Your Rights as a Delaware Resident

The Delaware Personal Data Privacy Act grants you comprehensive rights over your personal information. These rights are designed to give you control over how businesses collect, use, and share your data[9][10].

• Right to know what data is collected: You can confirm whether a business is processing your personal data and access that information, unless it would reveal trade secrets[9][10][11]
• Right to delete personal information: You can request that businesses delete personal data they have collected about you, whether obtained directly from you or from other sources[9][10][11]
• Right to opt out of data sales: You can decline having your personal information sold to third parties, used for targeted advertising, or used for certain types of automated decision-making and profiling[9][5][10]
• Right to correct inaccurate data: You can request businesses to fix any errors or inaccuracies in the personal information they maintain about you[9][10][11]
• Right to data portability: You can obtain a copy of your personal data in a portable and readily usable format[9][5][11]
• Right to know about data sharing: You can request a list of categories of third parties with whom your personal data has been shared[9][5][12]
• Right to non-discrimination: Businesses cannot discriminate against you for exercising any of these privacy rights[9][10][13]

Special protections exist for minors under 18, requiring parental consent for children under 13 and direct consent for teens aged 13-17 before their data can be sold or used for targeted advertising[5][3][6][13].

Business Requirements

The Delaware Personal Data Privacy Act applies to businesses that conduct business in Delaware or target Delaware residents and meet specific data processing thresholds[1][2][5].

• Coverage thresholds: Businesses must comply if they process personal data of 35,000 or more Delaware residents (excluding payment transactions only) OR process data of 10,000 or more residents while deriving over 20% of revenue from data sales[1][2][5]
• Privacy notice requirements: Companies must provide clear, accessible privacy policies explaining what data they collect, why they collect it, how it’s used, and how consumers can exercise their rights[10][11][14]
• Consumer request procedures: Businesses have 45 days to respond to consumer requests and must provide instructions for appealing decisions if they decline to take action[9][10]
• Consent requirements: Companies must obtain explicit consent before processing sensitive data like health information, racial or ethnic origin, religious beliefs, sexual orientation, or precise location data[9][6][10]
• Security measures: Organizations must implement appropriate safeguards to protect personal data and ensure data minimization practices[9][11]
• Data protection assessments: Regular assessments are required for businesses processing large amounts of consumer data[8][11][15]

Practical Impact

• Enhanced control over personal information: Delaware residents can now actively manage how their personal data is collected, used, and shared by businesses, giving them unprecedented control in the digital marketplace[3][13]
• Protection for children: The law provides stronger safeguards for minors, requiring parental involvement for children under 13 and direct consent for teenagers before their data can be sold or used for targeted advertising[3][13][7]
• Violation reporting process: If your privacy rights are violated, you can file a complaint with the Delaware Department of Justice at privacy@delaware.gov or through their online portal[3][16][10]
• No private lawsuits: Unlike some other state privacy laws, Delaware residents cannot sue companies directly for privacy violations – enforcement is handled exclusively by the state Attorney General[2][8][11]
• Business compliance challenges: The law’s relatively low threshold of 35,000 consumers means many smaller businesses operating in Delaware may need to comply, potentially affecting service availability or pricing[5][12][17]

Comparison Context

• Lower business thresholds: Delaware’s 35,000 consumer threshold is the lowest among all state privacy laws, making it more inclusive than California’s CCPA (100,000+ consumers) or Montana’s law (50,000+ consumers)[12][17]
• Broader organizational scope: Unlike most other state laws, Delaware includes nonprofits and higher education institutions, providing more comprehensive coverage than states like California or Virginia[1][5]
• Enforcement limitations: Delaware residents cannot pursue private legal action for privacy violations, unlike California residents who can seek damages of $100-750 per incident under the CCPA[17][11]
• Regional leadership: Delaware Attorney General Kathy Jennings stated that “Delaware now leads the region on data privacy,” positioning the state ahead of neighboring jurisdictions without comprehensive privacy laws[3][7]
• Similar consumer rights: Delaware provides the same core privacy rights as other leading states, including California, Colorado, and Virginia, ensuring consistent protection standards[9][5][17]

Action Steps for Residents

• Review business privacy policies: Check the privacy notices of websites, apps, and services you use to understand your rights and how to exercise them[10][13][7]
• Exercise your opt-out rights: Contact businesses directly to opt out of data sales, targeted advertising, or automated decision-making if you don’t want these uses of your information[10][13]
• Monitor your data: Regularly request access to your personal information from major platforms and services to see what data they have collected about you[10][11]
• Protect children’s privacy: Parents should actively review and manage consent for their children’s online activities, especially for social media and gaming platforms[3][10][13]
• Report violations: If a business fails to respond to your privacy requests or violates your rights, file a complaint with the Delaware Department of Justice through privacy@delaware.gov[3][16][10]
• Stay informed: Visit privacy.delaware.gov for updates on privacy rights and enforcement actions as the law is implemented[3][16]

Official Resources and Contact Information

Delaware Department of Justice – Privacy Enforcement

The Delaware Department of Justice’s Fraud & Consumer Protection Division enforces the Personal Data Privacy Act and handles consumer complaints about privacy violations[3][16].

Email: privacy@delaware.gov
Website: https://attorneygeneral.delaware.gov/fraud/personal-data-privacy-portal/
Phone: (302) 683-8800 (Fraud & Consumer Protection)
Address: Delaware Department of Justice, Carvel State Building, 820 N. French St., Wilmington, DE 19801

Delaware General Assembly

Contact your state legislators about privacy issues or future legislation through the Delaware General Assembly website[18][19].

Website: https://legis.delaware.gov
Find Your Legislator: https://legis.delaware.gov/Offices/ConstituentAssistance
Phone: (302) 744-4114
Email: DGA_Reception@delaware.gov
Address: Legislative Hall, 411 Legislative Avenue, Dover, DE 19901

Consumer Protection and Privacy Information

Access official resources and educational materials about data privacy rights and protection[16][10].

Delaware Privacy Portal: https://attorneygeneral.delaware.gov/fraud/personal-data-privacy-portal/
Consumer Protection: https://attorneygeneral.delaware.gov/fraud/personal-data-privacy-portal/consumer/

Data Security Breach Reporting

Report data security breaches affecting Delaware residents to the Attorney General’s office[20].

Breach Information: https://attorneygeneral.delaware.gov/fraud/cpu/securitybreachnotification/

Sources and Citations

Last Updated August 2025. Written with contributions from both human authors and Perplexity AI. If you find incorrect or outdated information let us know at support@optery.com.