CCPA Compliance Checklist: Is your company ready?
Table of contents
The enforcement of the California Consumer Privacy Act (CCPA) is set to begin on July 1, 2020. It’s extremely important to abide by the CCPA regulations – in order to demonstrate full commitment to data privacy to customers, creating trust and a strong competitive advantage while also avoiding substantial fines, up to $7,500 per user whose data was compromised or mishandled.
CCPA applies to 40 million California residents (even on vacation) and hundreds of thousands of businesses that interact with them, but does this include you?
If you run a for-profit company, you’re obligated to comply with the Act if your business:
- Has gross revenues that exceed $25 million
- Receives, processes, or transfers data from over 50,000 Californians annually , or
- 50% of annual revenues (at least) comes from selling personal data belonging to Californians
So, now that you have identified if CCPA applies to you, why bother complying?
Risks of non-compliance with CCPA:
|Fines per intentional violation||Up to $7,500 per incident|
|Fines per every non-intentional violation||Up to $2,500 per incident|
|Damages awarded in individual or class-action lawsuits, per violation||$100 – $750|
Checklist – What you need to do to comply with CCPA
|Requirement||Key Points||Further Details|
|Inform users about their CCPA Rights||
|Include a “Do Not Sell”- Link (Opt-Out)||
|Take in Consumer Rights Requests||
|Verify Consumer Rights Requests (set up a system)||
|Keep track of Consumer Rights Requests||
|Fulfill Consumer Rights Requests||
|Collection of Personal Information from Minors (anyone 16 years old or younger)||
As you see, CCPA wording is open for interpretation and is expected to change.
Therefore, preparing for CCPA can seem overwhelming and time consuming. If you would like to focus on complying with CCPA regulations in a smooth and easy way, the Usercentrics Consent Management Platform (CMP) is the perfect tool. Embed specific features automatically and simplify the entire process to meet the CCPA’s requirements quickly and effectively. In line with the developments of law, the Usercentrics tool will be up and running in August 2020.
With the Usercentrics CMP you can:
✔ Inform users of the collection of personal data
✔ Easily include a “do not sell my personal information” ink as an Opt-out option for users giving them the opportunity to say “no” to the selling their personal data
✔ Ensure that user preferences are stored and documented in a legally compliant way
Usercentrics does the Research for you
All Usercentrics customers receive free access to our extensive legal document database – which includes data processing services and accompanying legally relevant information such as scope, purpose, place and duration of processing. You want to learn more about our Usercentrics CMP? Feel free to approach us any time for advice and a summary of the various options our CMP offers for a CCPA-compliant implementation.
The decision to implement a data protection-compliant CMP is ultimately at the discretion of the data protection officer and/or the legal department.
These statements do not constitute legal advice. They merely serve to support and inform you about the current legal situation with respect to the implementation of a CMP solution. Please consult a qualified lawyer should you have any legal questions.