enactedUS-TXEffective July 1, 2024

Texas Data Privacy and Security Act (TDPSA)

Complete compliance guide for companies with <200 employees. Everything you need to know about TDPSA requirements, deadlines, and penalties.

DSAR Deadline

45 calendar days

+ 45 days extension

Max Penalty

$7,500/violation

Threshold

No threshold

Est. Cost

$5,000 – $18,000

4-12 weeks

Mid-Market Compliance Guide

Unlike CCPA, TDPSA has no revenue threshold — it applies to any entity conducting business in Texas that processes personal data, unless classified as a small business under SBA standards. This makes it one of the broadest US state privacy laws.

Key Requirements

Provide privacy notice
Obtain consent for sensitive data
Honor consumer rights requests within 45 days
Conduct data protection assessments
Implement reasonable data security

Enforced by: Texas Attorney General

Consumer Rights

Right to Know

Right to Delete

Right to Correct

Right to Data Portability

Right to Opt-Out of Sale/Targeted Advertising/Profiling

Business Obligations

1.Privacy notice with clear disclosure
2.Data protection assessments for high-risk processing
3.Reasonable security practices
4.Processor contracts required
5.No dark patterns in consent

Exemptions

•SBA-defined small businesses
•HIPAA-covered entities
•GLBA-covered financial institutions
•Nonprofits
•Higher education institutions

Related Privacy Laws

CCPA/CPRA

US-CA

California Consumer Privacy Act

Recommended Compliance Tools

OneTrust

Enterprise privacy management platform

TDPSA compliance templates and consent management

Osano

Easy-to-use privacy compliance for mid-market companies

TDPSA compliance templates and consent

DataGrail

DSAR automation platform that connects directly to your data systems

TDPSA consumer rights automation

Ketch

Programmatic privacy platform for responsible data use

TDPSA consent compliance

Browse all compliance tools

Get a mid-market compliance checklist for TDPSA

We'll send you a practical, step-by-step checklist tailored for companies with <200 employees. No spam, unsubscribe anytime.

See how DPAs enforce TDPSA in practice

Real fines, real violations, real lessons. Browse our enforcement database to understand what gets penalized under TDPSA.

Browse Enforcement Actions Calculate your DSAR deadline

Disclaimer: This is general information, not legal advice. Consult a qualified attorney for your specific situation. Laws and regulations may change. Last reviewed: 3/27/2026.