California Consumer Privacy Act Information
California just passed the California Consumer Privacy Act of 2018, Cal. Civ. Code §§ 1798.100et seq. (CCPA), which will require U.S. companies to implement a number of similar privacy initiatives, which will afford California residents unparalleled (in the United States) data privacy rights. The law takes effect on January 1, 2020, and the following summarizes the law, including who it applies to.
What Businesses Must Comply with the CCPA?
Subject to a number of exceptions, discussed below, the CCPA covers every “business” that collects and sells consumer “personal information” or discloses personal data for a business purpose.
Going through the relevant definitions, a “business” is a for-profit legal entity doing business in California that collects personal information regarding California residents. Following well-established jurisprudence, the scope of “doing business” in California applies to companies that sell goods or services to California residents even if the business is not physically located in California. Its application beyond U.S. borders could significantly expand the impact of the legislation.
Not all business qualify. To fall within the scope of the CCPA, the business must also meet one of the additional three criteria:
- Have $25 million or more in annual revenue; or
- Possess the personal data of more than 50,000 “consumers, households, or devices” or
- Earn more than half of its annual revenue selling consumers’ personal data.
McGills Warehouse does not sell consumer “personal information” or disclose personal data for a business purpose. We collect personal data that is relevant to processing your order for goods you purchase on our website PERIOD.