UniConsent

Alabama Personal Data Protection Act (APDPA)

UniConsent helps businesses comply with the Alabama Personal Data Protection Act (APDPA). Manage consumer opt-out requests, cookie consent banners, and sensitive data consent in one platform.

FonctionCommencer
Fait confiance à plus de 5000 éditeurs et marketeurs du monde entier
  • sej
  • football365
  • sharethrough
  • districtm
  • pf1
  • tower cast

Alabama Personal Data Protection Act (APDPA)

The Alabama Personal Data Protection Act (APDPA) was signed into law and takes effect on May 1, 2027. Alabama joins the growing list of US states that have enacted comprehensive consumer data privacy legislation.

What Is the APDPA?

The APDPA grants Alabama residents rights over their personal data and places obligations on businesses that collect or process that data. The law follows the opt-out model for general personal data and requires opt-in consent before processing sensitive data.

Who Does the APDPA Apply To?

The APDPA applies to businesses that conduct operations in Alabama or target products or services to Alabama residents, and during the prior calendar year either:

  • Controlled or processed the personal data of more than 25,000 consumers (excluding data processed solely to complete a payment transaction); or
  • Derived more than 25% of gross revenue from the sale of personal data.

The law includes carve-outs for small businesses. Businesses with fewer than 500 employees that do not sell personal data are generally exempt, as are nonprofits with fewer than 100 employees that do not sell personal data.

Consumer Rights Under the APDPA

Alabama residents are entitled to:

  • Right to confirm: confirm whether a business is processing their personal data
  • Right to access: request a copy of the personal data a business holds about them
  • Right to correction: request correction of inaccurate personal data
  • Right to deletion: request deletion of their personal data
  • Right to data portability: obtain a portable copy of their personal data in a readily usable format
  • Right to opt out: opt out of targeted advertising, the sale of personal data, and automated profiling used to make significant decisions
  • Right to appeal: appeal a business's denial of a rights request

Businesses must respond to verified consumer requests within 45 days, with a possible 45-day extension when reasonably necessary.

Sensitive Data

Processing sensitive data requires opt-in consent from consumers. Sensitive data under the APDPA includes:

  • Racial or ethnic origin
  • Religious beliefs
  • Mental or physical health conditions or diagnoses
  • Sexual orientation or gender identity
  • Biometric data processed to uniquely identify an individual
  • Precise geolocation data (within 1,750 feet)
  • Personal data of consumers known to be under 13 (applying a known-child standard consistent with COPPA)

Enforcement

The Alabama Attorney General has exclusive authority to enforce the APDPA. There is no private right of action. Businesses receive a 45-day cure period after notice of a violation before the Attorney General may bring an action. Civil penalties of up to $15,000 per violation may be imposed for violations that are not cured within that period.

Notable Features of the APDPA

The APDPA has several characteristics that distinguish it from comparable state laws:

  • No data protection impact assessment (DPIA) requirement, unlike Virginia, Colorado, and Connecticut
  • A narrow definition of "sale" that requires a material benefit to the controller and unrestricted subsequent use by the recipient, which may exclude some analytics and marketing service arrangements
  • A child data threshold of age 13 for the sensitive data opt-in consent requirement, which is lower than the age 16 or 18 thresholds applied in some other states; additionally, the APDPA requires opt-in consent before selling personal data of consumers aged 13 to 15, or using it for targeted advertising
  • More generous small business exemptions than many comparable state laws

How UniConsent Supports APDPA Compliance

UniConsent provides the tools businesses need to meet APDPA requirements:

  • Opt-out and opt-in consent banners configurable by state
  • Global Privacy Control (GPC) signal recognition
  • Consumer rights request management
  • Sensitive data consent workflows
  • Integration with websites, mobile apps, and tag managers

Get started with UniConsent or explore our features.

Other US State Privacy Laws

  • CCPA: California Consumer Privacy Act, learn more at CCPA
  • CPRA: California Privacy Rights Act, learn more at CPRA
  • CPA: Colorado Privacy Act, learn more at CPA
  • VCDPA: Virginia Consumer Data Protection Act, learn more at VCDPA
  • UCPA: Utah Consumer Privacy Act, learn more at UCPA
  • CTDPA: Connecticut Data Protection Act, learn more at CTDPA
  • TDPSA: Texas Data Privacy and Security Act, learn more at TDPSA
  • DPDPA: Delaware Personal Data Privacy Act, learn more at DPDPA
  • NHPA: New Hampshire Privacy Act, learn more at NHPA
  • MTCDPA: Montana Consumer Data Privacy Act, learn more at MTCDPA
  • FDBR: Florida Digital Bill of Rights, learn more at FDBR
  • NJDPA: New Jersey Data Protection Act, learn more at NJDPA
  • INCDPA: Indiana Consumer Data Protection Act, learn more at INCDPA
  • KCDPA: Kentucky Consumer Data Protection Act, learn more at KCDPA

