Hi. How can we help?

Introduction to privacy laws

Privacy laws are designed to protect and empower the privacy of citizens and to reshape the way organizations across the region approach data privacy.

  • Europe's General Data Protection Regulation (GDPR) took effect on May 25, 2018
  • The California Consumer Privacy Act (CCPA) took effect on Jan 1, 2020

You can read helpful answers to the essential FAQs. Lightspeed is committed to assisting you to comply with privacy laws. Read the following articles to aid you in your preparedness:

Privacy FAQ

  1. Privacy laws aim to give citizens more control over personal data by regulating how businesses use this data. These regulations govern the viewing, storing, changing, transferring and even deleting of personal data. Personal data is defined as any information related to a natural person (or "data subject") that can be used to directly or indirectly identify them. This includes information such as names, addresses, email addresses and phone numbers.

    For more information on privacy laws and Lightspeed's efforts to comply with them:

    Lightspeed's privacy policy

    GDPR related:

    CCPA related:

  2. There are currently two privacy laws:

    • GDPR - Merchants that process or control personal data for residents of the European Union (EU).
    • CCPA - Merchants that do business in California who meet at least one of these minimum thresholds:
      • Exceed a gross revenue of $25 million, 
      • Collect or sell personal information of 50,000 consumers
      • Receive 50% or more of it's annual revenue from selling personal information.
  3. You can make a requests to:

    1. Receive access to your personal information.
      • For example, you want to know what personal data we store in our internal systems at Lightspeed.
    2. Modify inaccurate personal information.
      • For example, you want to change the email address we have for you on file.
    3. Object to processing your personal information.
      • For example, you want to be removed from our marketing campaigns.
    4. Delete your personal information.
      • For example, you have sold your business and would like to delete your personal information from our internal systems at Lightspeed.
    5. Receive a Data Processing Agreement (DPA).
      • For example, you are established in the European Union (EU) or you have customers based in the EU and you haven't received the DPA in your email yet. You want to sign the agreement to ensure that you're compliant with the GDPR.
  4. Outside of complying with the a privacy laws as a Lightspeed Retail merchant, it's easy to get overwhelmed with the amount of privacy information that's circulating and its requirements. To point you in the right direction and help you get started, below you'll find some additional resources that aim to guide merchants affected by privacy laws.

Was this article helpful?

0 out of 0 found this helpful