Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 116th Congress · S. 2968 (Introduced in Senate) — To provide consumers with foundational data privacy rights, create strong oversight mechanisms, and establish meaning... · Sec. 102

Sec. 102. Right to access and transparency

422 words·~2 min read·/bill/116/s/2968/is/section-102·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

A covered entity, upon the verified request of an individual, shall provide the individual, in a human-readable format that a reasonable individual can understand, with— a copy or accurate representation of the covered data of the individual processed or transferred by the covered entity; and the name of any third party to whom covered data of the individual has been transferred by the covered entity and a description of the purpose for which the entity transferred such data to such third party.
A covered entity shall make publicly and persistently available, in a conspicuous and readily accessible manner, a privacy policy that provides a detailed and accurate representation of the entity’s data processing and data transfer activities. Such privacy policy shall include, at a minimum— the identity and the contact information of the covered entity, including the contact information for the covered entity’s representative for privacy and data security inquiries; each category of data the covered entity collects and the processing purposes for which such data is collected; whether the covered entity transfers covered data and, if so— each category of service provider and third party to which the covered entity transfers covered data and the purposes for which such data is transferred to such categories; and the identity of each third party to which the covered entity transfers covered data and the purposes for which such data is transferred to such third party, except for transfers to governmental entities pursuant to a court order or law that prohibits the covered entity from disclosing such transfer; how long covered data processed by the covered entity will be retained by the covered entity and a description of the covered entity’s data minimization policies; how individuals can exercise the individual rights described in this title; a description of the covered entity’s data security policies; and the effective date of the privacy policy.
A covered entity shall make the privacy policy required under this section available to the public in all of the languages in which the covered entity provides a product or service or carries out any other activities to which the privacy policy relates. A covered entity shall not make a material change to its privacy policy or practices with respect to previously collected covered data that would weaken the privacy protections applicable to such data without first obtaining prior affirmative express consent from the individuals affected.
The covered entity shall provide direct notification, where possible, regarding material changes to affected individuals, taking into account available technology and the nature of the relationship.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.