California Consumer Privacy Act: What Retailers Need to Know and How Nosto Prepared For It
The California Consumer Privacy Act (CCPA) will be in effect from January 2020 if you are a California-based business that serves clients. The CCPA will fundamentally change how businesses collect and process personal data from California residents. It follows the trend set by the EU General Data Protection Regulation, which was implemented in 2018.
We have compiled a list of things you need to know and questions you might ask yourself about CCPA.
What is the CCPA?
The California Consumer Privacy Act is a Californian data protection law that gives consumers new rights regarding the collection of personal information. The term “consumer” is used in the context of the CCPA to refer to a California resident. The CCPA fundamentally changes the U.S.’s approach to data protection – it strengthens data protection for all people who interact with these companies.
Although CCPA is a Californian regulation it could also be applicable to U.S. businesses outside of California.
It could also apply to U.S. businesses located outside of California. The CCPA is a binding regulation that applies across California. However, it also has implications for businesses outside of California that process California residents’ data.
An organization (“business”) is subject to the CCPA obligations
1. is for-profit
The Global Awarded Magento POS – 2021 Stevie Awards Product Innovation winner provides you with a powerful Magento 2 POS extension as well as 24/7 support
2. Collects personal information about consumers, or for which it is collected
3. Determines the purpose and method of processing consumers’ personal data
4. Does business exist in California
5. Meets any of the following thresholds
- Has an annual gross revenue exceeding $25 million
- Annually, alone or in combination, buys, receives, sells or shares commercially the personal information of at least 50,000 consumers, households, devices, or other individuals.
- It derives at least 50% of its annual revenue from the sale of personal information to consumers.
Online retailers located outside California must process the data of California residents according to the CCPA. This applies not only to the legislation at the retailer’s physical location. We have made changes to our customer base regardless of where they are located. This allows all Nosto-powered retailers to be CCPA compliant.
What preparations has Nosto made for CCPA?
Data privacy is something we take very seriously. We consider data privacy a major milestone. In preparation for the GDPR, we refined our processes to meet the requirements of the regulation. The CCPA is similar in many ways to the GDPR, and therefore has not required significant changes to our infrastructure.
What data types are collected?
Nosto allows merchants to manage the personal data gathered from consumers. It also has tools that assist Nosto-powered retailers with meeting the CCPA requirements.
The Nosto Service can collect the following data types. First name, last name and email address.
The functionality of Nosto will be affected if data types are disabled. Disabling email will stop Nosto sending triggered emails, for example.
How can I manage the Nosto Service data?
Nosto-powered merchants can access the Nosto Service’s back-end to extract and/or delete data. This will allow retailers to comply with data deletion or disclosure requests from consumers.
What other information do I need to know about CCPA
Businesses must inform their end-users of the information they collect and how it will use. You may be required to provide links or information on your website. To ensure compliance with these obligations, it is a good idea to seek legal advice.