Is your organization already CCPA proof? Are you looking for an example Rights and Choices Form?
The intention of the California Consumer Privacy Act (CCPA) is an important change in data privacy regulations in the USA, that aims to protect the privacy rights, personal data of consumers in California, United States. The bill (AB-375) was passed by the California State Legislature and signed into law by the Governor of California, on June 28, 2018, to amend Part 4 of Division 3 of the California Civil Code.
The CCPA applies to any business, including any for-profit entity that collects consumers' personal data, which does business in California, and satisfies at least one of these thresholds:
- annual gross revenues in excess of $25 million;
- possesses the personal data of 50,000 or more consumers, households, or devices; or
- earns more than half of its annual revenue from selling consumers' personal data;
- organizations are required to "implement and maintain reasonable security procedures and practices" in protecting consumer data.
Definition Personal Data according to CCPA: The real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver's license number, passport number, or other similar identifiers.
What type of request has to be given according to CCPA to the consumers?
The following main choices are applicable to all consumers in California:
- Access – A report can be requested with all the Personal Information that a Company] has about him or her;
- Deletion – Consumers can ask to have the Personal Information about him or herself to be forgotten;
- Right to know – Consumers can ask to receive a report on the categories of Personal Information [Company] has about the consumer.
The intentions of the Act are to provide California residents with the right to:
- access their personal data;
- prevent the sale of personal data;
- know what personal data is being collected about them;
- know whether their personal data is sold or disclosed and to whom;
- request an organization to delete any personal data about a consumer collected from that consumer;
- not be discriminated against for exercising their privacy rights.
Enforcement date: January 1, 2020, at which time those businesses in non-compliance may face civil fines between $ 2,500 and $ 7,500 USD. Californian residents have the private right of action for data breaches, in case of failure is proven, there can be statutory damages between $ 100 and $ 750 USD.
We're here to help you become compliant. The CCPA comes with a set of Rules and Regulations for the protection of personal data inside and outside the state of California and affects all businesses that save personal data from California residents.
We provide example CCPA document templates and also a complete set of CCPA templates in order to help you to comply with the new amendment of the California Civil Code. These CCPA document templates are provided in Microsoft Office formats, and easy to customize to your organization’s specific needs. Often completed example documents are also provided in order to help you with your implementation in order to save precious time.