The California Consumer Privacy Act (CCPA) was signed into law in 2018 and took effect on July 1, 2020. The CCPA is a comprehensive consumer privacy law that grants Californians certain rights regarding their personal information. It also requires businesses operating in California to meet certain requirements for data collection and disclosure. Here, we’ll break down the CCPA and explain why businesses must comply with it.

What Is the California Consumer Privacy Act?

The CCPA is a state law designed to protect consumers’ personal information and give them greater control over how their data is collected, used and shared. It applies to all businesses operating in California, regardless of size or industry. The law also applies to any business that collects or stores the personal information of Californian consumers even if they do not have a physical presence in the state.

Who Must Comply With the CCPA?

If you are a business owner or online service provider based in California, or if you collect or store personal information from Californian consumers, then you must comply with the CCPA. This includes companies that collect customer data through websites, mobile apps, emails, text messages, loyalty programs, etc. Businesses that process large amounts of personal data must particularly familiarize themselves with the compliance requirements under the CCPA as they may be subject to more stringent regulations than other businesses under this law. 

Consumers’ Rights Under the CCPA

The CCPA grants several rights to Californian consumers regarding their personal information.

  • Right to Opt Out of Third-Party Data Sales – Consumers have the right to opt out of having their data sold by businesses to third parties such as advertisers or marketing companies. Businesses must provide an opt-out link on their website that allows consumers to easily exercise this right.
  • Right to Request Disclosure of Personal Information Collected by Businesses – Consumers have the right to request disclosure of what categories of personal information are being collected by businesses and for what purposes it will be used. Businesses must provide clear disclosures about this at the point of collection when collecting consumer data including via websites and mobile apps.
  • Right to Request Correction or Deletion of Personal Information – Consumers also have the right to request correction or deletion of any inaccurate/incomplete personal information collected by businesses about them upon request from those businesses.

Business Requirements for CCPA Compliance

In addition to granting consumers certain rights under this law, there are also requirements for businesses operating in California when it comes to data collection and disclosure practices under the CCPA:

  • Do Not Sell My Personal Information Link on Website – All websites operated by businesses located in or collecting information from Californians must include a “Do Not Sell My Personal Information” link prominently displayed on each page/screen where customer data is collected/stored so that customers may easily exercise their right per provisions outlined above without any difficulties finding such an option on your website/mobile app(s).
  • Disclosing Categories and Purposes of Collected Personal Information at Point of Collection – All websites operated by businesses located in or collecting information from Californians must also clearly disclose what categories of personal info are being collected as well as for what purpose it will be used at the point of the collection itself (e.g., via website forms). This ensures customers understand exactly how their data will be used before giving consent for its use/collection per provisions outlined above without any hidden surprises later down the line due to a lack of proper disclosures upfront upon initial contact with customers via these digital channels (website/mobile app(s)).

Why CCPA Compliance Matters and How to Achieve Compliance with TruAbilities

In today’s digital age, data privacy is of utmost importance. With the increasing number of data breaches and cyber threats, businesses must comply with data privacy laws such as the CCPA to ensure the security of their customers’ personal information. The TruAbilities widget offers a reliable solution to this problem by being the first-ever cookie-less ADA accessibility solution that complies with the CCPA. This innovative widget ensures that personal information remains secure and does not slow down page loads while providing built-in cookie management and a Do Not Sell or Share My Personal Information form. By implementing the TruAbilities widget, businesses can demonstrate their commitment to data privacy and provide a secure and compliant user experience for their customers.

Yielding progressive results with
agile methodology

  • Audit Analysis
    and Discovery
    1 - 2 weeks
  • Proposal
    of Strategy
    1 - 2 weeks
  • Onboarding and
    4 weeks onwards
  • Testing and
    Proof of Concept
    1-3 weeks
  • Launch
    Pre-Go Live Test
    2 weeks
  • Analyze and Optimize

Take the next step