top of page

Understanding Data Privacy Terminology

Updated: May 8, 2023

In the data privacy world, there are a lot of acronyms and unfamiliar terms, and more seem to crop up every day. For newcomers and seasoned pros alike, it can be difficult to keep up.

Here, we’ll take a look at the most commonly used terms on our site, and what they mean. This will help you gain a greater understanding of what we’re talking about, and make other news articles or blogs across the web a bit easier to read.

Data Privacy Terms by Law

This is the EU’s “gold standard” data privacy law that gives EU citizens certain rights regarding the information they share online. Passed in 2018, and enacted in 2020, the GDPR operates on seven basic principles that all businesses must adhere to if they operate out of the EU, or target customers who reside in the EU.

The CCPA was the first state-wide data privacy law introduced in the United States. Passed in 2018, it models the GDPR and gives California residents the right to control information that businesses have about them.

The CPRA is an extension of the CCPA. Set to be enacted in 2023, it provides additional protections for California residents that the CCPA does not cover. Combined, the CCPA and CPRA are two of the strictest data privacy laws in the world.

Virginia is the second state in the U.S. to enact its own data privacy laws. Following closely in the footsteps of the GPDR and CCPA, it aims to protect Virginia residents, and hold businesses accountable for how they handle, store, and process consumer data.

Colorado joined California and Virginia in state-wide efforts to keep consumer data safe. The law was passed in 2021, and is set to be enacted in July, 2023.

CTDPA - Connecticut Data Privacy Act

Connecticut’s version of a data privacy act that is very similar to GDPR, CCPA and VCDPA. It protects Connecticut citizens’ data as they browse or shop online; however, it does not apply to data that is used for employment purposes.

UCPA – Utah Consumer Privacy Act

The UCPA gives Utah residents the right to know, delete, change, or modify the personal information they share online and with businesses. It also gives businesses and website owners the responsibility of handling that data with utmost respect.

In an effort to crack down on data privacy, Brazil has enacted its own data privacy framework, the LGPD.

The TCPA is an older law – it was enacted in 1991 to help protect consumers from unwanted or spam calls, text messages and faxes. It requires that businesses get consent from customers before communicating with them by phone – including pre-recorded calls.

Data Privacy Terms by Industry


This is any form of commercial transaction conducted electronically. For instance, any retail store that has an online presence or does transactions electronically. This includes business-to-business, business-to-consumer, and consumer-to-consumer sales.


This stands for Finance and Technology – two highly regulated industries that require additional care and provisions for the protection of personal data.


Also a highly regulated industry, companies that fall under this title must adhere to rules like HIPAA and additional data privacy regulations.


An organization or individual who seeks to better understand their target audience by developing products made for them. Marketers often use available data to ensure they’re selling the right things to the right people.


This title applies to any organization or individual that publishes written works. In the digital world, this could apply to something as simple as a blog or newsletter that requires a subscription, or a major company that requires a subscription or personal information from readers before they can access things like news stories, white papers, or case studies.

Data Privacy Terms by Product

CCM – Cookie Consent Management

Most data privacy laws today require cookie consent management. As a business or website owner, you have a responsibility to have a cookie banner with a clear policy laid out with easy ways for end users to accept, reject, or customize their cookie preferences.

DSAR – Data Subject Access Request

DSARs are when a customer comes to you asking for where their information has gone and why. It’s up to you as a business to determine the nature of their request and how quickly you can respond to that request under the law.

CPM – Consent Preference Management

Once you know what your users’ preference is, you can manage that with lawful, automatic tools that delete data when it’s supposed to be deleted, does not collect more than necessary, and gives information when requested.

CMP – Consent Management Platform

This is a total solution designed to help you with Data Subject Access Requests (DSARs), cookie consent, and preference management.

Data Privacy Terms by Subject


Cookies are small bits of data that websites gather about end users. They are necessary to keep sites functional, but they can also be stored, shared, sold, or used for marketing purposes.

Cookie Banner

A pop-up banner that displays on your website when an end user first visits. It should explain your cookie policy, and give users the option to accept, reject, or manage their cookie preferences.


The act of automating a task instead of doing it manually. For instance, many Adzapier products use automation to make them more efficient and accurate.

Final take..

Get the right data privacy solution for you. These are the basics, but there is a lot more to learn. You can do it, and we are here to help. For small to mid-sized businesses, it’s important to follow the must-haves:

Speak with one of our privacy experts today and get peace of mind for your business – and your customers.

Recent Posts

See All
bottom of page