CALIFORNIA CONSUMER PRIVACY ACT (CCPA)
What is ccpa?
The California Consumer Privacy Act (CCPA) went into effect on January 1st, 2020 and creates new consumer rights relating to the access to, deletion of, and sharing of personal information that is collected by businesses.
This new regulation changes how personal data of California residents are processed and requires companies that conduct business in California to implement structural changes to their privacy programs. Your business could be based anywhere from Fresno to France - as long as your services are accessible in California, you could be covered by the CCPA and have to comply with the requirements.
The CCPA went into effect January 1, 2020.
Who needs to comply?
The CCPA will apply to for-profit businesses that collect and control California residents' personal information, do business in the state of California, and meet at least one of the following thresholds:
Has annual gross revenues of at least $25 million per year,
Annually buys, sells, receives, or shares personal information from at least 50,000 consumers, households, or devices, or
Make 50% or greater annual revenue from selling California residents' personal information
Non-profits, smaller companies that don't meet the revenue thresholds, and/or those that don't traffic in large amounts of personal information from California residents, and don't share a brand with an affiliate that's covered by the CCPA do not have to comply.
CCPA is Closely Aligned with the GDPR
Companies that store personal information — including major players like Google and Facebook — will be required to disclose the types of data they collect, as well as allow consumers to opt out of having their data sold.
Organizations will need to observe restrictions on data monetization business models, accommodate rights to access, deletion, and porting of personal data, update their privacy policies or face possible financial penalties including liquidated damages.
Clarus Tech Partners keeps up to data on the latest regulations and their office in San Diego, California has been in operation since 2007.
The Clarus team knows cybersecurity and compliance and can help your organization understand and prepare for the California Consumer Privacy Act.