Data Compliance Regulations

Learn about global and local regulations that may affect your company and how Exterro can help you become compliant.

CPRA - California Privacy Rights Act
In June 2018, the CCPA was signed into law, creating new privacy rights for Californians and significant new data protection obligations for businesses.
CCPA - California Consumer Privacy Act
The California Consumer Privacy Act (CCPA) gives California residents more control over their personal information, requiring businesses to disclose data collection practices, offer opt-out options for data selling, and ensure data protection.
Personal Data Protection Law - Saudi Arabia
PDPL imposes strict requirements on the collection, processing, and protection of personal data. Exterro’s Data Privacy, Security, and Governance Suite offers a powerful, automated solution to streamline compliance and minimize data risk efficiently.
NY DFS - New York Department of Financial Services
The New York Department of Financial Services (NY DFS) is the state agency responsible for regulating financial services and products, enforcing cybersecurity regulations, and protecting consumers and markets in New York.
GDPR - General Data Protection Regulation
GDPR is a data protection regulation that aims to safeguard the personal data of individuals in the EU by setting strict guidelines for its collection, processing, and storage, as well as providing individuals with more control over their data.
PIPEDA Personal Information Protection and Electronic Documents Act
PIPEDA is a Canadian law that governs how private sector organizations handle personal information, requiring consent, limited collection, accuracy, safeguards, access, and accountability.
LGPD Lei Geral de Proteção de Dados
LGPD is the Brazilian data protection law that governs the processing of personal data, requiring consent, transparency, security measures, and granting individuals rights over their data, with penalties for non-compliance.
PIPL Personal Information Protection Law
PIPL is China's data protection law that regulates the processing of personal information, requiring consent, transparency, security measures, and granting individuals rights over their data, with penalties for non-compliance.
DPDPA Digital Personal Data Protection Act
The law is meant to provide for the processing of digital personal data in a manner that safeguards the right of individuals and ensures that the processing is done for lawful purposes.
EU AI Act - European Artificial Intelligence Act
The EU Artificial Intelligence Act is regulation designed to ensure the safe and ethical development and use of artificial intelligence within the European Union.
Redefining how your business manages data risk.
Get Started
Mitigating enterprise data risk.
ResourcesBlogPodcastCase StudiesWhitepapers
ProductseDiscoveryDigital ForensicsData GovernancePlatform & Intelligence
IndustriesFinancial Services & InsuranceHealthcare & Life SciencesEnergy & UtilitiesGovernment & Public Sector
CompanyNews & PressCareersTrust CenterContact Us
© 2026 Exterro. All rights reserved
Trust CenterModern Slavery StatementPrivacy PolicyWebsite Terms of Use
Do Not Sell or Share My Personal Information