Skip to main content

On-demand webinar coming soon...

Blog

CCPA privacy policy & notice requirements

April 22, 2020

green gradient

A key part of the California Consumer Privacy Act (CCPA) that went into effect on January 1, 2020 is updating your privacy policy. In addition, you must make contacts aware of just what changes you issued to this policy and how it affects them.

As a main tenet of the legislation, it’s imperative you get this initiative completed correctly and in full before the enforcement deadline of July 1, 2020.

Because updating your privacy policy and sending a consumer notice is so important for proper implementation of the CCPA, we’re covering the requirements you must follow to execute them. Checking these items off your compliance list will help make sure you’re in the clear with legislators and customers.

CCPA privacy policy requirements

If you’ve recently updated your privacy policy to meet the parameters of the General Data Protection Regulation (GDPR), you have a head start on making it compliant with the CCPA.

Although the rules share similarities, there are differences. And your privacy policy will have to be retooled to comply with the CCPA standards. According to the CCPA guidelines, privacy policies must inform consumers about:

The personal information categories the business has collected.

The intended use purposes for each category.

In addition, you must also include disclosures if you collect additional personal information categories or use collected personal information for unrelated purposes.

Companies must be diligent about identifying where their privacy policies live across their digital properties. Each and every one of these must be updated appropriately and consistently maintained.

In the fast-paced digital world, privacy policies that are most effective will be designed responsively so they can be viewed and accepted on any device. And keeping a detailed version history to track changes is a smart move, too.

CCPA consumer notice requirements

Not only do you have to publish an updated and fully CCPA-compliant privacy policy, but you also have to tell your contacts about it, too.

Under the CCPA regulation, this action is called “notice” and often takes the form of an email marketing message. It can also include short-form notices such as web forms, just-in-time pop-ups in mobile apps, and even cookies banners.  It requires that “at or before the point of collection” companies reveal to consumers the categories of personal information the company collects and for what purpose the information is used by the company.

This includes personal information collected, disclosed, or sold. That means third parties involved with the business and the use of data also have to be revealed in the CCPA notice.

Most importantly, the notice should give consumers the opportunity to opt-out of the sale of their personal data.

Automate CCPA compliance with technology

Implementing the CCPA requirements for privacy policies and notices can be a handful. But it doesn’t have to be this way.

Privacy management technology allows you to centrally update, host, and manage internal and external policies and notices across all digital assets. You can access libraries of CCPA-compliant privacy policy and notice templates, too.

In fact, technology automates the entire process so you can get back to what’s important.

OneTrust is an industry leader in privacy management software. To learn how it can help your business comply with the CCPA, visit OneTrust for CCPA or watch this webinar today.


You may also like

Webinar

Privacy Management

CPRA in action: OneTrust Live Demo

Join us for a deep dive tour of our suite of technology solutions for operationalizing and automating CPRA requirements across Do Not Share, Consumer Rights and privacy governance operations.

August 01, 2024

Learn more

Webinar

Privacy Management

Going beyond CCPA

Join us for an in-depth webinar on "Going Beyond CCPA," where we will explore the intricacies of privacy laws, compare major regulations, and provide guidance on enhancing your privacy policy.

July 25, 2024

Learn more

Webinar

Privacy Management

The evolution of CCPA

Join us for an insightful webinar on "The Evolution of CCPA" where we will delve into the latest amendments, understand their impact, and explore the new requirements and implications for businesses.

July 18, 2024

Learn more

Webinar

Privacy Management

Mastering data privacy: Navigating CCPA, CPRA, and beyond

Mastering Data Privacy: Expert Guidance on CCPA, CPRA, GDPR Compliance, Privacy Policy Best Practices, and Live Demo Insights

July 18, 2024

Learn more

Webinar

Consent & Preferences

Global Privacy Control: CCPA enforcement of GPC opt-out signals webinar

Watch this on-demand webinar to gain an overview of what Global Privacy Control (GPC) is, the benefits of the signal, and how it works.

October 30, 2022

Learn more

Webinar

Privacy Management

Employee vs. consumer rights: Same concept, different reality

Join this webinar to learn about the rights request fulfillment complexities introduced by the end of the employee exclusion in the CPRA.

August 25, 2022

Learn more

White Paper

Privacy & Data Governance

How OneTrust helps with California privacy law compliance (CCPA & CPRA)

This guide to California privacy law compliance helps your organization understand the requirements under the CCPA and CPRA.

June 23, 2022

Learn more

Webinar

Privacy & Data Governance

Know your laws: Comparing CCPA & CPRA vs. GDPR

Watch this free webinar and see how the CCPA and CPRA compare with the GDPR.

January 04, 2022

Learn more

eBook

Privacy & Data Governance

The ultimate guide to CCPA compliance

The Ultimate Guide to CCPA Compliance eBook highlights key compliance areas of  the CCPA that you should consider when building a privacy program.

December 01, 2021

Learn more

Webinar

Privacy Management

CCPA, CPRA, and Global Privacy Control: Moving toward a more private web

Watch this webinar to learn about Global Privacy Control (GPC), how it centralizes user opt-out preferences, and streamlines compliance with CCPA and CPRA. 

September 08, 2021

Learn more

Webinar

Privacy & Data Governance

Breaking update: New California Consumer Privacy Act

This webinar dives into the details of the California Consumer Privacy Act and how it will impact the companies handling their data.

July 23, 2021

Learn more

Infographic

Privacy & Data Governance

CCPA vs. CPRA infographic

Compare California's privacy laws: CCPA vs CPRA in this downloadable infographic.

July 22, 2021

Learn more

Infographic

Privacy Management

CDPA vs CCPA: Comparing US privacy laws

Download this infographic comparing the Virginia CDPA to the California CCPA.

July 22, 2021

Learn more

Webinar

Privacy & Data Governance

CPRA vs CCPA: What you need to know

Join us for a webinar as our legal experts discuss the key differences between the CPRA vs the CCPA.

July 22, 2021

Learn more

Webinar

Privacy Management

CCPA identity verification

In this webinar we explore options for verifying a consumer's identity and how to fully automate this process with OneTrust.

August 13, 2019

Learn more

Webinar

Privacy & Data Governance

CCPA compliance masterclass

Watch our OneTrust CCPA Masterclass Series and learn how to prepare your organization for CCPA compliance.

Learn more