Cloud Compliance
Reference Guide · Global Privacy Regulations
Privacy Regulation Matrix — Global Compliance for Salesforce
Map Cloud Compliance products to GDPR, CCPA/CPRA, LGPD, and PDPB requirements. Understand which product addresses which regulation. Comprehensive mapping across four major privacy frameworks. One platform for global compliance.
4
Regulations
GDPR, CCPA, LGPD, PDPB
3
Products
DataMasker, Retention, Privacy Rights
100%
Coverage
Comprehensive mapping
5
Continents
Global applicability
Regulation Compliance Matrix
Map privacy functions to specific regulatory requirements across GDPR (EU), CCPA/CPRA (California), LGPD (Brazil), and PDPB (India).
Function GDPR Articles CCPA Sections LGPD Articles PDPB Clauses CC Product
Data Masking Art 32, Recitals 76-77, 83 Art 46 DataMasker
Data Retention Art 5, 25, 32; Recitals 28, 39, 50 1798.130, 1798.120(a) Art 12, 15 Clauses 4-6, 9 Data Retention
Right to be Forgotten Art 17 CCPA Governance Art 18 Clauses 9, 17-20, 23, 33 Privacy Rights
Data Portability Art 20 Art 19 Clauses 9, 17-20 Privacy Rights
Consent Management Art 6-8, 22 1798.135(1)(2) Art 8-10 Clauses 5, 7, 11-14 Privacy Rights
Data Inventory Art 30, 32, 35 1798.135(1)(2) Art 37-40 Clauses 24, 40 Data Retention + Privacy Rights
Policy Notices Art 12-14 CCPA Governance Clauses 7, 22-25 Privacy Rights
This matrix is for informational purposes. Consult your legal counsel for compliance advice.
How Cloud Compliance Helps
1
Identify Applicable Regulations

Determine which privacy laws apply to your business based on customer location.

2
Map Requirements to Products

Use the matrix above to understand which CC product addresses each requirement.

3
Implement Solutions

3-week go-live per product. Install, configure, and deploy with minimal disruption.

4
Maintain Compliance

Audit trails, automated reports, and product updates as regulations evolve.

Multi-National Enterprise — Global Compliance Implementation
GDPR
European Union
CCPA
California
LGPD
Brazil
Single Platform
Unified Compliance
Regional Deep Dives & Regulation Comparison
Understand the nuances of each privacy framework and how Cloud Compliance addresses them.
Regional Deep Dives

GDPR (EU/UK)

The General Data Protection Regulation sets the global standard for privacy. Key focus areas include lawful basis for processing (Art 6), data minimization (Art 5), privacy by design (Art 25), security of processing (Art 32), and individual rights including RTBF (Art 17) and portability (Art 20). Cloud Compliance addresses all major GDPR requirements through our three-product suite.

CCPA/CPRA (California)

The California Consumer Privacy Act and Privacy Rights Act focus on consumer transparency and control. Key rights include the right to know what personal information is collected, the right to delete personal information, and the right to opt-out of sale/sharing. Unlike GDPR, CCPA uses an opt-out model rather than opt-in consent.

LGPD (Brazil)

Lei Geral de Proteção de Dados is heavily influenced by GDPR but has distinct Brazilian characteristics. It requires legal bases for processing (Art 7), grants rights of access and deletion (Arts 17-18), and mandates data protection officers for certain controllers. The consent framework is similar to GDPR but with some local nuances.

PDPB (India)

The Digital Personal Data Protection Bill establishes India's first comprehensive privacy framework. Key provisions include consent requirements (Clause 6), data localization considerations, individual rights to correction and erasure, and significant penalties for non-compliance. The framework emphasizes data fiduciaries and their obligations.

Regulation Comparison by Requirement
Requirement GDPR CCPA LGPD PDPB
Data Masking Art 32 Implied Art 46 Implied
Retention Limits Art 5(1)(e) 1798.130 Art 15 Clause 9
Right to be Forgotten Art 17 Delete Right Art 18 Clause 18
Data Portability Art 20 Limited Art 19 Clause 19
Consent Framework Art 6-8 Opt-out Art 7-10 Clause 6
Breach Notification Art 33-34 Required Art 46 Clause 25
Frequently Asked Questions
FAQ
Scope
Which regulations apply to my business?
Compliance obligations depend on where your customers are located, not just where your business is headquartered. GDPR applies to EU residents, CCPA to California consumers, LGPD to Brazilian data subjects, and PDPB to Indian residents.
Products
Can one product cover multiple regulations?
Yes. Privacy Rights covers RTBF and Data Portability requirements across GDPR, CCPA, LGPD, and PDPB. Data Retention addresses retention limits in all four regulations.
Conflicts
How do I handle conflicting requirements?
When regulations conflict, the most stringent rule typically prevails. All Cloud Compliance products are configurable to meet the strictest requirements across jurisdictions.
Updates
What about upcoming regulations?
Cloud Compliance products are continuously updated as privacy regulations evolve. Our team monitors legislative developments globally and releases updates to ensure compliance.
Tips for best PDF quality:
• Use Chrome or Edge browser
• Select "Save as PDF" as the destination
• Disable "Headers and footers" in print settings
• Enable "Background graphics" for colors