We write these chapters to assist organizations to effectively and efficiently IMPLEMENT new practices designed to take care of your prospect and customer while meeting the standards set by this new law. It begins with understand your obligations under the new CCPA.
Article 2. Notices to Consumers
§ 999.305 Notice at Collection of Personal Information
A. Purpose and General Principles
1. Categories of Personal Information and why you are collecting it.
2. Easy to read and understandable to an average consumer.
a) Use plain, straightforward language and avoid technical or legal jargon
b) a format that draws attention
c) in languages the business usually uses
d) accessible to consumers with disabilities
3. PI cannot be used for any purpose other than the stated purpose. If scope is revised, new permission must be requested.
4. Cannot collect more categories of PI than you are disclosing.
5. No notice. No collection.
B. Include the following in it's notice of collection
(1) list of categiries about to be collected written in a way it can be understood.
(2) each category and a statement how it will be used.
(3) if the business sells information - Do Not Sell My Info must be added
D. If you did not collection the Personal Information yourself you should:
(1) Contact the person with a notice to opt-out
(2) Contact the source of the information to:
a. confirm a Notice at Collection was executed orginally.
b. Obtain a written description of how Notice was provided with an example of the notice. This should be kept for at least 2 years.
You may also wish to read:
CCPA Explained: Article 1 General Provisions - Part 1 - Scope and Definitions