The California Consumer Privacy Act (CCPA) is the first consumer data privacy law in the United States.
Amended by the California Privacy Rights Act in 2020, the state of California now has some of the strongest privacy rules in the country. Armed with powerful features from RecordPoint, companies can operate with confidence, knowing they’re compliant with these critical laws.
The California Consumer Privacy Act (CCPA) took effect on January 1, 2020. It's the first consumer data privacy law in the United States in the style of the EU's General Data Protection Regulation. The act is meant to give California residents more control over the information that businesses collect about them.
It applies to businesses that operate in California and do at least one of the following:
Under the CCPA, consumers have a number of rights akin to those under the GDPR. These rights include:
The California Privacy Rights Act (CPRA) came into effect on January 1, 2023, and added new protections to the CCPA. With the additions, consumers now also have:
These new additions to the CCPA create a more complex regulatory environment for businesses, but aligning with the regulations of the CCPA is necessary. Enterprises seeking to do so need to understand how.
When complying with the CCPA, there are specific requirements. These include:
When collecting information about a California consumer, you have to inform them of your intentions right when it's collected. This means that some proactive message needs to be displayed when collecting information.
Consumers have the right to ask for the information you've collected in a readily usable format. You can't charge for this, and have to provide it within 45 days from the date of the request. Covered consumers should also have ready access to your full privacy policy.
You have to inform consumers where they can find your privacy policy and information about CCPA compliance efforts. You'll need to provide a toll-free telephone number and online contact details should they decide to contact you to exercise any CCPA-related rights.
If a consumer requests that you delete any personal data and information, you’re legally mandated to do so under the CCPA. There are narrow exceptions in cases where you need the information to fulfill some form of legal obligation that outweighs any obligation to consumers.
If you're intending to sell visitors' personal data, you have to give them the opportunity to opt-out. You’re required to have a webpage that clearly presents an opt-out option, preferably with a link to your privacy policy page. They must also be able to opt-out of data usage for future marketing efforts.
In no way, shape, or form can you discriminate or treat users differently based on whether or not they exercise their CCPA rights. You must provide the same level of access and service to all consumers regardless of which rights they exercise.
You must update your privacy policy every 12 months. The annual update can let customers know whether you're selling information or whether you've made any changes.
Businesses who collect and process the information of California consumers need to comply with these rules. In order to do that, they most often need a solution that can ensure they know where their data is and can track it throughout their organization.
RecordPoint is designed with key features designed to assist with CCPA compliance. These features include:
Proactively dispose of data you don’t need with custom retention policies that make minimization effortless.
Use AI to classify data instantly, so you know exactly where sensitive data lives and how to protect it.
Discover where all your data lives to get a comprehensive picture of your data estate, so you can better understand and protect it.
There are some levels of fines for companies that refuse to comply with the CCPA regulations. For companies that are found to have violated the rule, they can expect to be fined around $7,500 for each violation — but only if it's found to be intentional. Otherwise, businesses are fined a maximum of $2,500.
Have another question? Looking for more details?
Reach out to our friendly team who will be happy to help.
