CCPA is new privacy legislation being introduced in the US state of California.
CCPA stands for the California Consumer Privacy Act. It will become effective from 1st January 2020 and intends “to further California citizens’ rights to privacy by giving consumers an effective way to control their personal information.”
The CCPA introduces 5 new rights for citizens of California:
- to know what personal information is being collected about them
- to know whether their personal information is sold or disclosed and to whom
- to say no to the sale of personal information
- to access (or request deletion of) their personal information
- to equal service and price, even if they exercise their privacy rights.
CCPA is applicable to any company that does business in California that meets at least one of these thresholds:
- annual gross revenues in excess of $25 million
- “collects” or “sells” the personal information of 50,000 or more consumers, households or devices
- derives 50% or more of its annual revenues from selling consumers’ personal information.
CCPA will be applicable to SessionCam customers that do business in California and meet one or more of the thresholds described above. For those customers, the CCPA means that they should:
- understand what constitutes personal information; as defined by the CCPA
- amend and update their website privacy policies to describe any data collection activity they undertake in the light of the new rights provided to consumers by the act and include, if
- appropriate, controls to allow consumers to opt-out of the sale of their data
- respond in a timely manner to information disclosure or deletion requests.
SessionCam would be considered to be a “service provider” within the CCPA and may collect personal information on behalf of our customers for their business purposes.
As part of our set-up and onboarding activity, SessionCam recommends to our customers that their website privacy policies are updated to describe the nature of the services we provide with links for individuals to use to opt-out.
We can re-confirm to those customers that we do not sell any of the data we collect to any other 3rd party services.
We have established processes for customers that receive consumer requests for information disclosure or deletion to follow.
SessionCam already comply with the EU-GDPR and we are ISO27001 certified. We achieved relevant certifications such as the ISO27001 and undergo annual security audits to meet the high data protection standards of regulations such as GDPR and the CCPA.
You can also contact us if you would like to understand more about SessionCam and the CCPA.