State privacy overview

Ohio Data Privacy: A Plain-Language Overview

Informational summary · Ohio Personal Privacy Act
General information — not legal advice. This overview is provided for general educational purposes only and may not reflect the most recent changes in the law. It is not legal advice and does not create any attorney–client relationship. Verify current requirements with the state's official resources and consult qualified counsel before acting.

Ohio Personal Privacy Act

Status: Effective as of 2026; full compliance required.

Ohio has enacted a comprehensive data privacy law that regulates the collection and processing of personal data. It establishes guardrails for how businesses handle consumer information and grants residents specific rights over their data.

Rights residents generally have

Who it generally applies to

Generally applies to for-profit entities that conduct business in Ohio or target Ohio residents and meet specific thresholds, such as controlling or processing the data of over 100,000 consumers (excluding data processed solely for payment transactions), or deriving over 25% of gross revenue from the sale of personal data while processing data of at least 25,000 consumers.

What this means for B2B outreach

The law typically applies only to personal data of 'natural persons,' meaning it generally excludes data about individuals acting in their employment or business capacity. Standard business-to-business contact info and commercial email are largely outside the scope of consumer privacy requirements.

Authoritative source: Ohio Attorney General. Always confirm current requirements there.

Marketing that respects privacy by design

We run permission-based, compliance-minded campaigns with real opt-out handling.

Talk to us

← All state privacy overviews