If you’re doing business in California, or more broadly in the United States, CPRA (CCPA amendment) may apply to you. Here are 3 simple things you should put into practice now to help make your website compliant!
CPRA (CCPA amendment) applies to any business that targets California-based consumers and collects their personal information.
To be considered a business under the CPRA (CCPA amendment), you should meet at least one of these requirements:
See our CPRA (CCPA amendment) summary here.
CPRA (CCPA amendment) grants users specific rights, including the right to be informed. You must inform your users about how their information is processed, who you’re going to share this information with, and what rights they have.
You can do this via a privacy policy. Remember, your privacy policy should be easily accessible throughout your website/app.
According to the right to opt-out, users can request a business that sells their personal information to stop doing that.
Sale does not just refer to the act of trading for money, but to any activity that consists of sharing the user’s personal information for anything that might benefit the business.
Here you should do two main things:
Last, you should keep records of the opt-outs.
You can’t contact a user who opted out for at least 12 months after their request.
Records can help you keep track of all the requests you received and avoid non-compliance sanctions.
Of course! There are online tools that can help you with CPRA (CCPA amendment) compliance and can save you money, time and effort.
Take iubenda, for example.
Our set of tools for CPRA (CCPA amendment) allows you to: