Who must Comply with the Minnesota Consumer Data Privacy Act (“MCDPA”)?
The Act will apply to legal entities that conduct business in Minnesota or produce products or services that are targeted to residents of Minnesota, and that satisfy one or more of the following thresholds:
(a) during a calendar year, controls or processes personal data of 100,000 consumers or more, excluding personal data controlled or processed solely for the purpose of completing a payment transaction; or
(b) derives over 25 percent of gross revenue from the sale of personal data and processes or controls personal data of 25,000 consumers or more.
The Act will exclude small businesses as defined by the United States Small Business Administration. The Act will also apply to technology providers under Minnesota’s educational data laws (i.e., entities that provide technology to schools).
These materials were obtained directly from the State Government public websites and are posted here for your review and reference only. No Claim to Original State Government Works. This may not be the most recent version. The State may have more current information. We make no guarantees or warranties about the accuracy or completeness of this information, or the information linked to. Please check the linked sources directly.