Guide To Becoming CCPA Compliant
Before we jump into what it takes to become CCPA compliant, let’s first take a moment to discuss what CCPA is.
The California Consumer Privacy Act, otherwise known as CCPA, is a law that protects California residents against businesses mishandling their personal information. The law regulates how personal information is collected, used, shared, sold, and deleted.
California consumers not only know how their information is being accessed, but they have even more control over it. This act encourages users to provide opt-in consent, and even allows them to opt-out of the sale of their information. But even though consumers now have the power to control the spread of their personal information, this act also prohibits brands from discriminating against the users based on their decisions.
The California Consumer Privacy Act went into effect on the first day of the new year, but it is not considered enforceable until July 1st. This means brands and businesses have just over five months to become CCPA compliant.
Who Has to Become CCPA Compliant?
CCPA does not apply to every business, only if they meet one of the following criteria – exceeds 25 million in gross annual revenue, accesses the personal information of over 50,000 consumers, or 50% of annual revenue comes from selling information.
Even if your business does not meet these criteria, that does not mean it never will. So Pink Dog Digital believes it is important for all businesses, big and small, to work towards CCPA compliance.
Provide Notice
Before collecting any personal information, businesses must provide notice. The best way to provide notice is by implementing a banner on your website.
This banner serves to notify all users of the information you are collecting, as well as why you are collecting it. The goal behind this banner notice is transparency, so the information must be easy to understand and in a readable format.
Respond to User Requests to Know
If users have the chance to know how their information is being used, they will most likely take advantage of this right. This means businesses need to be prepared for users to exercise their right to know.
When a user requests to know what personal information you have collected in the past year, their request must be answered within 45 days. Similar to the banner notice, the answer must be easily understood and usable.
Each request must be returned with the following information: categories, pieces, sources, and purposes of the information collected.
Respond to User Requests to Opt-out
In addition to knowing how their information is being used, users also have the right to opt-out before businesses have the chance to sell their data.
In order to be compliant, businesses need to have a data governance policy in place. This will allow you to remove specific information from the data being sold. It will also work to track your data collection and help to better understand your data flow.
If you would like more information about CCPA, need help becoming CCPA compliant, or other digital marketing services contact Pink Dog Digital at (410) 696-3305, email us at info@pinkdogdigital.com, or visit us on the web at www.pinkdogdigital.com.