Get ready for CCPA!

Krzysztof Kraus
9 min read
updated: Aug 12, 2020

California Consumer Privacy Act will come into effect on the 1st of January, 2020. If you want to make your business CCPA compliant, some adjustments to your website or e-commerce store will have to be made. And that’s where we come in! By reading the following article, you will not only learn how to make your LiveChat California Consumer Privacy Act compliant but also learn more about the Act itself.

California Consumer Privacy Act - overview

What is the California Consumer Privacy Act?

The California Consumer Privacy Act (CCPA) is a bill passed by the California State Legislature on June 28, 2018, which was amended and signed into law on September 23, 2018. The CCPA is set to be the toughest privacy law in the United States.

Who should be concerned about it?

This Act will apply to a business if it, or an entity it controls or that controls it, collects or receives personal information from California residents, either directly or indirectly, and meets one or more of the following criteria:

  1. Annual gross revenue exceeds $25 Million;
  2. The entity annually receives, buys, sells or shares, directly or indirectly, the personal information of 50,000 or more California residents, devices, or households;
  3. 50% or more of its annual revenue is derived from the sale of personal information about California consumers.

What are the penalties for not following CCPA regulations?

Attorney general of the state can, according to Section, 1798.155(a) of Title 1.81.5 of the Act bring an action against any company or individual person violating the Act. The CCPA allows for fines of up to $2,500 per violation or $7,500 per intentional violation but does not place a cap on the total amount of fines. The CCPA provides businesses with a period of 30 days to remedy alleged violations of the law before a fine can actually be assessed.

Here’s the example: under the CCPA, a violation impacting 10,000 California consumers could carry a penalty of $25 million for an unintentional violation and as much as $75 million for an intentional one. Also, statutory damages can be between $100 and $750 per California resident “per incident,” or actual damages, whichever is greater. You may not receive a penalty for statutory damages once personal data are encrypted.

Now that you know if the Act applies to your company as well, let us show you how to make your LiveChat CCPA compliant!

Handle the processing of your customers’ data

You should remember that with CCPA, you are obliged to inform your customers that you and/or a third-party processor will gather their personal data and that you and/or a third-party processor will save cookies on their devices. There are two ways to do so:

  1. If you run an e-commerce store where your customers can make a purchase, you can modify the agreement between you and your customer so that it will include the information about the data processing that occurs during a chat.

  1. If you are not using LiveChat for sales purposes, you should still inform your website visitors that you gather and process their data during a chat. To properly inform your customers and provide them with the legal consent, you can facilitate our pre-chat survey feature.
Note that, in both cases, you have to make sure that the agreement and/or the consent will match your business agenda, based on what data are you processing, for what purpose or for how long you keep them.
Note that, in both cases, you have to make sure that the agreement and/or the consent will match your business agenda, based on what data are you processing, for what purpose or for how long you keep them.

Below we will provide you with the step-by-step instruction on how to do so with the use of our pre-chat survey.

Adjust your pre-chat survey

If you’d like to gather data processing consent from your customers, first visit the Pre-chat survey section of your LiveChat settings. While there, add a new Multiple choice list field.

Now you can add your data processing consent under the Label section.

Don’t forget to mark your Multiple choice list as required! If you won’t, your customers will be able to start a chat without agreeing to the consent.

As your pre-chat survey is ready now, press Save changes and you are ready to go!

Please note that when you invite customers to chat manually, the pre-chat survey will not be displayed even if it is enabled.
Please note that when you invite customers to chat manually, the pre-chat survey will not be displayed even if it is enabled.

If you’d like to get a better idea on how the data processing consent should look like, we prepared a few examples that you can use to adjust your pre-chat survey.

