5 Steps To Make Your Website CCPA Compliant Today

As of July 2020, it will be extremely important to abide to the CCPA regulations in order to avoid hefty fines which could mount up to 7,500 dollars per user. But does this include you?

If you run a for-profit company, you’re obligated to comply with the Act if your business:

• Receives, processes, or transfers data from over 50,000 Californians per annum
• Your gross yearly takings exceed $25 million,

 or

• At least 50% of your annual revenue comes from selling data belonging to Californians

While it may be confusing for many to make 100% sure that a website is completely CCPA compliant, we at Usercentrics have complied a short and easy checklist so you as a website provider can be on top of the latest CCPA regulations. 

Does it include all relevant information? CCPA requires website providers to be transparent with the type of data you collect from your users such as: 

• What kind of information you collect and process
• Why do you collect and process information
• How do you collect and process information
• The methods to request access, change, move, or deletion of their personal data
• The method for verifying the identity of the person who submits a request
• Sales of users’ personal data and how they can opt-out of the selling of their data

If you collect information about a consumer protected by the CCPA, then you must inform the consumer of your intentions at or before the point of data collection. This can be done through the use of a banner or pop-up for when the user visits your site.

CCPA requires obtaining prior consent from minors before selling their personal information. Obtain consent directly from visitors that are 13-16 years old, and when younger, it is necessary to obtain consent from parents or legal guardians.

This link must be made easily available on your website homepage, through the use of a CMP for example- making it illegal to sell data once a user has clicked on this link.

CCPA grants your California users a right to access the personal data you’ve collected from them; they can request changes to the information, move it somewhere else, or delete it. You have a duty to provide a means for submitting such requests.

If a business cannot reasonably verify the identity to the appropriate degree of certainty, it must inform the consumer and explain why the request could not reasonably be verified.

Ensuring that website users find a transparent privacy policy, informing users of the collection of personal data, and allowing website users to opt-out can be done easily and quickly with a proven Consent Management Platform.

Contact one of our customer service representatives today to learn more.