Concerned about privacy requirements on your website? Looking for an easy way to ensure that your website is buttoned-up?
Not sure what privacy regulations like the California Consumer Privacy Act (CCPA) mean for your business? Check out the questions below to learn more about this groundbreaking regulation, including:
- Does CCPA apply to my business?
- What happens if we’re not in compliance with CCPA?
- How do we get–and remain–compliant to protect our business and our consumers?
What is the California Consumer Privacy Act?
The California Consumer Privacy Act (CCPA) is a privacy law that went into effect in January, 2020. CCPA afforded California residents certain rights with respect to the collection and use of their personal information by businesses, especially as it relates to the sale of such information.In particular, CCPA grants the following rights to California consumers:
Right to access information – Consumers can request that the business disclose all personal information that has been collected and sold, with whom the information has been shared or sold, and for what purpose.
Right to data deletion – Consumers can request that the business delete all personal information it has collected.
Right to opt-out – Consumers can ask the company not to sell any personal information (“sell” is defined very broadly).
Right to equal price and service – When consumers invoke CCPA rights, the business cannot discriminate against the consumer in any way and is required to provide goods/services for the same price/quality.
What constitutes personal information under CCPA?
- Internet browsing information,
- Products purchased or considered for purchase,
- Geolocation data,
- Employment and academic data
- Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers
What happens if my business is not compliant with CCPA?
Per CCPA, your business has 45 days to respond to a “Data Subject Request.” If the DSR is not fulfilled in that period, the consumer can take legal action. Civil penalties range from $2,500 for a non-intentional violation to $7,500 for an intentional violation.
I’m a publisher – do I really need to worry about CCPA compliance?
Many small businesses feel that they are simply too small to attract the attention of regulators, but unfortunately, “hiding in the herd” is no longer an option, as enforcement began on July 1st of 2020. Think of Switchbit’s consent management tool like an insurance policy: You won’t know how badly you needed it until it’s too late. Switchbit checks all the requirement boxes for CCPA for you, removing all barriers to compliance.
My business is not located in California – do I still have to worry about CCPA?
The definition of “business” under CCPA captures even relatively small operations, if they market or sell to California residents. So it’s likely that you’re subject to CCPA, even if you’re not based in California.
Do I need a Consent Management Platform?
Publishers – either directly or indirectly – collect information from consumers to target ads and deliver personalized experiences. Without a consent management platform to help collect consent signals from visitors, publishers can experience revenue cuts, as digital advertising is the major source of revenue for many publishers.
What do I need to do to get compliant?
If you want to be confident your website is compliant, sign up for Switchbit today. Switchbit is a data privacy and consent management platform that helps websites obtain immediate compliance with all global privacy laws (not just CCPA!) Get compliant today and stay that way forever. Sign up now for as low as $30/month. No credit card required.