- How the website collects and uses data, including the types of data collected, how it is used, and with whom it is shared.
- The categories of third-parties with whom your information may be shared.
- The period during which your information will be retained by the website operator and whether it will be deleted after use.
- The ability for users to opt-out of certain data collection or use.
- The ability of what the consumer wants to receive and how.
Californians have been given a slew of consumer rights protections in the California Privacy Rights Act, giving them unprecedented control over their data. Companies in and doing business in California must now provide explicit disclosures and receive consent prior to collecting or sharing any personal information from consumers – plus they’re obligated to furnish requested copies of that same info upon request.
There are several steps must take now to prepare for compliance:
- Understand your obligations under the CPRA.
- Identify the categories of information you collect from customers (e.g., name, email address, phone number, payment information).
Overall, the CPRA is an important step forward in protecting the privacy of California residents. It provides companies with a clear framework for protecting personal data, including requiring businesses to provide easy-to-understand disclosure and obtaining consent for collecting, using or sharing customer data. Furthermore, it gives consumers the right to request copies of their information from businesses, as well as allowing them better control over how companies use this data. In addition, the CPRA stands out from other state and federal laws by providing some of the most robust consumer protections yet seen in this field. There is no doubt that this law will help consumers feel more secure about their digital lives and will spur innovation in privacy technology in order to give people greater control over their data.