Iubenda logo
Start generating

Documentation

Table of Contents

CCPA Privacy Policy Example

The California Consumer Privacy Act (CCPA) took effect on January 1st, 2020. It puts in place new requirements for processing personal information and grants Californian consumers additional rights.

Does the CCPA applies to my business?

The CCPA applies to any for-profit entity doing business in California that either:

  • processes (buy, sell, receive, share) personally identifiable information of at least 50k Californians per year,
  • has annual gross revenues of at least $ 25 million, or
  • makes over 50% of its yearly revenue from sharing consumers’ personal information with third parties

Please note that your business could be based anywhere : as long as your services are accessible in California, you could be covered by the CCPA and have to adhere to its requirements.

💡 Take this short assessment to see if the CCPA applies to you

What does the CCPA require for a Privacy Policy?

Under the CCPA, businesses must include specific disclosures in their privacy policies. These disclosures include descriptions of:

  • consumer rights,
  • processing partners,
  • purposes,
  • sources and more.

This information must be complete, up-to-date and easily accessible throughout your website / app.

In order to be compliant, your policy must at the very least contain:

  • the categories of personal information that you’ve collected, sold or shared in the past 12 months;
  • the categories of third parties that you have and / or may share the information with;
  • the categories of sources from which you collect this information;
  • the business / commercial purpose for processing the information;
  • the applicable consumers’ rights and how they can be exercised.

If you already have a privacy policy, make sure you have or add these information.

What are the penalties for violating the CCPA?

  • Consumers are given the right to sue businesses that violate the law. You may have to pay damages of up to $ 750 (or cover actual losses if greater) for each affected consumer.
  • If you unintentionally violate the CCPA, you can be fined up to $ 2,500 for each violation.
  • If you intentionally violate the CCPA, you can be fined up to $ 7,500 for each violation.

While these fines might not seem like a lot when compared to the GDPR, do consider that these fines apply per individual violation and per consumer.

CCPA Privacy Policy Example

Here’s an example of a CCPA compliant privacy policy, created with our generator . See the section dedicated to Californian consumers and their privacy rights for more details.

Privacy Policy

Confused about the CCPA? We can help

Here’s what you need to do:

  1. Check if CCPA applies to you
  2. Read our full guide on what CCPA is about
  3. Create or update your privacy policy to include all necessary CCPA provisions
  4. Add a notice of collection and “Do not sell” link to all your pages

Comply with the CCPA

Include all necessary CCPA provisions in your privacy policy, display notice and allow opt-out

Start generating

About us

iubenda

Achieve CCPA compliance for your site, app and organization. Easily manage consent, processing records and more.

www.iubenda.com

See also

Still have questions?

Attend one of our free webinars Email us Live chat