The California Consumer Privacy Act (CCPA) For Small Business

Share this article:


With each new year comes new laws most of which do not affect a majority of business owners. However, in 2020, there are a lot of questions about the California Consumer Privacy Act (CCPA). Effective January 1st, 2020 the California Consumer Privacy Act or CCPA hit the news circuit confusing many small business owners that do business in California. The CCPA is a new customer privacy law that protects personal data by providing website users with more options to opt-out of and a better understanding of how their data is being used. If you are interested here is the full text of the California Consumer Privacy Act (CCPA) AB-375. We are getting a lot of questions about CCPA, primarily if the California Consumer Privacy Act (CCPA) applies to small businesses, home-based businesses or personal websites.

Who Does CCPA Apply To?

We recommend that all businesses at the very least update their privacy policy to acknowledge CCPA. As for the actual answer, who does CCPA apply to, you might be surprised by the requirements. California businesses that share the personal information of 50,000 or more consumers, households, or devices in California must comply with CCPA. You might be thinking that is a lot of data I am just a small business, but if your website received over 50,000 visitors a year, pay attention to the ever-changing landscape of privacy laws like CCPA. You do not have to be storing customer data yourself when Google already does it for you. Google Ads remarketing lists store website visitor data to later serve them an ad to revisit your website. This is considered sharing personal data. Chances are you may have nothing to worry about in the foreseeable future, but you should keep up with what Google is doing to comply, we left some links below. This does not get you off the hook as we have to wait to see how future court cases regarding CCPA are decided. You must stay informed. Just like any other new law, the public waits in suspense to see what will happen in the courts.

Basic Rule. In general, the CCPA applies to a “business” that:

  1. does business in the State of California,
  2. collects personal information (or on behalf of which such information is collected),
  3. alone or jointly with others determines the purposes or means of processing of that data, and

satisfies one or more of the following:

(i) annual gross revenue in excess of $25 million,

(ii) alone or in combination, annually buys, receives for the business’s commercial purposes, sells, or shares for commercial purposes, alone or in combination, the personal information of 50,000 or more consumers, households, or devices, or

(iii) derives 50 percent or more of its annual revenues from selling consumers’ personal information.

To play it safe most small business owners with over 50,000 yearly website visitors that are California residences’ will want to keep with how services they use such as Google Ads, recommend compliance.

Here are some helpful links:

Google: Helping advertisers comply with CCPA in Google Ads

Google: Helping publishers comply with the California Consumer Privacy Act (CCPA)

When it comes to Facebook ads and storing your website visitor data in an audience list, there is currently not too much out there about it… We will keep you posted.

Is There A Minimum Compliance With CCPA?

We recommend that every website owner take action when it comes to new laws regarding privacy, compliance or accessibility. Here are some options to help you get ahead. These should not be considered foolproof solutions as acts such as CCPA are commonly interpreted through court cases.

Update your Privacy Policy to reflect CCPA‘s strict new transparency requirements. Don’t have a privacy policy? Contact us right away, all Stack Host hosting plans come standard with a privacy policy or free privacy policy checkup. Updating your privacy policy it a great start to get you in the habit of giving privacy matters like this attention.

What to be really safe and take the extra step? Install a CCPA WordPress plugin to get the required CCPA customer pop-up on your website. One of the first plugin options available for WordPress is from CookiePro you can download it here. You might read over the full text of CCPA and think it is overkill to have a pop-up or you might just wanna be safe.

Consult an Internet Privacy lawyer if you are a business in California with a significant number of California resident visitors and your website is more then half of your annual revenue.

Updating Your Privacy Policy For CCPA

Here is a very basic example of a text that might help notify California residences’ of their privacy rights. This is only an example. You must define what data you collect. This text does not adapt to your privacy policy.

It is your responsibility to write a comprehensive privacy policy, to make sure it reflects all national and international legal requirements on privacy, and to keep your policy current and accurate.

Exercising Your CCPA Data Protection Rights

In order to exercise any of Your rights under the CCPA, and if you are a California resident, You can email or call us or visit our “Do Not Sell My Personal Information” section or web page.

The Company will disclose and deliver the required information free of charge within 45 days of receiving Your verifiable request. The time period to provide the required information may be extended once by an additional 45 days when reasonably necessary and with prior notice.

Do Not Sell My Personal Information

We do not sell personal information. However, the Service Providers we partner with (for example, our advertising partners) may use technology on the Service that “sells” personal information as defined by the CCPA law.

A WordPress Website Hosting Company That Helps With Your Privacy Policy

At Stack Host, we provide more than just managed WordPress Hosting Plans each hosting plan comes with a privacy policy checkup to ensure that you are more compliant and attentive to your user’s privacy requirements. If you do not have a privacy policy we will get you set up with a basic privacy policy that you can edit at any time. We recommend privacy policies are updated at least once a year and at Stack Host, we will help to keep you in the loop and even make recommended changes.

More to explorer

Want to get the most out of your website? Subscribe for great tips on WordPress, SEO, and marketing.

This site is protected by Google’s reCAPTCHA. Google Privacy Policy and Terms of Service apply.

Leave a Reply

Your email address will not be published.