The California Consumer Privacy Act (CCPA) came into effect on January 1, 2020 and becomes enforceable on July 1, 2020. It is the first comprehensive consumer privacy legislation to be enacted in the US. Although it currently applies only to a small tranche of businesses, we expect broader legislation in California and other states in the future. Here are some key considerations your winery should know about the CCPA.
Who's implicated by CCPA?
All for-profit businesses that operate in California that meet one of the following criteria:
It's important to note that you don't need to be based in California for the law to impact you. As long as you interact with significant amounts of California residents and their private data, you need to comply with CCPA.
What does CCPA compliance mean?
CCPA requires impacted businesses to boost their data privacy standards and change their management process. This can range from prompting customers to agree to your website's cookies policy to ensuring customers can access and control their own data. Specifically, you need to:
What are the consequences of CCPA non-compliance?
CCPA will be enforced with fines of up to $7,500 per violation. Companies that breach the law's regulations are also at risk of private lawsuits of up to $750 from each customer whose data was mishandled. Any companies that are non-compliant might also lose the trust of their customers, particularly as awareness rises.
How to handle opt-out requests:
If a customer sends an opt-out request to remove their data from your winery, you can fill out our opt-out request form here.
* Please note that this form does not use your WineDirect Admin Panel credentials. The first time you make an opt-out request, you'll need to create a username and password by clicking 'Sign up'.
Requests can take up to 45 days to complete. Timely reporting of opt-out requests is required by law. With fluctuating volumes of requests, best practice is to report to WineDirect as soon as possible.