Compliance
Practical guidance on meeting data protection requirements across jurisdictions, from implementation steps to ongoing compliance management. Learn how to audit your website for compliance gaps, set up proper consent mechanisms, maintain documentation, and prepare for regulatory inspections and enforcement actions.
Cookie Consent for Drupal: How to Make Your Drupal Site GDPR-Compliant
Drupal sites set session cookies, analytics trackers, and third-party scripts that all fall under GDPR and ePrivacy rules. This guide covers the cookie landscape on Drupal, your legal obligations, and how to add a compliant cookie banner using modules, theme templates, or an external CMP.
Cookie Consent for BigCommerce: How to Add a Cookie Banner to Your Store
BigCommerce stores set dozens of cookies for analytics, checkout, and marketing. This guide explains which cookies require consent, how BigCommerce Script Manager works for banner installation, and how to meet GDPR and CCPA requirements without losing conversion data.
Cookie Consent for Astro: Adding Privacy Compliance to Your Astro Website
Astro's islands architecture sends minimal JavaScript to the browser, but that does not exempt your site from cookie consent rules. This guide explains how to integrate a compliant cookie banner with Astro's unique script handling, client directives, and build pipeline.
Cookie Consent for Angular: How to Handle Cookies in Angular Applications
Angular applications face unique cookie consent challenges, from single-page navigation to server-side rendering with Angular Universal. This guide covers how to block tracking scripts until consent is granted, manage consent state through Angular services, and stay compliant with GDPR and ePrivacy rules.
Utah Consumer Privacy Act (UCPA): A Business-Friendly Privacy Law with Limited Consumer Rights
The UCPA took effect on 31 December 2023 as the narrowest comprehensive US state privacy law. It follows an opt-out model, has no private right of action, and sets high applicability thresholds that exclude most small businesses.
Tennessee Information Protection Act (TIPA): A Compliance Guide for Website Owners
The Tennessee Information Protection Act (TIPA) became enforceable on 1 July 2025, adding another opt-out privacy law to the growing US patchwork. TIPA stands out for its affirmative defence tied to the NIST Privacy Framework, giving compliant organisations a meaningful shield against enforcement.
New Jersey Data Privacy Act (NJ SB 332): Compliance Requirements for Online Businesses
The New Jersey Data Privacy Act (NJDPA) applies to businesses that process personal data of 100,000 or more New Jersey residents, or 25,000 residents if they also derive revenue from data sales. With universal opt-out signal recognition mandatory since July 2025, controllers must act now to avoid penalties of up to $10,000 per initial violation.
New Hampshire Privacy Act (NH SB 255): What Your Website Must Do to Comply
New Hampshire's SB 255 became enforceable on 1 January 2025, giving consumers opt-out rights and requiring websites to honour universal opt-out signals from day one. This guide covers the applicability thresholds, consumer rights, privacy notice requirements, and enforcement penalties your website needs to address.
Nebraska Data Privacy Act (NDPA): Compliance Requirements for 2026
The Nebraska Data Privacy Act took effect on 1 January 2025, making it one of the few US state privacy laws with no revenue or data-processing threshold. Every business handling Nebraska residents' personal data must comply, regardless of size. This guide covers the key obligations, consumer rights, and practical compliance steps for 2026.