Compare different US State Privacy Laws

APDPA Compliance by UniConsent

FonctionCommencer
  • CMP certifié IAB
  • Prise en charge de Google Consent Mode v2
  • Global Privacy Control (GPC) support
  • Prise en charge du signal universel de désinscription
  • Plusieurs étapes entièrement personnalisables
  • Implémentation en une seule balise
  • Prise en charge de Google Tag Manager
  • Suivi et analyse
  • Prise en charge de plusieurs langues
  • Blocage des balises JavaScript et des cookies
  • Analyse et divulgation des cookies
  • Solution facile en libre-service

IAB registered consent manager for GDPRIAB TCF V2 registered consent manager for GDPRIAB TCF Canada registered consent managerGoogle-certified CMPGoogle-certified CMP

Comply With Global Privacy Regulations

General Data Protection Regulation (GDPR)

Achieve seamless compliance with the General Data Protection Regulation (GDPR) – the cornerstone of data privacy in the European Union. Safeguard user data and build trust with our comprehensive GDPR compliance solutions.

California Consumer Privacy Act (CCPA)

Navigate the intricate landscape of the California Consumer Privacy Act (CCPA) effortlessly. Our CCPA compliance tools ensure that you adhere to the rigorous data protection standards required for California residents.

U.S. State Privacy Laws

Stay ahead of evolving privacy regulations in the United States. Our platform supports a range of state-specific laws, including CCPA, CPRA, CPA, VCDPA, UCPA, and COPPA, ensuring you remain compliant across all jurisdictions.

California Privacy Rights Act (CPRA)

Embrace the future of data privacy with the California Privacy Rights Act (CPRA). As a pioneering state-level legislation, CPRA empowers businesses to enhance their data protection practices and prioritize consumer privacy.

Colorado Privacy Act (CPA)

Prepare for the Colorado Privacy Act (CPA) with UniConsent CMP. Our solutions help you meet the stringent requirements of this forward-thinking state-level privacy law, ensuring the highest level of data security and compliance.

Virginia Consumer Data Protection Act (VCDPA)

Comply confidently with the Virginia Consumer Data Protection Act (VCDPA). UniConsent CMP provides the tools and expertise to ensure your organization aligns with VCDPA's robust data privacy framework, bolstering trust among Virginia residents.

Utah Consumer Privacy Act (UCPA)

Protect user data effectively with the Utah Consumer Privacy Act (UCPA). UniConsent CMP offers solutions that facilitate compliance with this emerging privacy law, ensuring your business is well-prepared for data privacy challenges in Utah.

Connecticut Data Protection Act (CTDPA)

Guard user information and uphold their privacy rights under the Connecticut Data Protection Act (CTDPA). UniConsent CMP's suite of compliance tools empowers you to navigate this state-level law seamlessly and responsibly.

Children’s Online Privacy Protection Act (COPPA)

Prioritize children's privacy with UniConsent CMP's COPPA compliance solutions. Complying with the Children’s Online Privacy Protection Act (COPPA) is simplified, allowing you to provide a safe online environment for young users.

General Data Protection in Thailand (PDPA)

Adhere to the Personal Data Protection Act 2019 (PDPA) in Thailand with UniConsent CMP. Our expertise in PDPA compliance ensures that your organization can operate confidently and securely in the Thai market while respecting user data privacy.

The General Data Protection Law in Brazil (LGPD)

UniConsent CMP facilitates compliance with Brazil's General Data Protection Law (LGPD). Our solutions empower businesses to meet LGPD's stringent requirements, safeguarding the personal data of individuals in Brazil.

China Personal Information Protection Law (PIPL)

Prepare for the China Personal Information Protection Law (PIPL) with UniConsent CMP. As data protection regulations evolve in China, our platform ensures your organization is well-equipped to handle personal information responsibly and securely.

Protection of Personal Information Act in South Africa (POPIA)

The Summary of Protection of Personal Information Act, POPI Act, POPIA, South African Privacy Law.

India’s Personal Data Protection (PDP)

The Personal Data Protection bill for India could require changes to your data management and is not directly solved with GDPR compliance.

Turkey Personal Data Protection Law (KVKK)

The Summary of Turkey’s Personal Data Protection Law: KVKK.

UK General Data Protection Regulation (UK GDPR)

Achieve seamless compliance with the General Data Protection Regulation (GDPR) – the cornerstone of data privacy in the UK. Safeguard user data and build trust with our comprehensive GDPR compliance solutions.

Texas Data Privacy and Security Act (TDPSA)

Comply with the Texas Data Privacy and Security Act (TDPSA), effective July 1, 2024. UniConsent CMP supports opt-out rights, universal opt-out signals, and data protection assessments for Texas residents.

