Commuter with road racing bicycle and Golden Gate Bridge

Companies with a significant online presence — particularly e-commerce businesses — have been operating under the scrutiny of GDPR oversight since May of 2018. The General Data Protection Regulation is enforced by all European Union (EU) countries to protect citizens’ personal data, which gets collected by any company conducting business in the EU.

Under the terms of GDPR, says ZDNet , “Organizations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it are obliged to protect it from misuse and exploitation, as well as to respect the rights of data owners — or face penalties for not doing so.”

Have Online Customers in California? Meet the CCPA

A lesser-known, but equally important, sweeping data privacy regulation is the California Consumer Privacy Act or CCPA. The act was announced in 2018, but won’t technically be regulated until January 2020. It applies to all companies that:

And meets at least one of the following metrics:

California residents covered under CCPA have the right to:

Additionally, the CCPA defines personal information as:

What does CCPA Compliance Mean for U.S. Companies?

We think the first thing to know about CCPA is that your firm’s compliance with GDPR doesn’t automatically mean you comply with CCPA’s stipulations. And you don’t want to get this wrong; California’s law comes with a big stick. For every violation, expect a $7,500 fine and a civil case against your company.

However, if you DO meet all the GDPR requirements, you’ll also conform to some CCPA requirements. Keep in mind, if you collect and process users’ personal information, ensure your privacy policy includes but is not limited to the following:

Finally, to comply with California’s consumer privacy law, you’ll need to follow and regularly update these five general guidelines:

  1. Update your privacy policy with information on how, why and what personal information you collect and process.
  2. Update your privacy policy with information on how your users can request access, change, or erasure of the data that you have collected.
  3. Introduce a method for verification of the identity of the person making such requests
  4. Introduce a “Do Not Sell My Personal Information” link on your home page. If your users click the link, it means you can’t sell the users’ data to a third-party. According to Computer Services, Inc. , this must be a “clear and conspicuous statement that is linked to a page that allows consumers to opt-out of having their personal information sold.”
  5. Obtain prior consent from minors 13-16 years old before selling their data. For children younger than 13 you must obtain prior permission from their parents

For more detail regarding CCPA privacy policies, read this short article by California-based law firm KirkPatrickPrice .

Start Planning Now

Like any business compliance challenge, preparing your company to comply with the CCPA when it’s official in January 2020 will take considerable planning across multiple functions — IT, operations, sales and marketing, and finance. Use the lists above to help get you started. Experts predict that California is just the first state that’ll lead to an avalanche of others demanding similar consumer protection.

It may be centuries-old advice, but Benjamin Franklin’s homespun wisdom still holds sway today: “By failing to prepare, you’re preparing to fail.”

If you’re looking for a partner to help you navigate CCPA, GDPR and other coming-soon data privacy regulations, let’s talk.

28加拿大大小冷热走势 电竞go比赛手机版v5.9 IOS版(电竞go下注手游) 英雄联盟竞猜最新版在线网址 加拿大28开奖168官网 战雄电竞数据统计手机版 加拿大28开奖在线直播