BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//RegulatoryBridge//Regulatory Calendar//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:RegulatoryBridge - Global Regulatory Calendar
X-WR-CALDESC:Major deadlines and milestones across GDPR, CCPA, DPDPA, LGPD, UK GDPR, APPI, PDPA, EU AI Act, DORA, NIS2 and more.
X-WR-TIMEZONE:UTC
REFRESH-INTERVAL;VALUE=DURATION:P1D
X-PUBLISHED-TTL:P1D
BEGIN:VEVENT
UID:ai-act-prohibitions-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250202
SUMMARY:EU AI Act - Prohibited AI practices apply
DESCRIPTION:Article 5 prohibitions (manipulative\, social scoring\, real-
 time biometric ID in public spaces) become enforceable.\n\nJurisdiction: 
 EU\nFramework: EU AI Act\nSeverity: milestone\n\nMore: https://regulatory
 bridge.com/resources/regulatory-calendar
CATEGORIES:EU AI Act,EU,milestone
URL:https://artificialintelligenceact.eu
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:ai-act-gpai-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250802
SUMMARY:EU AI Act - GPAI rules apply
DESCRIPTION:Rules for general-purpose AI models (GPAI)\, governance\, and
  penalties take effect.\n\nJurisdiction: EU\nFramework: EU AI Act\nSeveri
 ty: milestone\n\nMore: https://regulatorybridge.com/resources/regulatory-
 calendar
CATEGORIES:EU AI Act,EU,milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:dpdp-rules-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250103
SUMMARY:India DPDP Rules 2025 (G.S.R. 846(E)) notified
DESCRIPTION:Operative rules under the DPDP Act 2023: consent\, notice\, s
 ecurity\, breach notification\, Data Protection Board procedures.\n\nJuri
 sdiction: India\nFramework: DPDPA\nSeverity: milestone\n\nMore: https://r
 egulatorybridge.com/resources/regulatory-calendar
CATEGORIES:DPDPA,India,milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:ccpa-cppa-regs-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250701
SUMMARY:CPPA additional regulations effective
DESCRIPTION:California Privacy Protection Agency's expanded regulations o
 n automated decision-making\, risk assessments\, and cybersecurity audits
 .\n\nJurisdiction: California (US)\nFramework: CCPA / CPRA\nSeverity: mil
 estone\n\nMore: https://regulatorybridge.com/resources/regulatory-calenda
 r
CATEGORIES:CCPA / CPRA,California (US),milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:dora-effective-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250117
SUMMARY:EU DORA effective
DESCRIPTION:Digital Operational Resilience Act applies to financial entit
 ies and their critical ICT third-party providers.\n\nJurisdiction: EU\nFr
 amework: DORA\nSeverity: milestone\n\nMore: https://regulatorybridge.com/
 resources/regulatory-calendar
CATEGORIES:DORA,EU,milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:nis2-implementation-2024@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20241017
SUMMARY:NIS2 transposition deadline
DESCRIPTION:Member States required to transpose NIS2 into national law - 
 essential/important entity registration obligations apply.\n\nJurisdictio
 n: EU\nFramework: NIS2\nSeverity: deadline\n\nMore: https://regulatorybri
 dge.com/resources/regulatory-calendar
CATEGORIES:NIS2,EU,deadline
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:duaa-uk-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250619
SUMMARY:UK Data (Use and Access) Act 2025
DESCRIPTION:Data (Use and Access) Act receives Royal Assent - reforms to 
 UK data protection including DPDI provisions.\n\nJurisdiction: United Kin
 gdom\nFramework: UK GDPR / DPA 2018\nSeverity: milestone\n\nMore: https:/
 /regulatorybridge.com/resources/regulatory-calendar
CATEGORIES:UK GDPR / DPA 2018,United Kingdom,milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:edpb-guidelines-tia-2024@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20240604
SUMMARY:EDPB Guidelines on Transfer Impact Assessments
DESCRIPTION:European Data Protection Board updates TIA methodology post S
 chrems II/DPF.\n\nJurisdiction: EU\nFramework: GDPR\nSeverity: guidance\n
 \nMore: https://regulatorybridge.com/resources/regulatory-calendar
CATEGORIES:GDPR,EU,guidance
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:minnesota-cdpa-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250731
SUMMARY:Minnesota Consumer Data Privacy Act effective
DESCRIPTION:Minnesota becomes the next US state with comprehensive privac
