While several data privacy laws have come into legislation in certain countries, its safe to globally follow all procedures if your customer database contains address domains known to other countries, or worse, contain vague domains like Yahoo and Gmail that could place the customer in countries where these laws are in effect. We give you the quick checklist to review.
All major businesses are familiar with or should be with The General Data Protection Regulation, or GDPR, enacted in 2016 by the European Parliament. Businesses are required to protect EU citizens’ privacy and personal data with companies that complete business within any EU country. This means insurance companies, financial companies, retail, and the like need to enable measures to protect their customers’ data from being compromised or sold.
Here are the main requirements to remain compliant, but can find a more detailed list here:
On January 1, 2020 California enable the California Consumer Privacy Act, or CCPA, which allows all California residents to know what type of personal data the business in question is collecting, and give them the option that you will not sell their data to other companies. This law differs from GDPR in that it applies to the option to sell or not sell their data, and GDPR focuses more on how and what data companies are collecting and making sure they are encrypted. In a nutshell, this law is much simpler, but if any data indicates a customer or potential customer could be in California receiving your mail or going to your website (even if there is no company presence in California), you must be compliant.
If your business yearly gross sales exceed $25 million, half your revenue selling data comes from Californian residents, or you process data involving more than 50,000 California residents. The State of California describes this Act in more detail which you can refer to.
Here are the main requirements to be CCPA Compliant:
Designating a person in your business to ensure compliance with Data Protection Acts are the best way to stay on top of compliance. Make sure that your website, email marketing program, and any other methods of communication with your customers in these areas have easy access to information on how your business is compliant with GDPR and/or CCPA.