skip to main content
0

CookiePro Knowledgebase

dot pattern banner

Knowledgebase Regulations Nevada Privacy Law: What is SB220?

Articles

Nevada Privacy Law: What is SB220?

Last Updated: March 18, 2020

SB220 is an act in Nevada that outlines how operators of websites can collect and sell data of consumers in Nevada. It went into effect on October 1,2019.  SB220 gives consumers the right to opt-out of the sale of their personal information via either a toll-free number, website form, or email. The website owner must provide the information about what kinds of personal information they collect to the consumer in a privacy policy or other easy-to-find section of the website. The law exempts healthcare and financial institutions subject to GLBA and HIPAA from having to provide details of the personal information sold or disclosed. The main website requirement for organizations is adding “designated request address” where consumers can submit requests for the operator not to sell any of their information. This can either be an electronic mail address, a toll-free telephone number, or a website through which a Nevadan can submit a request. SB220 applies to operators, defined in Nevada's first privacy law, NRS 603A as:
  • The owner or operator of a commercial website
  • Someone who collected "covered information" and
  • Conducts business with consumers in Nevada or
  • Has sufficient "nexus" with Nevada, including:
    • Having an office in Nevada
    • Have goods in storage within Nevada
    • Deliver goods to Nevada
Similar to CCPA and GDPR, SB220 has extraterritorial reach to companies outside of Nevada. CookiePro helps with compliance with SB220 and many other global privacy regulations.