The California Consumer Privacy Act (CCPA) went into effect on January 1, 2020, and enforcement begins tomorrow, July 1, 2020. Is your privacy policy compliant? Here are a few quick questions that may help you determine the answer –
- Does your privacy policy have a “last updated” date that is less than a year old?
- Do you fully identify the personal information that your company collects?
- Do you fully explain the purposes for which you use the collected personal information?
- Do you share or sell the information, and if so, do you explain to whom and why?
- Do you identify the rights individuals have with respect to their personal data, including:
- the right to erase or delete all or some of one’s personal data;
- the right to a copy of one’s personal data, including in machine readable form;
- the right to change, update, or fix one’s personal data if it is inaccurate;
- the right to stop using all or some of one’s personal data (where you have no legal right to keep using it) or to limit use of one’s personal data; and
- the right to opt-out of the same of information.
- Do you provide at least two forms of contact, for individuals to submit requests for information, including at least a toll-free number (or email address if your business is online-only)?
For more information, see Rothwell Figg’s Privacy, Data Protection, and Cybersecurity Page, including our CCPA Compliance Guide, or contact us directly at privacy@rothwellfigg.com.