CCPA and My Dealership: What You Need to Know About the New California Data Privacy Law
Starting January 1st, 2020, the California Consumer Privacy Act (CCPA) will take effect. This new California data privacy law aims to protect consumers and their private data. What does this mean for your dealership? We’ve covered the basics in this article – let’s get started!
What is the California Consumer Privacy Act (CCPA)?
The CCPA was passed in June of 2018, officially known as AB-375, in California. The CCPA tackles the security of private information or data, and it has been compared to the GDPR (General Data Protection Regulation) passed in the EU. The intention of the CCPA is to provide the residents of California the right to have more control over their personal data. However, if you serve California residents, then the CCPA may apply to you as well.
Up until now, companies were able to do whatever they wanted with consumer data, or at least for the most part. Companies like Facebook and Amazon have been under fire for selling consumer data without permission from their users. The CCPA works to bring back power to the consumers.
The CCPA will require companies to let consumers know what personal information about them has been collected. Here are some of the requirements:
- Parental or guardian consent for minors under 13
- Websites must include a button that says “Do Not Sell My Personal Information” and delete consumer data if requested
- Businesses can’t deny services or charge higher prices to consumers who wish to have their personal information deleted
- A minimum requirement of a toll-free telephone to allow data access request submissions
- Update privacy policies that include information about the CCPA
Failure to comply with the California Consumer Privacy Act will result in a fine up to $7,500 for each intentional violation. For cases successfully argued as unintentional violations, the fee will be up to $2,500.
Does the CCPA affect auto dealers? Does my dealership need to comply with the CCPA?
Any business that meets one of the three criteria and serves residents in California, regardless of if they are based in California or have a storefront, must comply with the CCPA:
- Companies that have $25 million in annual revenue or more
- Companies that have personal data for at least 50,000 people
- Companies that collect more than half of their revenues from the sale of personal data
So, if you sell cars or car parts to California residents or you offer auto services to residents in California, you may want to see if you are required to comply with the CCPA.
What counts as personal data under the CCPA?
Personal information is defined by the CCPA as information that can be reasonably linked with a particular consumer or household, including, but not limited to:
- • Name and signature
- Physical characteristics
- Phone number
- Address
- Social security number
- Credit card or debit card number
- Driver’s license number
- Employment
- Bank account number
- Health insurance information
For many larger dealerships that use a CRM or have large marketing efforts, you may want to check and see if you fit any of the criteria for CCPA compliance.
What should I do if my dealership is required to comply with the CCPA?
AutoJini can help ensure that your dealership website is CCPA compliant. We’ll help you implement the necessary buttons and forms on your dealer site. Call us at 515-232-2024, or send us a message today.