Mark Williamson of Clyde & Co reminds everyone:
The US state of Delaware, which is home to many globally-recognised businesses, now requires privacy policies to be prominently displayed on commercial websites that collect “personally identifiable information” (PII). The new rules are contained in the Delaware Online Privacy and Protection Act (DOPPA), which came into force on 1 January. Under DOPPA, issues that must be addressed by policies include: the categories of PII that will be collected from users; and third parties with whom this data may be shared. The term “PII” can refer to both personal data and sensitive personal data as defined by the Data Protection Act 1998.