Get Started
Products
- The OneTrust Platform
  - OneTrust PrivacyPrivacy Management Software
    - Products
      - Assessment Automation
        Assessment Automation
        Operationalize your privacy program with automated PIAs and DPIAs to efficiently achieve privacy by design.
        
        Key Capabilities
        
        Assessment template library
        
        Seamless lifecycle integrations
        
        Gap analysis and remediation
        
        Centralized privacy dashboard
        
        Learn More
      - Data Mapping
        Data Mapping
        Visualized the entire data lifecycle across IT systems and processing activities to maintain an evergreen data inventory.
        
        Key Capabilities
        
        Data discovery and population
        
        Centralized data flow inventory
        
        Data visualization dashboards
        
        Evergreen data inventory
        
        Records of processing activities
        
        Learn More
      - Data Discovery
      - Privacy Rights (DSAR)
        Privacy Rights (DSAR)
        Automate privacy rights (DSAR) requests from intake to fulfillment
        
        Key Capabilities
        
        Customizable request intake form
        
        CCPA toll-free requirements
        
        User identity verification
        
        Data discovery and deletion
        
        Sub-task assignment workflows
        
        Secure communication portal
        
        Learn More
      - Data Redaction
        Data Redaction
        Automate the Redaction of Emails and Files in Response to Privacy Rights Requests, for litigation and other legal use cases, and for government requests like Freedom of Information Act (FOIA)
        
        Key Capabilities
        
        Automatically upload
        
        Classify and redact data
        
        Review redacted documents
        
        Learn More
      - Targeted Data Discovery™
        Targeted Data Discovery™
        Automate the manual tasks required to discover, delete, redact, opt out and process access, deletion or opt-out of sale requests.
        
        Key Capabilities
        
        Full process automation
        
        Pre-built system plugins
        
        Faster request fulfillment
        
        Automated workflow builder
        
        Learn More
      - CCPA Toll Free #
        CCPA Toll Free #
        Add a phone workflow into your consumer rights process to comply with the CCPA’s toll-free number requirement.
        
        Key Capabilities
        
        Customizable phone greeting
        
        Automated back-end workflows
        
        Consumer rights integration
        
        Learn More
      - Vendor Risk Management
        Vendor Risk Management
        Automate assessment workflows to streamline the third-party risk management lifecycle, from on-boarding to risk mitigation and off-boarding.
        
        Key Capabilities
        
        Vendor on-boarding automation
        
        Issue and exception management
        
        Audit-ready reports and dashboards
        
        360-degree vendor monitoring
        
        Learn More
      - Incident Management
        Incident Management
        Streamline the intake, investigation, and notification of privacy and security incidents and data breaches across your organization
        
        Key Capabilities
        
        Database of 300+ breach laws
        
        Streamline breach investigation
        
        Notification guidance built-in
        
        Risk tracking and mitigation
        
        Learn More
      - Policy & Notice Management
        Policy & Notice Management
        Simplify creating, updating and monitoring privacy policies and notices across websites and apps into one central platform.
        
        Key Capabilities
        
        Responsive policy builder
        
        Website and app integration
        
        Dynamic updates and versioning
        
        Learn More
      - DataGuidance Research
      - Awareness Training
        Awareness Training
        Train employees on privacy and security requirements through an interactive course library of over 30 topics.
        
        Key Capabilities
        
        Over 30 role-based modules
        
        Available in 30 languages
        
        Standalone or LMS integration
        
        SCORM-compliant courses
        
        Completion metrics reports
        
        Learn More
      - Maturity & Benchmarking
        Maturity & Benchmarking
        Assess the maturity of your privacy program using pre-built templates on a range of governance frameworks.
        
        Key Capabilities
        
        Program maturity level analysis
        
        Dynamic assessments
        
        Intelligent risk flagging
        
        Mitigation recommendations
        
        Executive and board reporting
        
        Learn More
    - View All
  - OneTrust PreferenceChoiceConsent & Preference Software
    - Products
      - Cookie Consent
        Cookie Consent
        Scan your website(s) for tracker technologies; create and deploy a cookie banner and preference center to capture user consent.
        
