+

Download UCPA checklist

Consentmo is dedicated to protecting and respecting your privacy. We will only use your personal information to respond to inquiries, provide requested materials, or share updates and services that we believe may interest you.

You can manage your privacy preferences or opt-out at any time. For more details on how to unsubscribe, our privacy practices, and our commitment to safeguarding your privacy, please refer to the Consentmo Privacy Policy.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
TIPA Header Title.

What is TIPA?

The Tennessee Information Protection Act (TIPA) is a comprehensive data privacy law designed to protect the personal information of Tennessee residents. Enacted in 2023, TIPA imposes obligations on businesses that collect, process, or share consumer data, ensuring greater transparency and security. Effective Date: July 1, 2025 (with a 1-year grace period for compliance).

Who needs to comply with TIPA?

TIPA applies to businesses that:
- Operate in Tennessee or target Tennessee residents, ANDExceed $25 million in annual revenue, OR
- Process personal data of at least 175,000 consumers annually, OR
- Derive 50%+ of revenue from selling personal data (with some exemptions).

Certain entities, such as healthcare providers already compliant with HIPAA or financial institutions under GLBA, may have exemptions or modified requirements.

Become TIPA Compliant – Protect Your Business
Tennessee state.
graphic of a white magnifying glass against a blue background

Key requirements under TIPA

To comply with TIPA, businesses must:
Provide Clear Privacy Notices
– Disclose data collection practices, purposes, and third-party sharing.Implement Reasonable Security Measures
– Safeguard personal data against breaches.
Honor Consumer Rights
– Allow Tennessee residents to: Access their personal data.
– Correct inaccuracies.
– Request deletion (with exceptions).
– Opt out of data sales or targeted advertising.
Conduct Data Protection Assessments (DPAs)
– For high-risk processing activities.
Avoid Discrimination
– Businesses cannot penalize users for exercising their privacy rights.

How to Achieve TIPA Compliance

1. Audit Your Data Practices – Identify what personal data you collect and how it’s used.
2. Update Privacy Policies – Ensure they align with TIPA’s disclosure requirements.
3. Establish Data Subject Request Processes – Enable consumers to exercise their rights.
4. Train Employees – Educate staff on TIPA obligations and data security best practices.
5. Work with Legal & Compliance Experts – Ensure full adherence to the law.

graphic of a building in white against a blue background
white sheet of paper graphic against a blue background with shield in front of it

Penalties for Non-Compliance

Violations of TIPA may result in:
- Civil penalties (up to $7,500 per violation).
- Enforcement actions by the Tennessee Attorney General.
- Potential lawsuits if a breach occurs due to negligence.

Get the UCPA checklist for Free

Improve the effectiveness of your compliance strategy now.

Download checklist
graphic of a white notepad page against a black background

Frequently Asked Questions

What rights does TIPA give consumers?

Tennessee residents can:
Access their personal data held by a business.
Correct inaccurate data.
Delete their data (with some exceptions).
Opt out of: Sale of personal data; Targeted advertising; Profiling for significant decisionsHow do consumers submit data requests? Businesses must provide at least two methods (e.g., webform, toll-free number, email) for consumers to exercise their rights.

Who is exempt from TIPA?

Certain entities are exempt, including:
- Government agencies
- NonprofitsHigher education institutions
- HIPAA-covered entities (healthcare providers)
- Financial institutions under GLBA
- Businesses already complying with COPPA (Children’s Online Privacy Protection Act).

What steps should businesses take to comply?

Data Mapping – Identify what personal data you collect.
Update Privacy Policies – Disclose practices per TIPA.
Implement Request Mechanisms – Allow consumers to access/delete data.
Train Staff – Ensure employees understand compliance.
Conduct Risk Assessments – For high-risk processing.

Shopify merchants can streamline compliance by leveraging tools like Consentmo, which offers automated solutions for managing cookie consent, generating privacy notices, and processing data subject requests.

Become TIPA Compliant

Join the masses in relying on Consentmo for top-notch privacy protection

View demoStart for FREE
Is your site compliant?
Subscribe to get our monthly newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get Started
FeaturesPricing
Regulations
GDPR (EU)CCPA (California)US State Laws (All)PIPEDA (Canada)LGPD (Brazil)APPI (Japan)PDPA (Thailand)POPIA (South Africa)APA (Australia)NZPA (New Zealand)
Resources
BlogeBooksKnowledge BaseCookie ScannerAdaptive Mobile Experience
Comparison
Consentmo vs.
Shopify Consentmo vs. PandectesConsentmo vs.
Avada
Compliance
Google Consent Mode v2Google CMP & IAB TCFGlobal Privacy ControlShopify Customer Privacy
Company
About us
FAQs
Contact
Legal
Terms of ServicePrivacy PolicySupport Policy
UET consent mode microsoft logo
Shopify app storeShopify app store
Facebook social iconTwitter social iconLinkedIn social iconInstagram social iconYouTube social iconTikTok social icon
© 2025 Consentmo. All Rights Reserved.

The information on the Consentmo website, platform, or services, as well as any part thereof, does not constitute actual legal or regulatory advice, opinion, or recommendation. Consentmo is committed to providing tools to aid in compliance but is not a law firm. For legal advice, users should consult with a qualified attorney.
Subscribe to get our monthly newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get Started
FeaturesPricingBlack Friday Offer⚡
Regulations
GDPR (EU)CCPA (California)US State Laws (All)LGPD (Brazil)PIPEDA (Canada)APPI (Japan)PDPA (Thailand)POPIA (South Africa)APA (Australia)NZPA (New Zealand)
Resources
BlogeBooksKnowledge baseCookie ScannerAdaptive Mobile Experience
Comparison
Consentmo vs. Shopify Consentmo vs. PandectesConsentmo vs. Avada
Compliance
Google Consent Mode v2Google CMP & IAB TCFGlobal Privacy ControlShopify Customer Privacy
Company
About us
FAQs
Contact
Legal
Terms of ServicePrivacy PolicySupport Policy
Shopify app storeShopify app storeShopify partners
Shopify app storeShopify app store
Facebook social iconTwitter social iconLinkedIn social iconInstagram social iconYouTube social iconTikTok social icon
© 2025 Consentmo. All Rights Reserved.

The information on the Consentmo website, platform, or services, as well as any part thereof, does not constitute actual legal or regulatory advice, opinion, or recommendation. Consentmo is committed to providing tools to aid in compliance but is not a law firm. For legal advice, users should consult with a qualified attorney.