Privacy laws · Delaware

Delaware Personal Data Privacy Act.

One of the lowest thresholds among state privacy laws (35K consumers). Strong consumer protections with universal opt-out requirement.

/ Diagnostic check ClearConsent scans your storefront for signals related to this law — consent banner state, GPC support, Do Not Sell links, privacy policy disclosures, cookies, and trackers.

/ Effective

2025-01-01

Effective date

When the law took effect or will take effect.

/ Consumers

35,000

Consumer threshold

The number of Delaware residents whose data triggers compliance.

/ Revenue

None

Revenue threshold

Annual revenue trigger for compliance, if applicable.

01 / Key requirements

What the law requires.

01Clear privacy notice
02Right to access, correct, delete personal data
03Right to data portability
04Right to opt-out of sale, targeted advertising, profiling
05Honor universal opt-out mechanisms
06Data protection assessments
07Consent for sensitive data
08Data minimization
09Children's data protections (under 18 opt-in for targeted ads)

02 / Enforcement

Penalties & cure period.

Penalties

Up to $10,000 per violation.

Cure period

60-day cure period (expires December 2025)

Enforcement agency

Attorney General

03 / E-commerce

What this means for
your store.

Very low threshold (35K consumers). Strong children's protections. Must honor universal opt-out.

Scan your store for DPDPA privacy gaps →

Run the diagnostic

Delaware Personal Data Privacy Act.

What the law requires.

Penalties & cure period.

What this means foryour store.

What this means for
your store.