California Consumer Privacy Act (hereafter, “CCPA”) is a California privacy law that is effective as of January 1, 2020.
Under CCPA, California consumers have several added rights and privileges that serve to protect their personal information from being used in a way that the consumer does not agree with. This notice is in place to comply with the California Consumer Privacy Act (CCPA) of 2018 that went into effect as of January 1, 2020.
A consumer has the right to request and know what categories of information and what personal information we collect, how we collect it, and for what purpose we collect it.
CONSUMER’S RIGHT TO DEMAND DISCLOSURE
You have the right to demand that we disclose what categories of information we have or are collecting about you and what personal information we have collected or are collecting about you.
In an effort to maintain full compliance, we are disclosing the categories of information that we generally collect from and/or about consumers.
As a consumer, you are free to request disclosure of your information at no extra charge to you if you make such requests no more than twice (2) during a 12-month period.
General Information We Collect
We generally collect personal information, as listed under CCPA, in the form of:
- first name
- last name
- email address
- IP address
- products purchased
- address (for charging the credit card or bank account)
- payment method (whether paid via PayPal or Stripe) [note, I don’t retain actual credit card information-all of that is done via third-party providers like PayPal or Stripe]
- IP Address through Google Analytics
- Referral sources
- Facebook Pixel also collects data on social profiles
We collect the consumer information stated above through:
- Opt-in forms by offering free resources
- Opt-in forms by asking people to join my email list
- purchase/order forms when purchasing a product
- Google Analytics
- Facebook Pixel
You have the right to request disclosure of the personal information we collected about you by contacting us at email@example.com
CONSUMER’S RIGHT TO REQUEST DELETION OF PERSONAL INFORMATION
Under CCPA, a consumer has the right to contact the business that collected personal information about the consumer and request the deletion of that information.
There are certain limited circumstances under which the business does not have to comply and delete the information, as follows:
- To provide and complete the transaction for which the information was collected in the first place (for example, selling and delivering goods and services);
- To be in compliance with a legal obligation;
- To carry out and be compliant with another legal requirement; and
- To keep the information for internal use that is reasonable to the consumer.
CONSUMER’S RIGHT TO DEMAND DISCLOSURE IN CASE OF SALE
As a consumer, you have the right to request full disclosure if a business sells or transfers your personal information for a business purpose. You have the right to know what specific information has been sold or transferred, to whom, and for what business purpose.
We do not sell personal information we collect from consumers.
However, in the event we do so within the next 12 months, you will be given the option to opt-out if you do not wish for your personal information to be sold.
The consumer has the right to request that we disclose what category of information we sold, the specific pieces of information we sold, to whom we sold it, and for what business purpose we sold it. Consumers can make this request by contacting us at firstname.lastname@example.org
CONSUMER’S RIGHT TO REQUEST THAT A BUSINESS DOES NOT SELL THEIR INFORMATION
Under CCPA, a consumer has the right to request that a business that collected personal information about the consumer does not sell that information to anyone.
In our efforts to comply with the CCPA, you can find a “Do Not Sell My Personal Information” link in the footer of our website. If there is a field asking for your email address, please be sure to include the same email you opted in with.
If and when you select “Do Not Sell My Personal Information,” you will be marked as an opt-out. Therefore, you can be sure that your personal information and other general data collected about you will never be sold.
OUR BUSINESS WILL NOT DISCRIMINATE AGAINST ANY CONSUMER
If you choose to exercise your right and request that we never sell your information, in accordance with CCPA, we will not and cannot discriminate against you for choosing to exercise your right.
You will have access to the same services at the same prices as everyone else. The quality and conditions of products and services you receive will be the same as everyone else, regardless of your choice to exercise your CCPA right to forbid the selling of your information.
SECURING YOUR PERSONAL INFORMATION
Under CCPA, a business that collects or receives personal information about a consumer must implement and maintain reasonable security procedures and practices.
If a business experiences a data breach, then it will be held liable if it did not implement and maintain reasonable security procedures and practices.
We do our due diligence and maintain reasonable security procedures and practices to make sure that the consumer data and private information we collect is safe and secure.
Here are the security practices we have in place to protect consumer data:
- All the systems containing consumer information (such as our email
service provider) are password protected.
- The passwords are considered strong and are not easy to figure out.
- Only two (2) people know the password.
- To make our Email Service Provider database even more secure, we change the password every 90 days.
- Our computers are protected from third-party access by having an additional password layer before a user can start working on the computer.
- In addition to the statements above, we take reasonable precautions on a daily basis to protect consumer information from unauthorized use, modification, destruction, and disclosure.
If you wish to exercise your rights under CCPA and make requests for disclosure or deletion of your personal information or disclosure about sale of information, you can contact us directly and make such requests. You can also contact us at any time if you are not happy about the way we are handling your data.
We will respond as quickly as reasonably possible. Please keep in mind that we do not have to comply with requests if you make them more than twice during a 12-month period.
Make your requests by contacting us at email@example.com
EFFECTIVE AS OF: February 16, 2020