October 28, 2019 | Dan Diaz-Gilligan | Compliance Analyst
Of the hot-button issues we hear about in our increasingly digital lives, consumer data privacy is always near the top.
At Spinnaker Support, we closely follow and comply with upcoming and new laws, like the European Union’s General Data Protection Regulation (GDPR), that impact our customers and other contacts data. We also have an ISO/IEC 27001:2013 certification for managing sensitive company information.
The California Consumer Privacy Act Is Coming Soon
If you haven’t heard yet, the California Consumer Privacy Act (CCPA) is set to take effect January 1, 2020, with enforcement beginning July 1, 2020.
Similar to GDPR, this new law is considered to be the most expansive and explicit such data privacy law yet in the United States. The intentions of the CCPA are to provide California residents with the right to:
- Know what personal data is being collected about them.
- Know whether their personal data is sold or disclosed and to whom.
- Say no to the sale of personal data.
- Access their personal data.
- Request a business delete any personal information about a consumer collected from that consumer.
- Not be discriminated against for exercising their privacy rights.
In short, the CCPA is designed to give CALIFORNIA consumers (but not consumers in the other 49 states and territories) more control over their personal information. Its impact will reach beyond the borders of California TO ANYONE DOING BUSINESS WITH PEOPLE OR BUSINESSES IN THE STATE.
The CCPA applies to any business that does business in California and satisfies at least one of the following thresholds:
- Has annual gross revenues in excess of $25 million;
- Possesses the personal information of 50,000 or more consumers, households, or devices; or
- Earns more than half of its annual revenue from selling consumers’ personal information.
While Spinnaker Support never has or will sell consumer information, we do satisfy the first two conditions.
What Are Spinnaker Support’s Plans?
Spinnaker Support takes your data security seriously and complies with all global data protection acts. This security philosophy is embedded in how we handle all contact data and support our customers.
Our compliance team has been well aware of the CCPA and the general global shift towards more data protection. Due to the work and processes we established for GDPR, we are set to handle this similar act. We already have in place the internal processes required to map and track where and how we store personal data.
What Should You Know about the CCPA?
If you are a citizen of California, we recommend you take a few moments to understand this new law, how it defines “personal data,” and what new responsibilities and rights you will gain when it is enacted.
You can find dozens of overviews available on the web, including thorough coverage on the American Bar Association web site. We highly recommend visiting the International Association of Privacy Professionals (IAPP) web site, which has articles, blog posts, podcasts, and more on the latest information on the CCAP.