Personal information, or data, includes names, addresses, and credit card information–standard information customers give when signing up for a mailing list, creating an account, or placing an order.
There is also state, federal and even international liability for not adhering to privacy laws. For example, if your business has customers in a state or country with a data privacy law, your business should follow that law, even if your business is not physically located in that state or country. In the 21st century, customer bases are scattered across the world which invoke among others:
• European Union General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• Virginia Consumer Data Protection Act
• Colorado Privacy Act
• And others, like the Children’s Online Privacy Protection Act (COPPA), which applies when your website targets children under the age of 13.
There are costly penalties for not following these laws. For example, the CCPA is enforced by the California Attorney General’s Office, and fines can reach $7,500 for each intentional violation of the CCPA. Sect. 1798.155(a).
Read more in our blog post on Why Privacy Policies Should be at the Top of Your To-Do List.
• Where are your customers located, i.e., what laws apply?
• What personal information does your business collect?
• How does your business store and protect data?
• Who does your business share data with?
Why Work With Counsel?