The California Consumer Privacy Act (CCPA) comes into effect on January 1, 2020 and may affect how your website is allowed to handle the personal information of Californians.
The CCPA demands that businesses provide records of personal information collected about a consumer in the preceding 12 months prior to the request made by the consumer to gain access to this information.
CCPA stands for California Consumer Privacy Act, gives consumers more control over the personal information. Along with other privacy laws, defines the new rules for website tracking and tracking cookies in large scale.
The regulations only affect businesses that either generate over $25 million in revenue; collect information of more than 50,000 Californian residents a year; or derive 50% or more of their annual revenue from selling the personal information of California residents.
The CCPA 'Do Not Sell My Personal Information' rule gives those based in California the right to tell businesses not to sell their personal data.
Websites must have a page called 'Do Not Sell My Personal Information' that allows consumers to opt-out of the sale of personal information.
They must link to this page on the homepage.
Users must be able to make this request without having to create an account.
The website must have a privacy policy that describes the consumers rights and includes a link to the 'Do Not Sell My Personal Information' page.
The business must respect the consumer’s decision for at least 12 months. After this time the business can ask the consumer to allow the sale of personal information.
Under CCPA, Cookies can harvest personal information such as names, physical addresses, IP addresses, location data, but also sensitive personal data such as religious convictions, political opinions and/or sexual orientation.
The right to request disclosure
The right to request deletion
The right to opt out
Identifiers such as cookies, beacons, pixel tags, telephone numbers, IP addresses, account names.
Biometric data such as face, retina, fingerprints, DNA, voice recordings, health data.
Geolocation data such as location history via devices.
Internet activity such as browsing history.
Plus data regarding personal characteristics, behavior, religious or political convictions, sexual preferences and so on.
开始使您的网站和应用符合欧盟 GDPR、美国 CPRA、加拿大 PIPEDA 等法规
注册