Canada PIPEDA.
PIPEDA governs the collection, use, and disclosure of personal information by private-sector organizations in Canada during commercial activities. It is based on 10 fair information principles and enforced by the OPC.
Maximum penalty
C$100K (proposed CPPA: 5% revenue)
Source: PIPEDA Part 1
Key requirements
Consent for collection, use, and disclosure
Purpose limitation and specification
Breach reporting to OPC and affected individuals
Individual access and correction rights
+1 more requirements in the complete guide.
Get the full PIPEDA compliance guide →Enforcement examples
Facebook (Meta)
Cambridge Analytica - OPC found PIPEDA violations; referred to Federal Court
OPC finding
2019
How Tessera automates PIPEDA compliance
PIPEDA consent management
OPC breach notification workflow
Privacy management program documentation
Cross-border transfer compliance
PIPEDA compliance checklist
Essential steps to achieve and maintain PIPEDA compliance.
Implement meaningful consent mechanisms
Establish breach reporting to OPC
Maintain privacy management program
+2 more steps in the full checklist.
Get your complete PIPEDA compliance checklist - free →Industries affected
Calculate your PIPEDA exposure.
See exactly how PIPEDA penalties apply to your revenue and industry profile.