 y law in force.\n\nJurisdiction: Minnesota (US)\nFramework: MCDPA\nSeveri
 ty: milestone\n\nMore: https://regulatorybridge.com/resources/regulatory-
 calendar
CATEGORIES:MCDPA,Minnesota (US),milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:tennessee-tipa-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250701
SUMMARY:Tennessee Information Protection Act effective
DESCRIPTION:Tennessee comprehensive privacy law in force.\n\nJurisdiction
 : Tennessee (US)\nFramework: TIPA\nSeverity: milestone\n\nMore: https://r
 egulatorybridge.com/resources/regulatory-calendar
CATEGORIES:TIPA,Tennessee (US),milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:delaware-dpdpa-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250101
SUMMARY:Delaware Personal Data Privacy Act effective
DESCRIPTION:Delaware joins the patchwork of US state privacy laws.\n\nJur
 isdiction: Delaware (US)\nFramework: DPDPA-DE\nSeverity: milestone\n\nMor
 e: https://regulatorybridge.com/resources/regulatory-calendar
CATEGORIES:DPDPA-DE,Delaware (US),milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:iowa-icdpa-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250101
SUMMARY:Iowa Consumer Data Protection Act effective
DESCRIPTION:Iowa privacy law in force - opt-out for sale\, plain DSAR pro
 cedure.\n\nJurisdiction: Iowa (US)\nFramework: ICDPA\nSeverity: milestone
 \n\nMore: https://regulatorybridge.com/resources/regulatory-calendar
CATEGORIES:ICDPA,Iowa (US),milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:nh-nhpa-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250101
SUMMARY:New Hampshire Privacy Act effective
DESCRIPTION:New Hampshire comprehensive privacy law in force.\n\nJurisdic
 tion: New Hampshire (US)\nFramework: NHPA\nSeverity: milestone\n\nMore: h
 ttps://regulatorybridge.com/resources/regulatory-calendar
CATEGORIES:NHPA,New Hampshire (US),milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:nj-njdpa-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250115
SUMMARY:New Jersey Data Privacy Act effective
DESCRIPTION:New Jersey state privacy law applies - universal opt-out\, se
 nsitive data protections.\n\nJurisdiction: New Jersey (US)\nFramework: NJ
 DPA\nSeverity: milestone\n\nMore: https://regulatorybridge.com/resources/
 regulatory-calendar
CATEGORIES:NJDPA,New Jersey (US),milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:ai-act-high-risk-2026@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20260802
SUMMARY:EU AI Act - High-risk system obligations apply
DESCRIPTION:Annex III high-risk AI systems must comply with conformity as
 sessment\, FRIA\, post-market monitoring.\n\nJurisdiction: EU\nFramework:
  EU AI Act\nSeverity: deadline\n\nMore: https://regulatorybridge.com/reso
 urces/regulatory-calendar
CATEGORIES:EU AI Act,EU,deadline
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:switzerland-fadp-amends-2026@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20260901
SUMMARY:Switzerland revFADP Implementation Review
DESCRIPTION:Federal Council reviews revised FADP after 2 years of operati
 on.\n\nJurisdiction: Switzerland\nFramework: revFADP\nSeverity: guidance\
 n\nMore: https://regulatorybridge.com/resources/regulatory-calendar
CATEGORIES:revFADP,Switzerland,guidance
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:uk-cma-dmcc-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250406
SUMMARY:UK Digital Markets\, Competition and Consumers Act in force
DESCRIPTION:Digital Markets\, Competition and Consumers Act 2024 takes su
 bstantive effect.\n\nJurisdiction: United Kingdom\nFramework: DMCC\nSever
 ity: milestone\n\nMore: https://regulatorybridge.com/resources/regulatory
 -calendar
CATEGORIES:DMCC,United Kingdom,milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:fr-dlcpd-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250101
SUMMARY:France LCEN enforcement reforms
DESCRIPTION:CNIL announces priority on cookie compliance and dark-pattern
  enforcement.\n\nJurisdiction: France\nFramework: LCEN / GDPR\nSeverity: 
 guidance\n\nMore: https://regulatorybridge.com/resources/regulatory-calen
 dar
CATEGORIES:LCEN / GDPR,France,guidance
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:anpd-sandbox-2025@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20250901
SUMMARY:ANPD regulatory sandbox launch
DESCRIPTION:ANPD opens its regulatory sandbox for AI + privacy use cases.
