Ok, that is very helpful. We have a specific form for GDPR, but we could potentially work with our Office of General Counsel to create a generic one for all countries. I appreciate your input for this!
Original Message:
Sent: 12-16-2025 10:05 AM
From: Amy Daultrey
Subject: Data Privacy Laws - International
Exactly, yes! There are so many similarities you can use the EU GDPR as the standard rather than trying to track every individual country.
I had a quick look and found a useful table in this article: https://medium.com/@ayushain/global-data-protection-laws-in-2025-the-worlds-strictest-privacy-regulations-compared-c5e28234a034. It puts the EU GDPR at the top with China and Switzerland.
------------------------------
Amy Daultrey
Software Services Consultant
Speaker on privacy law
amy@amydaultrey.com
Original Message:
Sent: 12-16-2025 07:32 AM
From: Colleen Deal
Subject: Data Privacy Laws - International
In following the GDPR, are you saying you would recommend following that standard for all counties not a part of the EU? I also had heard that about China but I have not looked into their laws. Thank you for your input on this!
------------------------------
Colleen Deal
Appalachian State University
dealcf@appstate.edu
Original Message:
Sent: 12-16-2025 04:57 AM
From: Amy Daultrey
Subject: Data Privacy Laws - International
Hi Colleen,
For now at least*, EU GDPR is the gold standard so as you're following that you're good for most other countries (although I believe China has stricter consent rules?). There's a nice long read here https://gdprlocal.com/privacy-laws-around-the-world/ (scroll down to Canada to skip the stuff you already know; it then goes through various regions and countries) that picks out some things to watch out for.
*There are some potential amendments to the EU GDPR in the pipeline as the legislation matures and they have figured out what is and isn't working. If/when it changes no doubt the IAPP will carry news and guidance: https://iapp.org/news?size=n_16_n. Any changes will be just EU of course, UK has separate GDPR.
Hope this helps!
Amy
------------------------------
Amy Daultrey
Software Services Consultant
Speaker on privacy law
amy@amydaultrey.com
Original Message:
Sent: 12-15-2025 08:42 AM
From: Colleen Deal
Subject: Data Privacy Laws - International
Thank you! This will be helpful.
------------------------------
Colleen Deal
Appalachian State University
dealcf@appstate.edu
Original Message:
Sent: 12-15-2025 08:18 AM
From: John Taylor
Subject: Data Privacy Laws - International
Try the UN Trade & Development (UNCTAD) Global Cyberlaw Tracker:
There is a separate link on that page to the known Data Protection Privacy Laws.
John
John H. Taylor, PrincipalJohn H. Taylor Consulting, LLC
2604 Sevier Street
Durham, NC 27705
919.816.5903 (cell/text)
Serving the Advancement Community Since 1987
Original Message:
Sent: 12/15/2025 9:06:00 AM
From: Colleen Deal
Subject: Data Privacy Laws - International
We currently adhere strictly to the EU GDPR law and do not update any information of someone in the EU and Great Britain without a documented and signed opt-in. However, we have been hearing more about data privacy laws in other nations following similar policies. Does anyone have a good way of tracking international data privacy laws and how are you managing them? Do you all have your general council office review all fo these countries? Any recommendations on how to handle the different laws? We don't have a large international constituent base, but it is starting to grow, so we just want to be sure we are tracking all this information accurately. Thank you!
------------------------------
Colleen Deal
Appalachian State University
dealcf@appstate.edu
------------------------------