California Consumer Privacy Act – CCPA Compliance Training

Today, people share their personal information every day. Every time you sign up to a new online service, apply for an online discount code, make an online purchase, or use your reward card, you’re sharing personal data.

Cookies, pixels, and other tracking devices are dropped on our browsers when we visit websites track us across time and services, and help marketers build profiles on us and send us targeted ads.

Any business that collects and processes personal information is responsible for ensuring that all employees whose duty it is to handle consumer personal information or inquiries are fully trained and understand the consumers’ rights under the CCPA and know how to direct consumers to exercise those rights.

Compliance Training - Responsiveness
iPhone, Android, Tablet, and desktop devices – seamless playback and tracking
Compliance Training - Easiness
Easily add your own learning screens to enhance stock content
Compliance Training - Single Enterprice Licence
Single enterprise licence covers your entire workforce, including contractors
Compliance Training - Availability
Available in 20+ languages, with compliance training resources for local market regulations
THIS MODULE COVERS...

Video: Provide an overview of what the CCPA is and why it was implemented.

Interactive Screen: The impact the CCPA has on how we handle personal information. CCPA definition of personal information. Why it is important that we protect personal information.

Interactive Screen: Rules around collecting and handling personal information; Notice and Purpose, Access and Disclosure, Security and Accountability, Consent.

Scenario: Scenario around how personal information can be used to identify an individual.

Key Learning: All businesses have a legal obligation to tell customers what information they collect, the purpose for using it, and who it’s sold to. This gives customers more control over their personal information, as they can request businesses to delete their information, as well as opt out of the sale of their personal information.

Assessment: Five-question quiz on the content presented in this topic.

Video: Who does the CCPA apply to, exceptions to the CCPA, penalties for violations, consequences of failing to protect personal information.

Interactive Screen: Consumer rights; Right to Notice, Right to Request and Receive Disclosures, Right to Data Portability, Right to Deletion, Right to Opt Out, Right to Equal Service and Price.

Scenario: Scenario around the right to opt out and how that is communicated to consumers.

Key Learning:  Any business that sells a customer’s personal information is legally required to notify the customer that their information is being, or has been, sold to a third party. They are also obliged to notify customers of their right to opt out and provide a link on their home page that enables them to do so.

Assessment: Five-question quiz on the content presented in this topic.

Interactive Screen: What are our responsibilities under the CCPA; vendor management, sharing personal information with third parties, providing the capability for consumers to submit requests, training requirements, “do not sell my personal information” option.

Scenario: Scenario around working with vendors.

Key Learning In order to comply with the CCPA, it is our responsibility to ensure that any vendors who process our customers’ personal information on our behalf are also compliant with CCPA laws.

Scenario: Scenario around working with third parties.

Key Learning: The CCPA laws restrict the sale of personal data to third parties; however, the term “selling” has a broad definition. A business may not necessarily receive payment in exchange for personal information, yet it could still be considered a sale of data.

Assessment: Five-question quiz on the content presented in this topic.

Summary screen that wraps up the module and provides details of where to go to speak up.

Attestation screen.

More About the California Consumer Privacy Act – CCPA Compliance Training

California public policy has determined that consumers should be able to control their privacy, and feel confident knowing their personal information is secure. Therefore, as a business that collects, holds, and processes that information, there are rules we need to follow to ensure we are protecting our California customers’ personal information at all times, as well as protecting their right to control the personal information we collect from them.

What Is Personal Information?

The CCPA defines personal information as any “information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household,” including, but not limited to:

  • Identifiers such as a real name, alias, postal address, unique identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
  • All categories of personal information outlined in Civil Code 1798.80 et. seq., essentially personal records.
  • Characteristics of protected classifications under California or federal law, such as race, gender, religion, and sexual orientation.
  • Commercial information; including records of property, products, or services purchased, obtained, or considered; or other purchasing or consuming histories or tendencies.
  • Biometric data such as fingerprints and DNA.
  • Internet or other electronic network activity information including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with a website, application, or advertisement.
  • Geolocation data.
  • Audio, electronic, visual, thermal, olfactory, or similar information.
  • Professional or employment-related information.
  • Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act.
  • Inferences drawn from any of the information identified above.
  • Any of the categories of information set forth in this subdivision as they pertain to the minor children of the consumer.

Publicly available, aggregate, or de-identified information is not considered to be personal information.

Why Must We Protect Personal Information?

Californians worry about their personal information falling into the wrong hands. They know that when that happens, it not only takes away their ability to control their own personal information and how it’s used, but it also exposes them to potential harm. For this reason, consumers take privacy and control over their personal information very seriously.

Using Customer Information

All businesses have a legal obligation to tell customers what information they collect, the purpose for using it, and the kinds of companies to which it is sold. This gives customers more control over their personal information, as they can request businesses to delete their information, as well as opt out of the sale of their personal information.

Book a Demo