        Key Capabilities
        
        Deep website scan technology
        
        Auto-categorization of cookies
        
        Banner and preference layouts
        
        Cookie auto-blocking technology
        
        Dynamic cookie policy updates
        
        Ongoing monitoring and reports
        
        Learn More
      - Mobile App Consent
        Mobile App Consent
        Scan mobile apps for tracking technologies and unknown SDKs for visibility into how the app is sharing data with third parties.
        
        Key Capabilities
        
        Third-party tracker and SDK scans
        
        Mobile consent collection
        
        User preference management
        
        Learn More
      - Preference Management
        Preference Management
        Build a dynamic preference center to give users more control over communication preferences and sync across marketing tools.
        
        Key Capabilities
        
        Customizable preference centers
        
        MarTech system integration
        
        Configurable branding options
        
        Learn More
      - Universal Consent
        Universal Consent
        Integrate seamlessly into existing consent collection workflows to capture and centrally store user consent records.
        
        Key Capabilities
        
        Consent lifecycle management
        
        MarTech system integrations
        
        Centralized user consent records
        
        Learn More
      - CMP for Publishers
        CMP for Publishers
        Support for IAB Europe TCF framework, DAA and dozens of other ad tech frameworks with solutions for publishers and advertisers.
        
        Key Capabilities
        
        Consent management provider (CMP)
        
        Publisher-specific consent
        
        Web, mobile and OTT support
        
        User consent record keeping
        
        Learn More
      - OTT App Consent
      - Consent Rate Optimization
    - View All
  - OneTrust GRCIntegrated Risk Management
    - Products
      - IT & Security Risk Management
        IT & Security Risk Management
        Identify and respond to threats and collaborate across data, processes, risks and control owners, internally and across your extended enterprise.
        
        Key Capabilities
        
        Control implementation and testing
        
        Risk scoring methodologies
        
        Control libraries and frameworks
        
        Over 300 pre-built integrations
        
        Learn More
      - Asset & Data Discovery
      - Vendor Risk Management
        Vendor Risk Management
        Manage risk across your extended enterprise and third-party relationships with a complete vendor inventory.
        
        Key Capabilities
        
        Third-party risk management
        
        Vendor risk assessments
        
        Contract management
        
        Learn More
      - Enterprise & Operational Risk
        Enterprise & Operational Risk
        Integrate risk across your business processes to gain real time insights, from digital to enterprise and operational risk.
        
        Key Capabilities
        
        Key risk indicators (KRI) highlights
        
        Multi-dimensional risk view
        
        Operational incident identification
        
        Learn More
      - Audit Management
        Audit Management
        Apply a risk-based approach to audits to recognize the scope of business practices and where proposed measures can be implemented.
        
        Key Capabilities
        
        Summarize and evidence findings
        
        Control strength and design testing
        
        Audit execution and response
        
        Learn More
      - Policy Management
        Policy Management
        Manage policies and corporate procedures in line with business objective and risk management initiatives.
        
        Key Capabilities
        
        Centralized policy register
        
        Link to compliance frameworks
        
        Document lifecycle workflows
        
        Learn More
      - Incident Management
        Incident Management
        Streamline breach investigation, improve incident visibility and strengthen issue management.
        
        Key Capabilities
        
        Data breach detection and response
        
        Self-service incident reporting
        
        Guided stakeholder workflows
        
        Learn More
    - View All
  - OneTrust VendorpediaThird-Party Risk Exchange
    - Products
      - Third Party Risk Exchange
        Third Party Risk Exchange
        A community of pre-completed vendor risk assessments with detailed cybersecurity, privacy, and compliance due diligence data, updated daily
        
        Key Capabilities
        
        Thousands of vendor profiles
        
        Pre-completed assessments
        
        Service and product visibility
        
        Learn More
      - Assessment AutoComplete
        Assessment AutoComplete
        Automatically answer any incoming security, privacy, and due diligence questionnaires: manage all incoming requests for information, build an answer library, and securely share documentation
        
        Key Capabilities
        
        Vendor onboarding automation
        
        Issue and exception management
        
        Audit-ready reports and dashboards
        
        360-degree vendor monitoring
        
        Learn More
    - View All
  - OneTrust EthicsEthics & Compliance Software
    - Products
      - Whistleblower Hotline & Case Management
        Whistleblower Hotline & Case Management
        Empower whistleblowers to report incidents and efficiently manage the investigation workflow across your business.
        
