The California Consumer Privacy Act (CCPA) is a law that helps consumers in California have more awareness and control over the personal information that businesses in the state collect about them. The law was passed to try to help consumers safeguard their privacy because unauthorized disclosure of personal information can have devastating effects on a consumer.
The intent of CCPA is to provide certain rights to consumers regarding their rights to privacy. This includes awareness of what information is being collected, whether it’s being sold and disclosed and to whom, as well as the right to request deletion of their private information or to refuse the sale of it.
Does CCPA Apply to Your Business?
If you have a for-profit business in the state of California, CCPA applies under certain conditions. These conditions include:
- Your gross annual revenue is over $25,000,000
- You collect information from 50,000 or more people through email lists or other sources
- At least half of your annual revenue comes from selling the information of California consumers
While it may appear that this would only apply to large companies, if you act as a vendor to large businesses, you may be required to comply with this law via contract. You’ll also need to pay attention to this law if you design websites for large companies that do need to comply.
Complying with the CCPA
If you need to comply with the CCPA, there are certain steps you need to take to be compliant. These include:
- Hiring a lawyer that specializes in privacy
- Understand what personal information you collect from consumers through comment submission forms, newsletter signups, contact forms and any other forms that collect private information
- Understand and track the sources where you collect personal information, which could be directly from the consumer or through recording of activities through cookies, surveys, tracking pixels or data resellers
- Understand whether you’re disclosing any information to third parties, such as customer relationship management tools or email marketing tools. If so, you’ll need to disclose this information.
- Create a page called “Do Not Sell My Personal Information” which describes the consumer’s right to opt-out and a link to your Privacy Policy, which provides detailed information about your practice regarding the use or sale of personal information.
You’re required to provide consumers a Privacy Notice whenever you’re collecting personal information about them. This is a condensed version of your Privacy Policy which explains what information is collected and what it’s being used for. It must be worded in straightforward, easy-to-understand language and needs to be accessible to consumers with disabilities.
Consequences of Not Complying with the CCPA
CCPA has paved the way for privacy regulations across the country. This regulation is enforced by the California Attorney General and shouldn’t be taken lightly. Failure to comply can result in fines of $2,500 per violation and as much as $7,500 per intentional violation. Per violation refers to the number of people whose rights may have been violated.
If you have concerns about your CCPA compliance, we encourage you to consult an attorney. Contact Softline Solutions today to get the help you need to grow your business and your online presence.
