Iubenda logo
Start generating

Documentation

Table of Contents

3 things you can do now for CCPA compliance

If you’re doing business in California, or more broadly in the United States, CCPA may apply to you. Here are 3 simple things you should put into practice now to help make your website compliant! 

ccpa compliance, iubenda

CCPA applies to any business that targets California-based consumers and collects their personal information.

To be considered a business under the CCPA, you should meet at least one of these requirements:

  • you have an annual gross revenues of at least $25 million; or
  • you generate more than half of your annual income by exchanging customers’ personal information with third parties; or
  • you process personally identifiable information of at least 50,000 Californians every year.

See our CCPA summary here.

1. Have a detailed privacy policy

CCPA grants users specific rights, including the right to be informed. You must inform your users about how their information is processed, who you’re going to share this information with, and what rights they have. 

You can do this via a privacy policy. Remember, your privacy policy should be easily accessible throughout your website/app. 

2. Display notice of collection and “Do not sell” link

According to the right to opt-out, users can request a business that sells their personal information to stop doing that. 

What sale actually means here

Sale does not just refer to the act of trading for money, but to any activity that consists of sharing the user’s personal information for anything that might benefit the business.

Here you should do two main things: 

  1. Display a notice of collection: upon a user’s first visit to your website, you should inform them that you’re selling personal information.
  2. Add a “Do not sell my personal information” link: users should be able to opt-out anytime, and you should make it easy for them. That’s what a DNSMPI link is for!

3. Keep records 

Last, you should keep records of the opt-outs. 
You can’t contact a user who opted out for at least 12 months after their request.

Records can help you keep track of all the requests you received and avoid non-compliance sanctions.

💡 Is there a way to comply easily?

Of course! There are online tools that can help you with CCPA compliance and can save you money, time and effort. 

Take iubenda, for example. 
Our set of tools for CCPA allows you to: 

  • Create a detailed privacy policy, thanks to our Privacy and Cookie Policy Generator.
  • Generate a notice of collection with a “Do Not Sell” link. That’s what the Cookie Solution is for.
  • Keep records of opt-outs, with our Consent Solution.

Ready to make your website CCPA-compliant?

Start generating

About us

iubenda

Achieve CCPA compliance for your site, app and organization. Easily manage consent, processing records and more.

www.iubenda.com