Hard to cancel

Users must give informed and unambiguous consent and receive clear information about cookies, including processing purposes and data controller identity, according to the law.

Requires website operators to obtain user consent before storing or accessing information on the user's device through cookies or similar technologies.

Requires personal data to be processed lawfully, fairly, and transparently.

Legal basis for processing personal data are performance of contract, legal obligations compliance, protection of vital interests, controller's legitimate interests, and data subject's consent.

Valid consent conditions include being freely given, specific, informed, and unambiguous, and the data subject should be able to withdraw it anytime.

Ensures transparent information and easy access for individuals to their personal data processing, with the right to obtain a copy in a clear and common format.

Controllers must provide identity, contact details, processing purposes and legal basis, recipient information, retention period, and data subject rights when collecting personal data.

Specifies required information for data subjects when collecting personal data from other sources, including controller identity, processing purposes, personal data categories, recipients, and retention period.

Grants individuals the right to access their personal data and receive information on how it is processed.

Grants individuals the right to have their personal data erased under certain circumstances.

Gives individuals the right to object to the processing of their personal data in certain situations.

Requires controllers to notify the supervisory authority without undue delay if a personal data breach is likely to result in a risk to the rights and freedoms of individuals.

Requires controllers and processors to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.

Requires data controllers to implement appropriate measures to ensure data protection and to demonstrate compliance with GDPR.

Mandates that data protection must be incorporated into the design of systems, and that privacy must be a default setting for all data processing activities.

Outlines conditions for fines and penalties for non-compliance, including up to 4% of global annual revenue or €20 million, whichever is greater.

Consent is a voluntary agreement by an individual for their personal data processing, after being informed of its specific purposes and conditions.

Outlines data processors' responsibilities, including implementing appropriate security measures, processing data based on controller instructions, and maintaining records of processing activities.

Prohibits the sending of commercial communications by email or other electronic means without the prior consent of the recipient.

Prohibits the use of automated calling and communication systems for unsolicited promotional purposes, except with the prior consent of the data subject or for legitimate interest of the data controller.

Regulates the use of electronic communications for direct marketing purposes, including requirements for consent, opt-out options, and cookie disclosure.

Requires companies to obtain consumer's consent before charging their credit or debit cards for goods or services offered through a "negative option feature."

The internet must provide clear and accurate information to consumers, and the use of "data pass" to share billing information with third parties for unwanted memberships undermines consumer confidence.

Prohibits unfair and deceptive Internet sales practices, including misleading representations, failure to disclose material terms, and charging consumers without their express informed consent.

Specifies the enforcement provisions for violations of the Act by the Federal Trade Commission, including penalties and privileges.

Allows State attorneys general to bring a civil action in federal court to obtain injunctive relief for alleged violations of ROSCA, with certain requirements and limitations.

Prohibits deceptive acts or practices that misrepresent or omit material facts.

Prohibits the dissemination of any false or misleading statements in advertising.

Provides consumers with a private cause of action for relief from deceptive or unlawful practices in transactions for goods or services.

Prohibits unfair and unlawful business practices that deceive or mislead consumers in California.

Prohibits deceptive acts and practices in business or service, allows AG action against violators, and private right of action for injured individuals with increased damages for willful violations.

Provides definitions of various terms used in the Privacy and Electronic Communications

Defines the terms related to advertising, including misleading and comparative advertising, and identifies the advertiser.

Describes the conditions that must be met for comparative advertising to be permitted, including requirements for honesty, fair comparison, non-discrediting of competitors, and clarity regarding special offers.

Requires advertising to provide information about potential health and safety risks associated with products.

Prohibits advertising that encourages behavior that is potentially harmful to children.

Considers all aspects of advertising to determine if it is misleading, including information on products, prices, and the advertiser's attributes and rights.

Prohibit traders across all sectors from using unfair commercial practices that hinder consumers from making informed purchasing decisions.

Covers various aspects of consumer transactions, including the sale of goods and services, digital content, unfair contract terms, and remedies for faulty goods.

Grant consumers the right to cancel contracts for goods or services made through remote communication channels such as the internet, email, or telephone.

Outlines the certification mechanisms available for demonstrating compliance with the regulation.

Prevents dishonest or misleading actions involving the gathering, utilization, and/or exposure of children's personal information on the Internet

CFPA prohibits unfair, deceptive, and abusive acts and practices when offering or providing consumer financial products or services.

Requires disclosures for consumer financial products or services to be clear, easily understandable, and provided in a format that can be retained by the consumer.

Mandates consumer reporting agencies to implement fair and accurate procedures for handling consumer credit information, ensuring confidentiality and relevance while upholding consumer rights.

Unfair commercial practices, including misleading and aggressive tactics, are prohibited, targeting vulnerable groups and emphasizing disclosure of material information for informed consumer decisions.