The California Consumer Privacy Act (CCPA) went into effect on January 1, 2020, and enforcement begins tomorrow, July 1, 2020.  Is your privacy policy compliant?  Here are a few quick questions that may help you determine the answer –

  • Does your privacy policy have a “last updated” date that is less than a year old?
  • Do you fully identify the personal information that your company collects?
  • Do you fully explain the purposes for which you use the collected personal information?
  • Do you share or sell the information, and if so, do you explain to whom and why?
  • Do you identify the rights individuals have with respect to their personal data, including:
    • the right to erase or delete all or some of one’s personal data;
    • the right to a copy of one’s personal data, including in machine readable form;
    • the right to change, update, or fix one’s personal data if it is inaccurate;
    • the right to stop using all or some of one’s personal data (where you have no legal right to keep using it) or to limit use of one’s personal data; and
    • the right to opt-out of the same of information.
  • Do you provide at least two forms of contact, for individuals to submit requests for information, including at least a toll-free number (or email address if your business is online-only)?

For more information, see Rothwell Figg’s Privacy, Data Protection, and Cybersecurity Page, including our CCPA Compliance Guide, or contact us directly at privacy@rothwellfigg.com.