The California Consumer Privacy Act (CCPA) is a Data Privacy law meant to enhance privacy rights and consumer protection for residents of California, United States.
The CCPA regulates how businesses may collect, share and process personal information (PI) of Californian residents.
The new law, effective of January 1st 2020, is a result of an increased role of personal information in contemporary business practices and the personal privacy implications surrounding the collection and processing (use of) consumers’ personal information.
Failure to comply with the CCPA may result in penalties of up to $7500 for each violation and $750 for each affected user in civil damages.
The CCPA requires you to inform your users (consumers) at the point of - or before - the collection of their personal information.
Your users have the right to request access to the personal information your business stores about them.
As a business, you are required to provide the necessary information collected.
Your users have the right to opt-out of the sale of their personal information (also to a third party).
Your users can request to have their personal information deleted. If they do, you must meet their request.
Personal information, under the CCPA is: name, postal address, email address, account name, driver’s license number, passport number, and other data that can identify your user.
If one of your users (consumer) requests access to their personal information, you are required to provide a detailed record for the past 12 months (at the time of the request).
Contrary to the General Data Protection Regulation, which is a European law that focuses mainly on complete privacy of the user of a website by default, the CCPA is more based on the idea of transparency and being able to opt-out.
The CCPA also needs to be informative about the data transfers and previously sold user-information from the past 12 months.
Get a 30-day free trial to Cookie Information’s CCPA consent solution to comply with the California Consumer Privacy Act.