The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them and the CCPA regulations provide guidance on how to implement the law. This landmark law secures new privacy rights for California consumers, including:
Businesses are required to give consumers certain notices explaining their privacy practices. The CCPA applies to many businesses, including data brokers.
GDPR is a European law that has the objective of protecting EU citizens’ personal information, and regulates how such data is collected, stored, and used.
Who does GDPR apply to?
If you have a website that collects or processes personal data of EU residents, then the GDPR will apply to you and your processing of this personal data. It does not matter what industries you work in, whether you’re a B2B or B2C business, whether you’re a for profit or non-profit, whether you’re based in the EU or not, or whether you’re specifically targeting EU customers or not. If it’s possible for your organization to collect personal data from an EU resident, even unintentionally, you’ll need to comply, and it’s important you familiarize yourself, with the various obligations of the GDPR.
Data subject rights
GDPR creates some new privacy protections for individuals:
Right to rectification – Individuals can ask that their information be updated or corrected.
Right to be forgotten – Individuals can ask that their information be permanently deleted.
Right of portability – Individuals can ask to have their information transferred to another organization.
Right to object – Individuals may seek to prohibit certain uses of their personal data.
Right of access – Individuals have the right to know what personal data that’s been collected about them and how it’s being used.
More stringent consent requirements
GDPR requires that an individual give informed, affirmative consent for each way their personal data will be collected, used, and processed. This means you’ll need to place additional opt-in statements on your forms and websites, and you won’t be able to collect, use, or process personal data until the individual has given that type of consent. You will not be able to rely on pre-ticked boxes, silence or inactivity as a basis for consent. Also, you’ll be unable to use data in any other way than what you obtained consent for. If you’d like to use the information in a new way, you’ll need to go back to the customer and get their consent.
In addition, these consent requirements will apply to all currently existing personal data you have of EU residents. If you already obtained consent from individuals as required by the GDPR, don’t worry, you don’t need new consents. If, however, the consents don’t meet the new GDPR standards, you will need to obtain new, adequate consents.
More data processing transparency
GDPR requires that individuals are given transparent information about how their personal data is going to be processed including the specific purpose for collecting the data, how long the data will be retained, and other details. Note, that this is not a comprehensive summary of all the changes GDPR brings. For more information on the key changes coming with GDPR, you can read the GDPR.
WebriQ’s commitment to protect your data
WebriQ is committed to helping users understand the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) and to comply with its requirements.
We’ll also continue monitoring best practices around GDPR and CCPA compliance and update our commitments if they change.
Types of Personally Identifiable Information (PII) we collect
Your obligations around data about your customers which you collect via WebriQ services
If you use our service to collect Personally Identifiable Information from your visitors, via form submission or other methods, you are solely responsible for its disposition.
What rights do I have regarding my information?
Residents of the European Union (EU) and California have strong rights related to the use of your data. WebriQ chooses to apply these rights to all customers regardless of location.
Under EU GDPR, EU residents rights include the following:
Under UK GDPR, UK residents rights include the following:
Under CCPA, California residents rights include the following: