On June 28, 2018, California enacted a comprehensive consumer privacy law known as the California Consumer Privacy Act of 2018 (“CCPA”) (Cal. Civ. Code §§ 1798.100-1798.199). The CCPA takes effect January 1, 2020. The CCPA grants California resident’s new rights regarding their personal information and imposes various data protection duties on certain entities conducting business in California.
Steps Sriggle has taken to become CCPA compliant:
CCPA Customer FAQ
Does my Organisation need to be compliant with the CCPA?
Under the CCPA, organisations that collect and manage personal information (including, but not limited to, names, email addresses, credit card numbers, and IP addresses) from California residents are defined as a “Business” and subject to these regulations. As your ERP or Mid-office or Back-office or website provider, Sriggle is defined as a “Service Provider” and is also subject to these regulations.
My Organisation is GDPR compliant, do we have to do anything for the CCPA?
While the CCPA incorporates several GDPR concepts, such as the rights of access, portability, and data deletion, there are several areas where the CCPA requirements are more specific than those of the GDPR or where the GDPR goes beyond the CCPA requirements. Given their comprehensiveness and broad reaches, each law may have significant impact on entities that collect and process personal data.
What steps should I take to become compliant with the CCPA?
We recommend that all Clients consider the following actions as part of their data protection efforts. Please note that the list is not exhaustive, and that Sriggle cannot provide any legal advice on what specific actions are required of your organization to become compliant with the CCPA.
- 1.Consult with your legal counsel to determine the extent of applicability of the CCPA to your business. Larger organizations may require the appointment of a data protection officer to oversee compliance regulations.
- 3.If you are a Sriggle customer, review and agree to Data Processing Addendum as part of the Sriggle Software License Agreement. This addendum names Sriggle as a Service Provider and is required for CCPA compliance.
- 4.If you are using Sriggle products or services, please review the documentation on what changes will be made to our platforms and processes in order to be compliant with the CCPA. If you have not yet received documentation, please reach out to us at firstname.lastname@example.org for more information.