citizens the right to request access to, or the deletion of, their stored personal data.|
For more information on supported regulations, refer to the following documents:
To learn how to support customer access and delete requests for data stored on your Experience Cloud applications, refer to the guide on Privacy Service and Experience Cloud applications.