        Key Capabilities
        
        Anonymous incident intake
        
        Case routing and triaging
        
        Configurable workflow builder
        
        Localization to 100 languages
        
        Robust reports and dashboards
        
        Learn More
      - Conflict of Interest & Disclosures
      - Code of Conduct & Policy Management
      - Data Ethics & Risk Management
        Data Ethics & Risk Management
        Leverage flexible and pre-built risk methodologies and assessments to identify, track and mitigate risk.
        
        Key Capabilities
        
        Pre-built risk methodologies
        
        Assessment automation
        
        Risk mitigation workflows
        
        Learn More
      - Third Party Due Diligence
      - Awareness Training
    - View All
  - OneTrust DataGovernanceData Governance Software
    - Products
      - Data Discovery
        Data Discovery
        AI powered data discovery and classification to streamline the discovery process from initial discovery, classification and mapping, to fulfilling privacy rights requests and demonstrating compliance
        
        Key Capabilities
        
        Find data assets and identify systems
        
        Discover, categorize and classify data within identified systems
        
        Correlate data to personal identities
        
        Fulfill privacy rights requests for access, deletion and more
        
        Comply with global regulations, flag risk and demonstrate compliance
        
        Learn More
      - Data Catalog
        Data Catalog
        Automated metadata management to organize, maintain and effectively use data to enable insights and analytics, drive business goals, and demonstrate compliance.
        
        Key Capabilities
        
        Discover and classify assets and metadata
        
        Dynamically populate data dictionary
        
        Document business terms and link to technical definitions
        
        Visualize data flows across systems
        
        Manage and monitor data use with policies and controls
        
        Search and filter data across the enterprise within a single metadata repository
        
        Data Catalog
      - Data Lineage
      - Policy Management
      - Retention Schedules
      - Data Retention & Deletion
      - Data Usage Provisioning
    - View All
  - OneTrust ESGEnvironmental, Social & Governance
Solutions
Customers
Services
Request Demo
Free Trial

Canada Privacy Law Compliance

Comply with PIPEDA and the Newly Proposed CPPA

PIPEDA CPPA Compliance

PIPEDA & CPPA Compliance

Canada’s primary federal privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA) relates to personal information collected, used or disclosed while carrying out commercial activities. On November 17, 2020, the Canadian government proposed new legislation which would reform PIPEDA, most notably by enacting the Consumer Privacy Protection Act (CPPA). The CPPA aims to protect individuals’ personal information and further regulate how organizations collect, use, and disclose personal information. The bill would also introduce the Personal Information and Data Protection Tribunal Act (the Tribunal Act), establishing an administrative tribunal to hear appeals of decisions made by the Office of the Privacy Commissioner of Canada (OPC) and facilitate the issuing of penalties.

OneTrust can help your organization operationalize Canadian Privacy Law compliance with:

PIPEDA-specific assessments, including PIAs and cross-border data transfers
Valid consent collection, documentation and withdrawal across all collection points
Pre-configured cookie banner and preference center templates
Consumer rights automation for data disposal, mobility, and more

Request a demo today to learn more.

Get Started

Why do we ask for your information? The resources we provide on our website contain PreferenceChoice intellectual property related to our products and research. In an effort to protect this IP, we ask for your basic contact details to help us validate your identity before we open access to these resources.

First Name*

Last Name*

Work Email*

Company*

Title (Optional)

Privacy Notice

You can learn more about how we handle your personal data and your rights by reviewing our privacy notice