PRI-02—Data Privacy Notice
Weight: 7
>Control Description
Mechanisms exist to:
(1) Make data privacy notice(s) available to individuals upon first interacting with an organization and subsequently as necessary;
(2) Ensure that data privacy notices are clear and easy-to-understand, expressing relevant information about how Personal Data (PD) is collected, received, processed, stored, transmitted, shared, updated and/or disposed;
(3) Contain all necessary notice-related criteria required by applicable statutory, regulatory and contractual obligations;
(4) Define the scope of PD processing activities, including the geographic locations and third-party recipients that process the PD within the scope of the data privacy notice;
(5) Periodically, review and update the content of the privacy notice, as necessary; and
(6) Retain prior versions of the privacy notice, in accordance with data retention requirements.
>Cross-Framework Mappings
India DPDPA
Saudi Arabia PDPL
SOC 2 TSC (Detailed)
45 CFR 155.260
US Data Privacy Framework
HIPAA Simplification 2013
§ 164.520(a)(1)
Compare§ 164.520(a)(2)(i)
Compare§ 164.520(a)(2)(i)(A)
Compare§ 164.520(a)(2)(i)(B)
Compare§ 164.520(a)(2)(ii)
Compare§ 164.520(a)(2)(ii)(A)
Compare§ 164.520(a)(2)(ii)(B)
Compare§ 164.520(a)(2)(iii)
Compare§ 164.520(b)(1)
Compare§ 164.520(b)(1)(i)
Compare§ 164.520(b)(1)(ii)
Compare§ 164.520(b)(1)(ii)(A)
Compare§ 164.520(b)(1)(ii)(B)
Compare§ 164.520(b)(1)(ii)(C)
Compare§ 164.520(b)(1)(ii)(D)
Compare§ 164.520(b)(1)(ii)(E)
Compare§ 164.520(b)(1)(iv)
Compare§ 164.520(b)(1)(iv)(A)
Compare§ 164.520(b)(1)(iv)(B)
Compare§ 164.520(b)(1)(iv)(C)
Compare§ 164.520(b)(1)(iv)(D)
Compare§ 164.520(b)(1)(iv)(E)
Compare§ 164.520(b)(1)(iv)(F)
Compare§ 164.520(b)(1)(v)
Compare§ 164.520(b)(1)(v)(A)
Compare§ 164.520(b)(1)(v)(B)
Compare§ 164.520(b)(1)(v)(C)
Compare§ 164.520(b)(1)(vi)
Compare§ 164.520(b)(1)(vii)
Compare§ 164.520(b)(1)(viii)
Compare§ 164.520(b)(2)(i)
Compare§ 164.520(b)(2)(ii)
Compare§ 164.520(b)(3)
Compare§ 164.520(c)
Compare§ 164.520(c)(1)(i)
Compare§ 164.520(c)(1)(i)(A)
Compare§ 164.520(c)(1)(i)(B)
Compare§ 164.520(c)(1)(ii)
Compare§ 164.520(c)(1)(iii)
Compare§ 164.520(c)(1)(iv)
Compare§ 164.520(c)(1)(v)
Compare§ 164.520(c)(1)(v)(A)
Compare§ 164.520(c)(1)(v)(B)
Compare§ 164.530(i)(4)(i)(C)
CompareOregon CPA
Tennessee IPA
Texas CDPA
Virginia CDPA
GDPR
Article 12.7
CompareArticle 13.1(a)
CompareArticle 13.1(b)
CompareArticle 13.1(c)
CompareArticle 13.1(d)
CompareArticle 13.1(e)
CompareArticle 13.2
CompareArticle 13.2(a)
CompareArticle 13.2(b)
CompareArticle 13.2(c)
CompareArticle 13.2(d)
CompareArticle 13.2(e)
CompareArticle 13.2(f)
CompareArticle 13.3
CompareArticle 14.1(a)
CompareArticle 14.1(b)
CompareArticle 14.1(c)
CompareArticle 14.1(d)
CompareArticle 14.1(e)
CompareArticle 14.1(f)
CompareArticle 14.2
CompareArticle 14.2(a)
CompareArticle 14.2(b)
CompareArticle 14.2(c)
CompareArticle 14.2(d)
CompareArticle 14.2(e)
CompareArticle 14.2(f)
CompareArticle 14.2(g)
CompareArticle 14.3(a)
CompareArticle 14.3(b)
CompareArticle 14.3(c)
CompareArticle 14.4
CompareArticle 14.5(a)
CompareAsk AI
Configure your API key to use AI features.