Delaware Personal Data Privacy Act – Compliance Guide

The DPDPA takes effect on January 1, 2025. If your business collects personal data from Delaware residents, you may need to comply. This page explains the basics in plain English.

Applies to entities processing personal data of Delaware residents (thresholds/exemptions apply).

🎯 Who Must Comply

  • Organizations serving Delaware residents online
  • Controllers and processors of personal data

Common Exemptions:

  • Government entities
  • Certain data sets under federal sectoral laws (in-scope only)

📋 Key Requirements

  • Privacy policy with categories, purposes, and resident rights
  • Rights: access, correction, deletion, portability
  • Opt-out for targeted advertising and sale
  • Consent for sensitive data
  • Processor contracts with required terms

⚠️ Penalties & Enforcement

  • Enforcing Authority: Delaware Department of Justice / Attorney General
  • Penalty Range: Civil penalties; amounts can vary by violation
  • Cure Period: Some cure allowances may exist; confirm latest guidance.

How to Prepare for Delaware Compliance

  1. Publish a compliant privacy notice
  2. Enable user rights intake and response timelines
  3. Implement consent/opt-out tools for trackers and targeted ads

💡 Pro Tip: Start with steps 1-3 to cover 80% of compliance requirements quickly.

📅 Delaware Privacy Law Timeline

🚨 NOW - Before January 1, 2025

Implement privacy policy, cookie consent, and basic data handling procedures.

📋 January 1, 2025 - Law Goes Live

Full compliance required. Enforcement may begin immediately.

✅ Ongoing - Stay Compliant

Monitor for updates, handle user requests, maintain documentation.

Common Delaware Privacy Law Questions

Do I need to comply if I don't have customers in Delaware?

If your website receives any visitors from Delaware, you may need to comply. This includes people who visit your site while traveling, working remotely, or just browsing online.

What counts as "personal data" under DPDPA?

Personal data typically includes email addresses, IP addresses, location data, cookies/tracking IDs, and any information that can identify a person directly or indirectly.

How much will compliance cost for a small business?

Basic compliance (privacy policy + cookie banner + user rights) typically costs $20-100/month using automated tools. Compare this to potential fines of Civil penalties; amounts can vary by violation.

Check Your Delaware Privacy Compliance

Identify missing disclosures and consent flows with a free scan.

Run Free Privacy Compliance Scan →

📚 Additional Resources

All Privacy Laws Guide

GDPR, CCPA & all 2025 state laws

2025 Compliance Timeline

All deadlines & requirements

Privacy & Security Risks

Fines, lawsuits & consequences