3 things you can do now for CCPA compliance

If you’re doing business in California, or more broadly in the United States, CPRA (CCPA amendment) may apply to you. Here are 3 simple things you should put into practice now to help make your website compliant! 

1. Have a detailed privacy policy

CPRA (CCPA amendment) grants users specific rights, including the right to be informed. You must inform your users about how their information is processed, who you’re going to share this information with, and what rights they have. 

You can do this via a privacy policy. Remember, your privacy policy should be easily accessible throughout your website/app. 

2. Display notice of collection and “Do not sell” link

According to the right to opt-out, users can request a business that sells their personal information to stop doing that. 

Here you should do two main things: 

1. Display a notice of collection: upon a user’s first visit to your website, you should inform them that you’re selling personal information.
2. Add a “Do not sell my personal information” link: users should be able to opt-out anytime, and you should make it easy for them. That’s what a DNSMPI link is for!

3. Keep records 

Last, you should keep records of the opt-outs. 
You can’t contact a user who opted out for at least 12 months after their request.

Records can help you keep track of all the requests you received and avoid non-compliance sanctions.

💡 Is there a way to comply easily?

Of course! There are online tools that can help you with CPRA (CCPA amendment) compliance and can save you money, time and effort. 

Take iubenda, for example. 
Our set of tools for CPRA (CCPA amendment) allows you to: 

• Create a detailed privacy policy, thanks to our Privacy and Cookie Policy Generator.
• Generate a notice of collection with a “Do Not Sell” link. That’s what the Privacy Controls and Cookie Solution is for.
• Keep records of opt-outs, with our Consent Database.