cali_privacy_policy

Some of our recent work included making our privacy policy compliant with California’s legislation. California has long been a first-mover when it comes to privacy laws in the States. The state of California is continuing this tradition and has introduced a rule that requires website operators to disclose “Do Not Track” setups on their sites.

In light of the changes and the fact that Californian legislation affects most commercial websites in the States (and elsewhere), we’re setting this post up to link to the most important topics and developments.

As a rule of thumb:

Website operators (this includes mobile apps) of commercial websites need to post a privacy policy. California laws impact other states when your website impacts Californian residents (at least in theory).

Some required reading regarding California

New developments regarding privacy policies

Privacy policy in California in general

The rules that regulate that privacy policy can be found in California’s Business and Professions code, in section 22575. It answers the most important questions regarding compliance:

  • who is required to post a privacy policy?
  • how shall that privacy policy look like?

Find the relevant text below:

(a) An operator of a commercial Web site or online service
that collects personally identifiable information through the
Internet about individual consumers residing in California who use or
visit its commercial Web site or online service shall conspicuously
post its privacy policy on its Web site, or in the case of an
operator of an online service, make that policy available in
accordance with paragraph (5) of subdivision (b) of Section 22577. An
operator shall be in violation of this subdivision only if the
operator fails to post its policy within 30 days after being notified
of noncompliance.

(b) The privacy policy required by subdivision (a) shall do all of
the following:

(1) Identify the categories of personally identifiable information
that the operator collects through the Web site or online service
about individual consumers who use or visit its commercial Web site
or online service and the categories of third-party persons or
entities with whom the operator may share that personally
identifiable information.

(2) If the operator maintains a process for an individual consumer
who uses or visits its commercial Web site or online service to
review and request changes to any of his or her personally
identifiable information that is collected through the Web site or
online service, provide a description of that process.

(3) Describe the process by which the operator notifies consumers
who use or visit its commercial Web site or online service of
material changes to the operator’s privacy policy for that Web site
or online service.

(4) Identify its effective date.

(5) Disclose how the operator responds to Web browser “do not
track” signals or other mechanisms that provide consumers the ability
to exercise choice regarding the collection of personally
identifiable information about an individual consumer’s online
activities over time and across third-party Web sites or online
services, if the operator engages in that collection.

(6) Disclose whether other parties may collect personally
identifiable information about an individual consumer’s online
activities over time and across different Web sites when a consumer
uses the operator’s Web site or service.

(7) An operator may satisfy the requirement of paragraph (5) by
providing a clear and conspicuous hyperlink in the operator’s privacy
policy to an online location containing a description, including the
effects, of any program or protocol the operator follows that offers
the consumer that choice.



Let iubenda help you with creating a privacy policy for California.


Generate a privacy policy for California


Do Not Track California Privacy Policy ChangesPrivacy Policies in the USAFrequently Asked Questions Regarding Privacy Policies

About Us

iubenda is the easiest and most professional way to generate a privacy policy for your website, mobile app and facebook app
www.iubenda.com

Generate a privacy policy now

Ready in a few steps and built to meet the needs of both website and mobile app owners

Generate your privacy policy now
RSS FEED

Sometimes the best choice is to "just give it a try"

iubenda is the easiest and most professional way to generate a privacy policy for your website, mobile app and facebook app

Generate your privacy policy now