 \n\nJurisdiction: Brazil\nFramework: LGPD\nSeverity: milestone\n\nMore: h
 ttps://regulatorybridge.com/resources/regulatory-calendar
CATEGORIES:LGPD,Brazil,milestone
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:appi-amend-review-2026@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20260401
SUMMARY:Japan APPI 3-year review cycle
DESCRIPTION:Statutory review of APPI begins (every 3 years per Article 6)
 .\n\nJurisdiction: Japan\nFramework: APPI\nSeverity: guidance\n\nMore: ht
 tps://regulatorybridge.com/resources/regulatory-calendar
CATEGORIES:APPI,Japan,guidance
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:cra-reporting-2026@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20260911
SUMMARY:EU Cyber Resilience Act - reporting obligations apply
DESCRIPTION:Manufacturers' obligations to report actively exploited vulne
 rabilities and severe incidents to ENISA/CSIRTs become applicable (Articl
 e 14).\n\nJurisdiction: EU\nFramework: Cyber Resilience Act\nSeverity: de
 adline\n\nMore: https://regulatorybridge.com/resources/regulatory-calenda
 r
CATEGORIES:Cyber Resilience Act,EU,deadline
URL:https://digital-strategy.ec.europa.eu/en/policies/cyber-resilience-act
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:data-act-switching-2027@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20270112
SUMMARY:EU Data Act - cloud switching charges abolished
DESCRIPTION:Providers of data processing services may no longer impose sw
 itching charges for moving between cloud/edge services (Article 29).\n\nJ
 urisdiction: EU\nFramework: EU Data Act\nSeverity: deadline\n\nMore: http
 s://regulatorybridge.com/resources/regulatory-calendar
CATEGORIES:EU Data Act,EU,deadline
URL:https://regulatorybridge.com/resources/regulatory-calendar
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:ai-act-full-application-2027@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20270802
SUMMARY:EU AI Act - full application (remaining provisions)
DESCRIPTION:Final application milestone: obligations for high-risk AI sys
 tems that are safety components of products under Annex I sectoral legisl
 ation take effect (Article 113).\n\nJurisdiction: EU\nFramework: EU AI Ac
 t\nSeverity: deadline\n\nMore: https://regulatorybridge.com/resources/reg
 ulatory-calendar
CATEGORIES:EU AI Act,EU,deadline
URL:https://artificialintelligenceact.eu
TRANSP:TRANSPARENT
END:VEVENT
BEGIN:VEVENT
UID:cra-main-2027@regulatorybridge.com
DTSTAMP:20260706T170820Z
DTSTART;VALUE=DATE:20271211
SUMMARY:EU Cyber Resilience Act - main obligations apply
DESCRIPTION:Full essential cybersecurity requirements and CE-marking conf
 ormity obligations for products with digital elements become applicable.\
 n\nJurisdiction: EU\nFramework: Cyber Resilience Act\nSeverity: deadline\
 n\nMore: https://regulatorybridge.com/resources/regulatory-calendar
CATEGORIES:Cyber Resilience Act,EU,deadline
URL:https://digital-strategy.ec.europa.eu/en/policies/cyber-resilience-act
TRANSP:TRANSPARENT
END:VEVENT
END:VCALENDAR