What is the CCPA—and does it apply to you?


Have a website? Can people in California see it?

Then you might need to be compliant with new legislation called the California Consumer Privacy Act (CCPA).

The CCPA gives Californians the right to know about the personal information a business collects about them, and how it is used and shared. (It’s similar to the EU regulation—GDPR—which may also apply to you.)

Are you collecting information? Probably.

Pretty much, if you have a website, you are most likely collecting information.

Do you have a WordPress site? This means you must have cookies enabled, which means you’re collecting information.

Do you use Google Analytics? This means you are tracking information.

Do you have a sign up form? This means you are capturing people’s information.

So, now that we’ve figured out if you’re collecting information…

Does the CCPA apply to you?

If you fall into one of these three criteria, it does!

From iubenda.com (my favorite service for managing website legal requirements):

The CCPA applies to for-profit businesses that target or could potentially have Californian customers, and that meet any one of the following conditions:

  • it processes (buy, sell, receive, share) personally identifiable information of at least 50k Californians per year. Since IP addresses are considered personal information, this likely applies to any website with at least 50k unique visits per year from California; or
  • it makes at least half of its yearly revenue from sharing consumers’ personal information with third parties (IP addresses are considered personal information). This can include things like using Analytics or retargeting for ads; or
  • the business has gross annual revenues exceeding twenty-five million dollars ($25,000,000).

What’s required for CCPA compliance?

If you fall into one of these categories, you basically need to disclose what info you collect on your website and make sure people consent to it. (Recently you may have noticed an uptick in websites that make you accept cookies in order to enter. This is them staying compliant.)

How do I tell how many website visitors I have from California?

In Google Analytics, go to Audience > Geo > Location > Click on United States > Click on California > change the date to show the past year > check your Users stats.

Google Analytics view of California Users

To make compliance easy, I recommend a service like iubenda.

I like the service, iubenda, because it automates compliance for you. You setup your profile and they display the notice on your site for you. Based on the IP address, they know where visitors are coming from, so they don’t necessarily show CCPA or GDPR unless it’s relevant to that particular visitor. What else? You can also have iubenda write your privacy policy, which they update for you as the legislation changes. This way, you know you’re always covered!

Moving forward…

Even if this regulation doesn’t affect you, it’s important to be aware that this is happening.Even though the US doesn’t have a universal privacy policy yet, my guess is that they will soon. As always, I’ll keep you updated!

If you need to implement CCPA compliance, and you’re in my WordPress website maintenance program, I’ll help you!

About Jill Anderson

Hi, I’m Jill, a WordPress WordPress designer/developer who partners with talented designers, copywriters, and agencies on their websites, and their client’s sites. I’m passionate about crafting beautiful and innovative WordPress websites focused on clear positioning and positive user experiences. Get my free report, Get Your Website Done: 12 Actionable Steps for Designers, and check out my Client Onboarding Toolkit, a simple 4-step digital course for converting prospects into a paying clients.


Like this? Get new posts via email.

No spam, no worries. Just my bimonthly(ish) blog posts straight to your inbox.

Leave a Reply

Your email address will not be published. Required fields are marked *