Delaware Personal Data Privacy Act (DPDPA)

Meet the requirements of the Delaware Personal Data Privacy Act (DPDPA). UniConsent CMP provides opt-out and opt-in consent tools, consumer rights management, and sensitive data workflows for Delaware compliance.

New Hampshire Privacy Act (NHPA)

Comply with the New Hampshire Privacy Act (NHPA). UniConsent CMP provides consent banners, Global Privacy Control support, and consumer rights request management for New Hampshire residents.

Montana Consumer Data Privacy Act (MTCDPA)

Meet the requirements of the Montana Consumer Data Privacy Act (MTCDPA). UniConsent CMP helps businesses manage opt-out rights, sensitive data consent, and consumer requests for Montana residents.

Florida Digital Bill of Rights (FDBR)

Meet the requirements of the Florida Digital Bill of Rights (FDBR). UniConsent CMP provides opt-out consent tools, children's data protections, and consumer rights management for Florida compliance.

New Jersey Data Protection Act (NJDPA)

Comply with the New Jersey Data Protection Act (NJDPA). UniConsent CMP provides opt-out consent banners, Global Privacy Control signal recognition, and consumer rights request management for New Jersey residents.

Indiana Consumer Data Protection Act (INCDPA)

Meet the requirements of the Indiana Consumer Data Protection Act (INCDPA). UniConsent CMP provides opt-out consent tools, sensitive data workflows, and consumer rights management for Indiana residents.

Iowa Consumer Data Protection Act (ICDPA)

Comply with the Iowa Consumer Data Protection Act (ICDPA). UniConsent CMP provides opt-out consent banners and consumer rights request management for Iowa residents.

Maryland Online Data Privacy Act (MODPA)

Meet the strict requirements of the Maryland Online Data Privacy Act (MODPA). UniConsent CMP supports data minimization, opt-in consent for sensitive data, and consumer rights management for Maryland residents.

Minnesota Consumer Data Privacy Act (MNCDPA)

Comply with the Minnesota Consumer Data Privacy Act (MNCDPA). UniConsent CMP provides opt-out consent tools, sensitive data workflows, and consumer rights management for Minnesota residents.

Nebraska Data Privacy Act (NDPA)

Meet the requirements of the Nebraska Data Privacy Act (NDPA). UniConsent CMP provides opt-out and opt-in consent tools, Global Privacy Control support, and consumer rights management for Nebraska residents.

Oregon Consumer Privacy Act (OCPA)

Comply with the Oregon Consumer Privacy Act (OCPA). UniConsent CMP provides opt-out consent banners, sensitive data opt-in workflows, and consumer rights management for Oregon residents.

Rhode Island Data Transparency and Privacy Protection Act (RIDTPPA)

Meet the requirements of the Rhode Island Data Transparency and Privacy Protection Act (RIDTPPA). UniConsent CMP provides consent banners, Global Privacy Control support, and consumer rights management for Rhode Island residents.

Tennessee Information Protection Act (TIPA)

Comply with the Tennessee Information Protection Act (TIPA). UniConsent CMP provides opt-out consent tools, sensitive data workflows, and NIST Privacy Framework-aligned privacy management for Tennessee residents.

Oklahoma Computer Data Privacy Act (OKCDPA)

Meet the requirements of the Oklahoma Computer Data Privacy Act (OKCDPA). UniConsent CMP provides opt-out consent banners, sensitive data consent workflows, and consumer rights management for Oklahoma residents.

Nevada Privacy Law (NRS 603A)

Comply with Nevada privacy law (NRS 603A). UniConsent CMP supports opt-out of data sale rights and consent management for Nevada residents.

California Invasion of Privacy Act (CIPA)

Manage CIPA compliance for your website. UniConsent CMP provides opt-in consent tools that block third-party tracking scripts until consent is granted, supporting compliance with California wiretapping law.

California Delete Act (SB 362)

Comply with the California Delete Act (SB 362). UniConsent CMP helps businesses manage consumer deletion requests, data broker obligations, and opt-out preference signals.

Kentucky Consumer Data Protection Act (KCDPA)

Meet the requirements of the Kentucky Consumer Data Protection Act (KCDPA). UniConsent CMP provides opt-out consent tools, sensitive data workflows, and consumer rights management for Kentucky residents.

Alabama Personal Data Protection Act (APDPA)

Prepare for the Alabama Personal Data Protection Act (APDPA), effective May 1, 2027. UniConsent CMP provides opt-out and opt-in consent tools, sensitive data workflows, and consumer rights management for Alabama residents.

Commencez à rendre votre site web et votre application conformes au RGPD de l'UE, au CPRA des États-Unis, au PIPEDA de la CA, etc.

S'inscrire