California Consumer Privacy Act will come into effect on the 1st of January, 2020. If you want to make your business CCPA compliant, some adjustments to your website or e-commerce store will have to be made. And that’s where we come in! By reading the following article, you will not only learn how to make your LiveChat California Consumer Privacy Act compliant but also learn more about the Act itself.
- California Consumer Privacy Act - overview
- Handle the processing of your customers’ data
- Give your customers the right to access their data
- Let them know that they have the right to be forgotten
The California Consumer Privacy Act (CCPA) is a bill passed by the California State Legislature on June 28, 2018, which was amended and signed into law on September 23, 2018. The CCPA is set to be the toughest privacy law in the United States.
This Act will apply to a business if it, or an entity it controls or that controls it, collects or receives personal information from California residents, either directly or indirectly, and meets one or more of the following criteria:
- Annual gross revenue exceeds $25 Million;
- The entity annually receives, buys, sells or shares, directly or indirectly, the personal information of 50,000 or more California residents, devices, or households;
- 50% or more of its annual revenue is derived from the sale of personal information about California consumers.
Attorney general of the state can, according to Section, 1798.155(a) of Title 1.81.5 of the Act bring an action against any company or individual person violating the Act. The CCPA allows for fines of up to $2,500 per violation or $7,500 per intentional violation but does not place a cap on the total amount of fines. The CCPA provides businesses with a period of 30 days to remedy alleged violations of the law before a fine can actually be assessed.
Here’s the example: under the CCPA, a violation impacting 10,000 California consumers could carry a penalty of $25 million for an unintentional violation and as much as $75 million for an intentional one. Also, statutory damages can be between $100 and $750 per California resident “per incident,” or actual damages, whichever is greater. You may not receive a penalty for statutory damages once personal data are encrypted.
Now that you know if the Act applies to your company as well, let us show you how to make your LiveChat CCPA compliant!
You should remember that with CCPA, you are obliged to inform your customers that you and/or a third-party processor will gather their personal data and that you and/or a third-party processor will save cookies on their devices. There are two ways to do so:
If you run an e-commerce store where your customers can make a purchase, you can modify the agreement between you and your customer so that it will include the information about the data processing that occurs during a chat.
- If you are not using LiveChat for sales purposes, you should still inform your website visitors that you gather and process their data during a chat. To properly inform your customers and provide them with the legal consent, you can facilitate our pre-chat survey feature.
Below we will provide you with the step-by-step instruction on how to do so with the use of our pre-chat survey.
If you’d like to gather data processing consent from your customers, first visit the Pre-chat survey section of your LiveChat settings. While there, add a new Multiple choice list field.
Now you can add your data processing consent under the Label section.
Don’t forget to mark your Multiple choice list as required! If you won’t, your customers will be able to start a chat without agreeing to the consent.
As your pre-chat survey is ready now, press Save changes and you are ready to go!
If you’d like to get a better idea on how the data processing consent should look like, we prepared a few examples that you can use to adjust your pre-chat survey.
- [Data controller notice]
I understand/acknowledge that the controller of my personal data is [your company name] with its registered office in [your business address]. I understand/acknowledge that my personal data shall be processed and transmitted in accordance with the California Consumer Privacy Act (CCPA).
- [Data processing consent, purpose, retention period, revocation]
I agree for my personal data, provided via chat, to be processed by [your company name] for the purposes of providing support via chat. I agree for my personal data to be processed for the time [e.g. needed to carry out the service]. I understand that the consent may be revoked by sending an email at: [your business email/your data protection officer’s email].
- [Data processing consent, purpose, retention period]
I agree for my personal data, provided via chat, to be processed by [your company name], for the purpose of [specify the purpose of the processing], for the time of [specify the time of processing].
California Consumer Privacy Act gives your customers the right to access their data that you have processed and might have sold. At LiveChat, we are giving you the option to provide your customers with the transcript of conversations and/or tickets that they created while interacting with your chat widget – and all of that with just a few easy steps.
To provide your customer with the transcript of the requested conversation, go to the Archives section of your LiveChat. While there, pick a requested chat from the list.
Now, click on the Send transcript button, available under the More menu at the top-right side of the conversation.
You will be prompted with a modal, asking you to provide an email address. To proceed, provide your customer’s email and click on Send copy.
We will now send the transcript of the conversation to the provided email address.
Tickets at LiveChat are automatically forwarded to your customers, whenever an agent will reply to their query via email or LiveChat application. However, if your customer has deleted a ticket or simply would like to receive it again, simply go to the Tickets section of your LiveChat. While there, look for the desired entry.
Now you can resend a ticket by simply typing a message and hitting Send button, or you can forward a ticket to another email address, by adding more people.
The California Consumer Privacy Act states that:
A consumer shall have the right to request that a business delete any personal information…
You as a business owner may decline a request to delete a customer’s personal information upon receiving such request for the following reasons:
- if it is necessary for the business;
- or if your service provider needs personal information under certain conditions.
However, if you will ever face such a request and you will have no reason to decline, we prepared an internal procedure that will allow you to remove the requested conversation or a ticket from your LiveChat license. What’s more, we’ll take care of the hard part for you.
All you have to do is to tag a chat or a ticket that you would like for us to remove. You can create a separate tag and name it Delete, so that you will use it only when such request will arise.
After tagging a conversation or a ticket, send us an email at firstname.lastname@example.org, asking us to remove all the transcripts and/or tickets, marked with a specified tag.
After receiving an email, we will remove all of the requested data as soon as possible. Also, after fulfilling your request, one of our Support Heroes will send you an email confirmation, letting you know that the process has been taken care of.
If you have any questions about making your LiveChat CCPA compliant, feel free to start a chat with one of our Support Heroes. They are available 24/7 and are always ready to provide you with additional information on adjusting your LiveChat license.