The "Personal Data Privacy Act" is a proposed legislation in Michigan designed to enhance consumer privacy rights by establishing comprehensive regulations on the collection, processing, sale, sharing, and retention of personal data. The bill mandates that entities provide clear notices to consumers about their data practices and introduces a universal opt-out mechanism. It also sets standards for data handling, requires data brokers to register with the attorney general, and outlines the responsibilities of state officials in enforcing these regulations. Key definitions are established, and the act applies to businesses that handle significant amounts of personal data while exempting certain entities like state agencies and educational institutions.

The bill emphasizes consumer rights, allowing individuals to confirm data processing, correct inaccuracies, delete personal data, and opt out of targeted advertising. It mandates that controllers provide secure means for consumers to exercise these rights and respond to requests promptly. Additionally, the legislation prohibits the retention of personal data longer than necessary and requires clear privacy notices detailing data processing practices. Notably, it introduces new regulations for data brokers, including registration requirements and the prohibition of geofencing near mental health and reproductive health facilities. The attorney general is empowered to enforce compliance, impose civil fines, and manage funds to support the act's enforcement.