Skip to content

Know your privacy law obligations

Many #SaaS companies these days are generally aware of privacy law requirements (e.g., they understand that there are obligations and responsibilities attached to collecting, using and disclosing personal information, and they recognize the acronyms of PIPEDA (Canada) and the GDPR (EU). However, often their actions don’t go far beyond having an initial privacy policy drafted.
 
For instance, under PIPEDA, did you know that you need to obtain a new consent from individuals when your business wants to use or disclose personal information for a different purpose than it was originally collected (with consent!) for?