UniConsent

Virginia Consumer Data Protection Act

The VCDPA takes effect January 1, 2023 and will affect companies and organizations that do business in Virginia, or that produce products or services targeted to residents of Virginia.

FeaturesGet Started

VCDPA

What is VCDPA?

VCDPA is Virginia Data Protection Act (VDPA or VCDPA) was signed into law in March 2021. VCDPA effective date is January 1, 2023.

Virginia became the second state in the US to pass a comprehensive data privacy law after California.

The Virginia Consumer Data Protection Act (VDPA) operates based on the consumer right to opt-out of having personal data collected, processed, and sold.

It also requires companies and organizations to obtain the consent from end-users if they collect or process sensitive personal data.

Who does the VDPA apply to?

It applies to global companies who conduct business in Virginia or produce products or services targeted to Virginia residents.

Either:

  • Control or process the personal data of at least 100,000 Virginia residents; or
  • Control or process the personal data of at least 25,000 Virginia residents and derive more than 50% of their gross revenue from the sale of personal data.

Consumer rights under VCDPA

  1. The right to know, access and confirm personal data.
  2. The right to delete personal data.
  3. The right to correct inaccuracies in personal data.
  4. The right to data portability (i.e., easy, portable access to all pieces of personal data held by a company).
  5. The right to opt out of the processing of personal data for targeted advertising purposes.
  6. The right to opt out of the sale of personal data.
  7. The right to opt out of profiling based upon personal data.
  8. The right to not be discriminated against for exercising any of the foregoing rights.

VCDPA enforcement and fines

The VCDPA will be enforced by the Virginia Attorney General and allows for a 30-day cure period, but uncured non-compliance can result in a civil penalty of up to $7,500 per violation.

VDPA and Consent Collection

If your website uses cookies to collect and process personal data from individuals inside the state of Virginia, users must have the option to opt out of that personal data being used for personlized advertising.

The Virginia Consumer Data Protection Act (VDPA) Timeline

  • The VDPA was signed into law in March 2021.
  • The VDPA takes effect January 1, 2023.

VCDPA vs CCPA

VCDPA is more like GDPR. The VCDPA’s definition of consent is even word-for-word taken from the EU’s GDPR, requiring the “freely given, specific, informed and unambiguous agreement” to constitute a valid end-user consent.

Consent is requried to processing personal and sensitive personal data.

Other US State Privacy Laws

  • CCPA: California Consumer Privacy Act, learn more at CCPA
  • CPRA: California Privacy Rights Act, learn more at CPRA
  • CPA: Colorado Privacy Act, learn more at CPA
  • VCDPA: Virginia Consumer Data Protection Act, learn more at VCDPA
  • UCPA: Utah Consumer Privacy Act, learn more at UCPA
  • CTDPA: Connecticut Data Protection Act, learn more at CTDPA
  • COPPA: Children’s Online Privacy Protection Act, learn more at COPPA

Compare different US State Privacy Laws

How to compliant with and implement the Virginia Consumer Data Protection Act Compliance Solution?

Use a consent management platform like UniConsent to offer consumers full control of data collection, opt-out features, manage the preferences communication.

Comply With Global Privacy Regulations

General Data Protection Regulation (GDPR)

Achieve seamless compliance with the General Data Protection Regulation (GDPR) – the cornerstone of data privacy in the European Union. Safeguard user data and build trust with our comprehensive GDPR compliance solutions.

California Consumer Privacy Act (CCPA)

Navigate the intricate landscape of the California Consumer Privacy Act (CCPA) effortlessly. Our CCPA compliance tools ensure that you adhere to the rigorous data protection standards required for California residents.

U.S. State Privacy Laws

Stay ahead of evolving privacy regulations in the United States. Our platform supports a range of state-specific laws, including CCPA, CPRA, CPA, VCDPA, UCPA, and COPPA, ensuring you remain compliant across all jurisdictions.

California Privacy Rights Act (CPRA)

Embrace the future of data privacy with the California Privacy Rights Act (CPRA). As a pioneering state-level legislation, CPRA empowers businesses to enhance their data protection practices and prioritize consumer privacy.

Colorado Privacy Act (CPA)

Prepare for the Colorado Privacy Act (CPA) with UniConsent CMP. Our solutions help you meet the stringent requirements of this forward-thinking state-level privacy law, ensuring the highest level of data security and compliance.

Virginia Consumer Data Protection Act (VCDPA)

Comply confidently with the Virginia Consumer Data Protection Act (VCDPA). UniConsent CMP provides the tools and expertise to ensure your organization aligns with VCDPA's robust data privacy framework, bolstering trust among Virginia residents.

Utah Consumer Privacy Act (UCPA)

Protect user data effectively with the Utah Consumer Privacy Act (UCPA). UniConsent CMP offers solutions that facilitate compliance with this emerging privacy law, ensuring your business is well-prepared for data privacy challenges in Utah.

Connecticut Data Protection Act (CTDPA)

Guard user information and uphold their privacy rights under the Connecticut Data Protection Act (CTDPA). UniConsent CMP's suite of compliance tools empowers you to navigate this state-level law seamlessly and responsibly.

Children’s Online Privacy Protection Act (COPPA)

Prioritize children's privacy with UniConsent CMP's COPPA compliance solutions. Complying with the Children’s Online Privacy Protection Act (COPPA) is simplified, allowing you to provide a safe online environment for young users.

General Data Protection in Thailand (PDPA)

Adhere to the Personal Data Protection Act 2019 (PDPA) in Thailand with UniConsent CMP. Our expertise in PDPA compliance ensures that your organization can operate confidently and securely in the Thai market while respecting user data privacy.

The General Data Protection Law in Brazil (LGPD)

UniConsent CMP facilitates compliance with Brazil's General Data Protection Law (LGPD). Our solutions empower businesses to meet LGPD's stringent requirements, safeguarding the personal data of individuals in Brazil.

China Personal Information Protection Law (PIPL)

Prepare for the China Personal Information Protection Law (PIPL) with UniConsent CMP. As data protection regulations evolve in China, our platform ensures your organization is well-equipped to handle personal information responsibly and securely.

Protection of Personal Information Act in South Africa (POPIA)

The Summary of Protection of Personal Information Act, POPI Act, POPIA, South African Privacy Law.

India’s Personal Data Protection (PDP)

The Personal Data Protection bill for India could require changes to your data management and is not directly solved with GDPR compliance.

Turkey Personal Data Protection Law (KVKK)

The Summary of Turkey’s Personal Data Protection Law: KVKK.

UK General Data Protection Regulation (UK GDPR)

Achieve seamless compliance with the General Data Protection Regulation (GDPR) – the cornerstone of data privacy in the UK. Safeguard user data and build trust with our comprehensive GDPR compliance solutions.

IAB registered consent manager for GDPRIAB TCF V2 registered consent manager for GDPRIAB TCF Canada registered consent managerGoogle-certified CMPGoogle-certified CMP
Trusted by 5000+ of global publishers and marketers
  • sej
  • football365
  • sharethrough
  • districtm
  • pf1
  • tower cast

Get started to make your website and application compliant for EU GDPR, US CPRA, CA PIPEDA etc

Sign up