Data protection is of paramount importance for all types of businesses, be they big or small. At the same time, it is equally vital to comply with prevailing, relevant regulations. CPRA (California Privacy Rights Act) is one such regulation that you need to follow as an entrepreneur. California voters approved it in November 2020. It came into effect on 1st January 2023.
Related Post: 4 Aspects of Compliance Your Company Should Implement
It develops on CCPA (California Consumer Privacy Act) that became law in the year 2018. California consumers can enjoy additional rights with this law. It is concerned with the collection of how personal information is collected, shared, and used by businesses.
Companies that have opened their business in California need to meet certain criteria as set by the CPRA. It includes personal information collection of over 100,000 households or consumers and gross annual revenues exceeding $25 million. Also are included 50%+ annual revenues from sales of consumers’ personal information.
It is defined as that information or consumer data related to or perhaps linked with any specific household or consumer. It includes names, IP addresses, email addresses, and house addresses. Besides this, it also includes sensitive information such as personal financial information and biometric data.
1. Right to request deletion of consumer’s personal information by the business.
2. Right to know the type of personal information collected by the business about them.
3. Right to refrain from automated conclusions like profiling targeted behavioral advertising.
4. Right to refrain from their personal information being sold.
5. Right to correction if personal information present with the business is incorrect.
6. Right to be aware of the functioning of automated decision technologies and its potential outcomes.
7. Right to minors getting proper notifications if businesses plan to share or sell off their personal details.
8. Data portability right if organizations share crucial data with other similar entities.
9. Right to limit sensitive consumer data
The properly created business checklist should be in place. It will guide as to how businesses can manage requests given by California consumers. It also includes who is to be held responsible to respond to them as well as the time is taken to respond. As per CPRA regulations, such requests need to be addressed in 10 days’ time and get processed in 45 days.
Also Read: The Ethics of Persuasion: When Marketing Tactics Cross the Line
Businesses are expected to provide consumers with conspicuous and clear notice concerning their rights. It also includes information on what personal information can be collected and how it is meant to be shared and used. Also review agreements or contracts with 3rd parties including a business checklist involving sharing, usage, and collection of personal information. Ensure notices and privacy policies are updated periodically and CPRA compliant.
Appropriate procedures should be implemented to verify consumers’ identity especially those making CPRA requests. Consumers’ privacy should be protected to prevent fraud. Besides this, CPRA-related request records should be kept carefully including how it has been handled. It clearly demonstrates being compliant with the law. Necessary evidence can also be provided if there is held some investigation or dispute arises concerning data protection.
The contact team or person should be designated to manage consumers’ CPRA-related requests. It might be a full-fledged customer service team or a privacy officer. They should be provided with appropriate resources and training to handle such requests quite efficiently.
Also Read: Rajat Khare On Why The Future Will Be Based On Ai, Ml, Deeptech, And Big Data
Non-CPRA Compliance will mean having to face financial consequences. The severity of offenses and violations committed is likely to determine the penalties to face.
Business success and social responsibility are becoming increasingly entwined, which makes Uri Ansbacher’s fresh perspective…
Thriving in sales has never been easy. It’s a fast-paced, chaotic landscape, filled with unique…
White-label PPC services are a simple way for businesses to provide Pay-Per-Click advertising without having…
The online gaming landscape is brimming with options, but finding a platform that excels in…
The world of online gaming is constantly evolving, offering a myriad of options for entertainment,…
If you're considering selling your car in India, getting the valuation right is crucial for…