Software Disclosure Requirements: CCPA and GDPR

PublisherSol Minion Developmenthttps:https://assets.solminion.co/logo.svgPublished Compliance data securitydata managementpolicies

It’s time to start caring. First introduced as law back in 1995, GDPR (General Data Protection Regulation) became enforceable in 2018. Most small businesses were not too concerned with GDPR and compliance, as they were not doing business within Europe. However, California brought the data compliance game straight to the US. So, what will that mean for you and your business software?

What Is GDPR & CCPA Compliance?

Both GDPR and the CCPA (California Consumer Privacy Act, along with its update, the California Privacy Rights Act (CPRA) -- see below) aim to protect consumers’ data and privacy by regulating how businesses protect that data and privacy.

Here is what you need to know about GDPR:

And for CCPA:

How does CCPA differ from GDPR?

Both the CCPA and GDPR cover notifying customers of a data breach, instituting privacy policies, providing access to and control of personal data, and empowering consumers to take action to protect their data.

What About CPRA?

The California Privacy Rights Act (CPRA) is basically an update to the CCPA that came as a ballot measure from the California voters. The parts related to the CCPA become official on January 1st, 2023. The primary outcome of the law is the creation of the California Consumer Protection Agency, which will have the authority to regulate consumer protections and enforce the CCPA, even though it is the California Attorney General who has ultimate enforcement duties.

Do We Need To Comply With CCPA?

The CCPA is required of any company doing business with California residents and has at least $25 million in annual sales. However, it also applies to any business storing data on at least 50,000 people or that earns more than 50% of revenue from selling personal data.

Even if your business is well below those numbers, we suggest building your software and technology -- and training your team -- to comply. These regulations set out some best practices when it comes to data protection and cybersecurity, and we believe that companies of any size need to protect their customers’ data.

What It All Means For Your Business

If you’re at all concerned about complying with either CCPA or GDPR, let us help you understand what you need to know to protect your customers and your business.

Contact us to schedule a review of your technology.