CCPA Checklist – Important things you need to know!

The California Consumer Privacy Act (CCPA) was established back in January 2020. However, the enforcement of this law didn’t begin until June 2020. Primarily, the objective behind introducing this law is to improve the privacy rights of those residing in California. 

Along with that, CCPA also ensures protection in terms of how personal data and information are used online. Moreover, the CCPA is applied to such legal entities and companies operating their business in California and are accumulating the personal information of consumers to fulfill their criteria. Apart from that, it’s also for those who:

• Have a gross revenue of $25 million or more annually
• Purchase, share or receive information of more than 50,000 consumers, devices, and households for selling or commercial purposes
• Gain 50% or more annual revenue by selling personal data of consumers

If you’re in the same league, this law applies to you as well. In simple words, supporting consumers’ rights, CCPA allows individuals to raise their voice as far as sharing and using their data by third parties are concerned. 

Penalty for Violating CCPA Laws:

Service providers could be liable for a penalty if they retain, use or disclose any personal information for the objectives outside of the contract with a business. Apart from service providers and enterprises, other individuals may potentially breach the rules of CCPA on the headlong transfer of personal data. 

For instance, if a third-party sells personal information unlawfully that it has got from a company, the penalties will be imposed. Before striking a penalty, the business, individual, or service provider is served with a notice that must be acted upon within 30 days. 

This notice generally comes from the California Attorney-General. As far as the penalties are concerned, they can be:

• Up to $7,500 for intentional violation; or
• Up to $2,500 for unintentional violation

CCPA Checklist:

Jotted down below is a comprehensive checklist of everything that a privacy policy would need to be CCPA-compliant. To make it clear and upfront, let’s split it up into two different sections. 

Section 1: Information about Consumer Rights:

• The right to access and how individuals can exercise it
• The right to deletion and how individuals can exercise it
• The right to non-discrimination
• The right to opt-out along with a link to the Do Not Sell Personal Information page

Section 2: Personal Information Practices Over 12 Months:

• A list of personal information categories that the business has accumulated in the last 12 months
• A list of personal information categories that the business has sold in the last 12 months; or the disclosure of if there hasn’t been any selling in the past 12 months
• A list of personal information categories that the business has disclosed for operational purposes in the last 12 months; or the disclosure of personal information that the company hasn’t disclosed in the previous 12 months

After 12 months, every business has to update its privacy policy. Even if there are no significant changes whatsoever, the effective date should be altered each year. 

Also, on the website’s homepage, there should be a conspicuous link leading to the privacy policy. 

How can a WordPress plugin help you do this quickly?

While the importance of complying with the CCPA law has been clearly outlined, what most of the businesses would be looking forward to is an easy way out to create and update policies on their site. 

If you’re a WordPress user, the WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin would be the right choice for you. Adequate to customize privacy policy, cookie notice, and other disclaimers, there are plenty of ways wherein this plugin can help you out.

How can the plugin help WordPress website owners?

With this specific plugin, you can quickly get needed assistance when it comes to notices to be displayed on the website. This plugin allows you to seamlessly create a privacy policy for CCPA, GDPR, and ePrivacy. 

Based on the usage mode, the cookie notice gets automatically applied. With this plugin, you get three different methods, such as:

• ePrivacy Notice: Add a customizable notice through widget, popup, or banner through which visitors can reject or accept.
• GDPR: Add a customizable cookie notice to notify visitors that the cookies are being used. Furthermore, auto-scan, categorize, modify, and maintain consent log.
• CCPA: Add a customizable CCPA notice from where visitors can choose opt-out from using personal information. 

An Overview of Features:

• Complying with Different Laws:

This plugin helps you create consent disclaimers and privacy policies according to different laws, such as:

• The General Data Protection Regulation (GDPR)
• The California Consumer Privacy (CCPA)
• The Personal Information Protection and Electronic Documents Act (PIPEDA)
• Australia’s Privacy Principles (AAP)
• The Brazilian General Data Protection Law (LGPD)

It also includes others like CNIL, PECR, DPA, DSGVO, and others. 

• Granular Cookie Consent:

This feature allows you to create categorized consent for visitors to enable them to use the third-party cookies and/or website. Along with that, you can also allow visitors to either change or revoke their consent categories at any given time. 

• Consent Log and Detector:

The plugin helps you store a consent log of those consents that your website visitors have provided. And then, with the auto-scan feature, you can immediately sort and search for the consent look just with one-click. 

• Details of Third-Party Cookie:

With this plugin, you can automatically get the details of third-party cookies, including every privacy policy link of all the popular scripts. Also, you can auto-block well-known third-party cookies until your visitors give consent. 

• Do Not Sell Opt-out for CCPA:

This privacy policy plugin helps you create conspicuous and unambiguous links that you can add on the homepage with the title Do Not Sell My Personal Information. Customize every factor of this notice according to your preference, including colors, position, layout, and content.

Availability in Free and Pro Versions:

An aspect that should be highlighted at best is that the WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin is available in both free and pro versions. If you aren’t sure of investing money into this plugin, you can go with the free one available on WordPress.org. 

However, if you’re ready to take a bet, go with the premium version available at a minimal price of $17/year for a single site license, $37/year for 3 sites license and $67/year for 10 sites license. Moreover, the premium version also comes with a 30-days money-back guarantee. Thus, with this plugin, you have nothing to lose.

Conclusion:

At last, the importance and objectives of CCPA cannot be ignored at any cost. Considering that this policy is for consumers’ betterment, businesses should put more effort and time into establishing utmost transparency. 

So, if you’re operating a business in California, make sure you adhere to all the requirements mentioned by CCPA (if you haven’t yet). 

Let us know your thoughts on this in the comment section below.