Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 119th Congress · H.R. 8014 (Introduced in House) — To provide for individual rights relating to privacy of personal information, to establish privacy and security requi... · Sec. 211

Sec. 211. Privacy policy

367 words·~2 min read·/bill/119/hr/8014/ih/section-211·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

A covered entity shall maintain a privacy policy relating to the practices of such entity regarding the collecting, processing, maintaining, and disclosing of personal information. The privacy policy required by subsection
(a)shall contain the following: A general description of the practices of the covered entity regarding the collecting, processing, maintaining, and disclosing of personal information. A description of how individuals may exercise the rights provided by title I. A clear and concise summary of the following: The categories of personal information collected or otherwise obtained by the covered entity. The business or commercial purposes of the covered entity for collecting, processing, maintaining, or disclosing personal information. The categories and a list of third parties to which the covered entity discloses personal information. A description of the personal information that the covered entity maintains that the covered entity does not collect from individuals and how the covered entity obtains such personal information. A list of the third parties to which the covered entity has disclosed personal information. A list of the third parties from which the covered entity has obtained personal information at any time on or after the effective date of this Act. The articulated basis for the collecting, processing, disclosing, and maintaining of personal information, as required under section 201(a). The privacy policy required by subsection
(a)is not required to contain information relating to personal information that is collected, processed, maintained, or disclosed exclusively for any of the purposes described in paragraph
(1)of section 109(a) (or a combination of such purposes), except as provided in paragraph
(2)of such section. The privacy policy required by subsection
(a)shall be— clear and in plain language; and made publicly available in a prominent location on an ongoing basis. The privacy policy required by subsection
(a)shall be made available as required by paragraph
(1)before the covered entity collects personal information after the effective date of this Act. Subsections (b)(7) and
(d)do not apply to a small business. This section does not apply to a service provider if such service provider has a reasonable belief that a covered entity for which it processes, maintains, or discloses personal information is in compliance with this section.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.