CCPA

On June 28, 2018, California enacted a comprehensive consumer privacy law known as the California Consumer Privacy Act of 2018 (“CCPA”) (Cal. Civ. Code §§ 1798.100-1798.199). The CCPA takes effect January 1, 2020. The CCPA grants California resident’s new rights regarding their personal information and imposes various data protection duties on certain entities conducting business in California.

Steps Sriggle has taken to become CCPA compliant:

• Changed systems, contracts, privacy policies, and processes to comply with the CCPA.
• Trained employees on details and obligations of the regulations.
• Built communication channels to inform clients of all updates and recommendations related to the CCPA.
• Rewrote our Data Processing Addendum and Privacy Policies to comply with the CCPA.

For additional information, please read our updated Privacy Policy here or contact us at privacy@sriggle.tech for more information.

CCPA Customer FAQ

Does my Organisation need to be compliant with the CCPA?

Under the CCPA, organisations that collect and manage personal information (including, but not limited to, names, email addresses, credit card numbers, and IP addresses) from California residents are defined as a “Business” and subject to these regulations. As your ERP or Mid-office or Back-office or website provider, Sriggle is defined as a “Service Provider” and is also subject to these regulations.

My Organisation is GDPR compliant, do we have to do anything for the CCPA?

While the CCPA incorporates several GDPR concepts, such as the rights of access, portability, and data deletion, there are several areas where the CCPA requirements are more specific than those of the GDPR or where the GDPR goes beyond the CCPA requirements. Given their comprehensiveness and broad reaches, each law may have significant impact on entities that collect and process personal data.

What steps should I take to become compliant with the CCPA?

We recommend that all Clients consider the following actions as part of their data protection efforts. Please note that the list is not exhaustive, and that Sriggle cannot provide any legal advice on what specific actions are required of your organization to become compliant with the CCPA.

1. 1.Consult with your legal counsel to determine the extent of applicability of the CCPA to your business. Larger organizations may require the appointment of a data protection officer to oversee compliance regulations.
2. 2.Review and update your privacy policy with your legal counsel to be compliant with the CCPA. As a “Business” (as defined under the CCPA), clients are required to inform all website users of the data processing activities taking place on the client’s website and booking engine. Please ensure that your privacy policy communicates how you are using Sriggle and other similar Service Providers.
3. 3.If you are a Sriggle customer, review and agree to Data Processing Addendum as part of the Sriggle Software License Agreement. This addendum names Sriggle as a Service Provider and is required for CCPA compliance.
4. 4.If you are using Sriggle products or services, please review the documentation on what changes will be made to our platforms and processes in order to be compliant with the CCPA. If you have not yet received documentation, please reach out to us at privacy@sriggle.tech for more information.