Global data protection laws are emerging across the world that may pose information and consent requirements upon the website operators. For example, the California Consumer Privacy Act (CCPA) does not require from businesses and website operators to obtain an explicit, opt-in consent, but empowers the California citizens with the rights to know the types of personal information are collected and for what reasons, the right to delete their personal information as well the right to opt-out of selling their personal information to third parties (Do not Sell my Personal Information).
You are obligated to comply to CCPA when your organization:
1. Is for-profit and conducts business in California.
2. Collects personal data of California residents, and determines the purposes and means of processing consumers' personal information.
3. Meets one of the following thresholds:
4. When your organization processes personal data such as name, address, personal identifier, IP address, email address, account name, Social Security number, driver’s license number, and passport number;
5. Or if your organization creates a consumer profile reflecting their preferences, characteristics, psychological trends, predispositions, behaviour, attitudes, intelligence, abilities, and aptitudes based on any of the information listed above.
Check out our CCPA website checklist to help you get your website compliant.