- How does CalOPPA apply to your online business?
- What disclosure does CalOPPA require?
Table of Contents
How does CalOPPA apply to your online business?
Inform consumers about data collection
- Include the word “privacy”
- Use capital letters that are equal to or greater in size than the surrounding text
- Use a larger type of text than the surrounding text
- Use a contrasting text
Identify how the online service collects data
- The policy’s effective date.
- The categories of PII that the operator collects.
- The categories of PII that third parties collect.
The effective date is when the policy goes into effect. Any time an operator changes a business practice that concerns PII, the policy must be updated. The date of a policy change should be placed at the top of the policy with the phrase “last updated” next to the latest change date.
What disclosures does CalOPPA require?
- Does the online service have a process for consumers to view their PII?
- Do consumers have a method to request changes to their PII?
- If the website shares the consumer’s PII with third parties.
- Whether other parties may collect PII about online activities.
- How the operator notifies consumers of material changes to the policy.
- How the operator responds to browser “do not track” signals.
- The ability for consumers to exercise choice for the collection of PII.
- Whether other parties collect PII about a consumer’s online activities.
If the online service has an account interface, the operator can build in an option to allow consumers to manage their PII. This would allow the consumer to create an account that allows them to access their information as soon as they sign up for the online service.
- IP addresses
- Web beacons
- Device types
- Browser types
- Operating systems
- Geo-location data
- Have a readable format.
- Use plain language that is straightforward.
- Avoid legal language or technical jargon.
- Provide contact information for questions regarding privacy practices.
Alice has a Juris Doctor from the Stetson University College of Law and is a licensed attorney in Florida. She is a Certified Information Privacy Professional (CIPP/US), a Certified Ethical Hacker (C|EH), and has the CompTIA Security+ certification. She currently serves on The Florida Bar Journal/News Editorial Board.