Note that provided data protection consents and clauses are to be considered as general examples. Make sure that the agreement and/or the consent will match your business agenda, based on what data are you processing.
Note that provided data protection consents and clauses are to be considered as general examples. Make sure that the agreement and/or the consent will match your business agenda, based on what data are you processing.
  1. [Data controller notice]
    I understand/acknowledge that the controller of my personal data is [your company name] with its registered office in [your business address]. I understand/acknowledge that my personal data shall be processed and transmitted in accordance with the California Consumer Privacy Act (CCPA).
  1. [Data processing consent, purpose, retention period, revocation]
    I agree for my personal data, provided via chat, to be processed by [your company name] for the purposes of providing support via chat. I agree for my personal data to be processed for the time [e.g. needed to carry out the service]. I understand that the consent may be revoked by sending an email at: [your business email/your data protection officer’s email].
  1. [Data processing consent, purpose, retention period]
    I agree for my personal data, provided via chat, to be processed by [your company name], for the purpose of [specify the purpose of the processing], for the time of [specify the time of processing].

Give your customers the right to access their data

California Consumer Privacy Act gives your customers the right to access their data that you have processed and might have sold. At LiveChat, we are giving you the option to provide your customers with the transcript of conversations and/or tickets that they created while interacting with your chat widget – and all of that with just a few easy steps.

Copy of chat transcripts

To provide your customer with the transcript of the requested conversation, go to the Archives section of your LiveChat. While there, pick a requested chat from the list.

Now, click on the Send transcript button, available under the More menu at the top-right side of the conversation.

You will be prompted with a modal, asking you to provide an email address. To proceed, provide your customer’s email and click on Send copy.

We will now send the transcript of the conversation to the provided email address.

Copy of tickets

Tickets at LiveChat are automatically forwarded to your customers, whenever an agent will reply to their query via email or LiveChat application. However, if your customer has deleted a ticket or simply would like to receive it again, simply go to the Tickets section of your LiveChat. While there, look for the desired entry.

Now you can resend a ticket by simply typing a message and hitting Send button, or you can forward a ticket to another email address, by adding more people.

Let them know that they have the right to be forgotten

The California Consumer Privacy Act states that:

A consumer shall have the right to request that a business delete any personal information…

You as a business owner may decline a request to delete a customer’s personal information upon receiving such request for the following reasons:

  • if it is necessary for the business;
  • or if your service provider needs personal information under certain conditions.

However, if you will ever face such a request and you will have no reason to decline, we prepared an internal procedure that will allow you to remove the requested conversation or a ticket from your LiveChat license. What’s more, we’ll take care of the hard part for you.

How does the procedure look like?

All you have to do is to tag a chat or a ticket that you would like for us to remove. You can create a separate tag and name it Delete, so that you will use it only when such request will arise.

Not using tags at LiveChat or not entirely sure how to create a new one? Click here to learn more!
Not using tags at LiveChat or not entirely sure how to create a new one? Click here to learn more!

After tagging a conversation or a ticket, send us an email at support@livechatinc.com, asking us to remove all the transcripts and/or tickets, marked with a specified tag.

After processing your initial request, we may ask you to send us a verification email from the email address that is registered under your LiveChat subscription. Such email should include the first 5 characters of your API key. If you don’t know how to find your API key, click here.
After processing your initial request, we may ask you to send us a verification email from the email address that is registered under your LiveChat subscription. Such email should include the first 5 characters of your API key. If you don’t know how to find your API key, click here.

After receiving an email, we will remove all of the requested data as soon as possible. Also, after fulfilling your request, one of our Support Heroes will send you an email confirmation, letting you know that the process has been taken care of.

Questions?

If you have any questions about making your LiveChat CCPA compliant, feel free to start a chat with one of our Support Heroes. They are available 24/7 and are always ready to provide you with additional information on adjusting your LiveChat license.

Was this article helpful?

Got it!

Thanks for your feedback.

Thank you!

We’re happy to help.

RELATED ARTICLES

Prepare live chat for HIPAA and PCI compliance

Making LiveChat HIPAA compliant is now possible, with a dedicated guide that will show you how to prepare both, your chat and LiveChat app for agents!

Read the article

Prepare your chat for GDPR!

Making LiveChat GDPR compliant is our number one priority, that is why we prepared a short article that will help you adjust your chat window as well!

Read the article

Start using LiveChat now!

Free 14-day trial Team plan features No credit card required

Still not convinced? Discover all LiveChat features

Discover our other products