New Hampshire Privacy Act – Compliance Guide

The NHPA takes effect on January 1, 2025. If your business collects personal data from New Hampshire residents, you may need to comply. This page explains the basics in plain English.

Covers businesses processing personal data of New Hampshire residents, with thresholds/exemptions.

🎯 Who Must Comply

  • Businesses offering goods or services to NH residents
  • Controllers/processors (processor contracts required)

Common Exemptions:

  • Public entities
  • Data under sectoral federal laws when in scope

📋 Key Requirements

  • Transparent privacy notice with resident rights
  • Consumer rights: access, correction, deletion, portability
  • Opt-out for targeted advertising and sale
  • Consent for sensitive data
  • Data processing agreements

⚠️ Penalties & Enforcement

  • Enforcing Authority: New Hampshire Department of Justice / Attorney General
  • Penalty Range: Civil penalties per violation
  • Cure Period: Cure windows may exist; confirm latest rules.

How to Prepare for New Hampshire Compliance

  1. Publish disclosures and rights instructions
  2. Implement consent/opt-out tooling
  3. Add processor clauses to vendor contracts

💡 Pro Tip: Start with steps 1-3 to cover 80% of compliance requirements quickly.

📅 New Hampshire Privacy Law Timeline

🚨 NOW - Before January 1, 2025

Implement privacy policy, cookie consent, and basic data handling procedures.

📋 January 1, 2025 - Law Goes Live

Full compliance required. Enforcement may begin immediately.

✅ Ongoing - Stay Compliant

Monitor for updates, handle user requests, maintain documentation.

Common New Hampshire Privacy Law Questions

Do I need to comply if I don't have customers in New Hampshire?

If your website receives any visitors from New Hampshire, you may need to comply. This includes people who visit your site while traveling, working remotely, or just browsing online.

What counts as "personal data" under NHPA?

Personal data typically includes email addresses, IP addresses, location data, cookies/tracking IDs, and any information that can identify a person directly or indirectly.

How much will compliance cost for a small business?

Basic compliance (privacy policy + cookie banner + user rights) typically costs $20-100/month using automated tools. Compare this to potential fines of Civil penalties per violation.

Check Your New Hampshire Privacy Compliance

Run a free scan to spot gaps quickly.

Run Free Privacy Compliance Scan →

📚 Additional Resources

All Privacy Laws Guide

GDPR, CCPA & all 2025 state laws

2025 Compliance Timeline

All deadlines & requirements

Privacy & Security Risks

Fines, lawsuits & consequences