Updated 11.24.2020 / Good Business

What is the CCPA—and does it apply to you?

CCPA

Have a website? Can people in California see it?

Then you might need to be compliant with new legislation called the California Consumer Privacy Act (CCPA).

The CCPA gives Californians the right to know about the personal information a business collects about them, and how it is used and shared. (It’s similar to the EU regulation—GDPR—which may also apply to you.)

Are you collecting information? Probably.

Pretty much, if you have a website, you are most likely collecting information.

Do you have a WordPress site? This means you must have cookies enabled, which means you’re collecting information.

Do you use Google Analytics? This means you are tracking information.

Do you have a sign up form? This means you are capturing people’s information.

So, now that we’ve figured out if you’re collecting information…

Does the CCPA apply to you?

If you fall into one of these three criteria, it does!

From iubenda.com (my favorite service for managing website legal requirements):

The CCPA applies to for-profit businesses that target or could potentially have Californian customers, and that meet any one of the following conditions:

  • it processes (buy, sell, receive, share) personally identifiable information of at least 50k Californians per year. Since IP addresses are considered personal information, this likely applies to any website with at least 50k unique visits per year from California; or
  • it makes at least half of its yearly revenue from sharing consumers’ personal information with third parties (IP addresses are considered personal information). This can include things like using Analytics or retargeting for ads; or
  • the business has gross annual revenues exceeding twenty-five million dollars ($25,000,000).

What’s required for CCPA compliance?

If you fall into one of these categories, you basically need to disclose what info you collect on your website and make sure people consent to it. (Recently you may have noticed an uptick in websites that make you accept cookies in order to enter. This is them staying compliant.)

How do I tell how many website visitors I have from California?

In Google Analytics, go to Audience > Geo > Location > Click on United States > Click on California > change the date to show the past year > check your Users stats.

Google Analytics view of California Users

To make compliance easy, I recommend a service like iubenda.

I like the service, iubenda, because it automates compliance for you. You setup your profile and they display the notice on your site for you. Based on the IP address, they know where visitors are coming from, so they don’t necessarily show CCPA or GDPR unless it’s relevant to that particular visitor. What else? You can also have iubenda write your privacy policy, which they update for you as the legislation changes. This way, you know you’re always covered!

Moving forward…

Even if this regulation doesn’t affect you, it’s important to be aware that this is happening.Even though the US doesn’t have a universal privacy policy yet, my guess is that they will soon. As always, I’ll keep you updated!

If you need to implement CCPA compliance, and you’re in my WordPress website maintenance program, I’ll help you!

About Jill Anderson

Hi, I’m Jill, a WordPress WordPress designer/developer who partners with talented designers, copywriters, and agencies on their websites, and their client’s sites. I’m passionate about crafting beautiful and innovative WordPress websites focused on clear positioning and positive user experiences. Get my free report, Get Your Website Done: 12 Actionable Steps for Designers, and check out my Client Onboarding Toolkit, a simple 4-step digital course for converting prospects into a paying clients.

TAGS: , , ,
Get new blog postsGET NEW BLOG POSTSIN YOUR INBOX

Like this? Get new posts via email.

No spam, no worries. Just my bimonthly(ish) blog posts straight to your inbox.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

GDPR icon
Does your website have a privacy policy? If not, you may be… You might have heard of this thing called GDPR . . . if not, here's the lowdown. The General Data Protection Regulation or GDPR is a EU law that went…
oil
Change your oil…maintain your website. You could drive your car forever without changing the oil—and it might be okay. Similarly, you could let your website go forever without updates—and it might be okay. But banking…
Don’t let web visitors see a security warning. Get SSL.
Don’t let web visitors see a security warning. Get SSL. You want your website to make a great first impression, right? You want your website to be viewed as safe and secure, right? Then it’s imperative to get an SSL…