How to Comply with U.S. Laws?

Several states within the United States have recently enacted laws regulating the processing of personal data.

Personal data processing in the United States is primarily governed by the following texts:

All information found on this page is for informational purposes and is limited to the scopes covered by our solutions.

The Main Obligations Arising from U.S. Laws

The various laws mentioned above are applicable at different dates, depending on the state concerned. However, they mostly contain new obligations to comply with:


Respecting the rights of the data subjects

Data subjects have numerous rights, including the right to access, the right to erasure, the right to object to profiling and targeted advertising, and the right not to be subject to automated decision-making.
Companies must be able to respond to these requests within legal deadlines.

Protect data

Conducting a risk assessment related to personal data protection

Conducting a privacy factors assessment involves analyzing the risks and guarantees governing a specific processing, considered particularly sensitive due to the types or amount of data processed, as well as the processing methods used.

ID alternatif

Age Limitation for Consenting to Data Processing

U.S. laws have also defined the minimum age below which companies must necessarily obtain the consent of legal guardians for processing personal data concerning minors, which can be considered sensitive data.
This age is generally set at 13 years.


Transparency Obligations and Consent to Targeted Advertising

Under these new laws, companies must ensure they have, especially in some cases for processing with the purpose of targeted advertising, a free, specific, informed, and unambiguous consent.
They must also provide clear and accessible information to the data subjects about the characteristics of the personal data processing implemented, including the categories of personal data processed and the purposes of processing, the rights available to data subjects and how to exercise them, the categories of data recipients, or the existence of a sale operation concerning their personal data.

The Impact on Key Marketing Processes

What is now prohibited in terms of consent collection

Passive opt-out: refers to having to unsubscribe after being automatically enrolled when registering for a service.

Passive opt-in: involves pre-selecting boxes such as “I wish to receive advertising solicitations” or a drop-down menu that defaults to yes.

What is Allowed and Required under U.S. State Legislations

Opt-in: to obtain legally valid express consent, it is necessary to make a clear and specific request, informing the people concerned of the processing for which consent is provided.

A means of opposition: present in every communication that can be likened to targeted advertising.

Storing proof of consent: you must be able to trace the consent obtained from each data subject.

How Eulerian Supports You

vie privee

Your clients' information belongs to them

We ensure that internet users have the right and thus can oppose at any time the processing of their personal data by Eulerian Technologies.
We provide an unsubscribe link, available on our interface so that you can later distribute it on your website. In case of need or assistance with this type of action, our Account Management teams are available.


Organize your data

Minimize your “useless” or “expired” data by deleting what you no longer need.
One of the impacts of the new laws on companies is to adopt a new data philosophy, rationalizing their collection and processing. Therefore, we recommend not keeping inactive or unsubscribed contacts as these are data you will no longer use and pose a risk in the event of a security incident.