CCPA & CPRA

CCPA & CPRA

What is CCPA & CPRA?

  • The California Privacy Rights and Enforcement Act (CPRA) is a law that was passed on November 4, 2020. The CPRA brings about changes to the prior law on data protection & privacy in California, the California Consumer Privacy Act (CCPA). These changes will come into effect on January 1, 2023. The CPRA aims to cover under its ambit, the information collected during the course of January 1, 2022, to July 1, 2023. It is applicable to business that deals with the information of at least 100,000 California residents. On the lines of GDPR, it isn’t necessary for the business to be located in California, if the business as much as interacts with the residents of California, it shall be subject to its compliance.
  • Businesses/organizations are required to comply with all the requirements as mentioned under the CCPA, and we know that the compliance part can get tiresome and complex at times, which is why, we at Tsaaro, do the compliance task on behalf of your organization and ensure all the requirements are meet accordingly.

Our Approach

  • Our team of experienced data protection & privacy professionals ensure that all the compliance requirements as mandated by the CCPA is fully met and complied by your organization/business. The process includes- ensuring rights of the data subjects are not affected during the processing activities of the organization/business, drafting privacy, and other policies on behalf of your organization and many other requirements as mandated by the law.

Fine:

1.Failure to comply with CCPA shall invite a fine of 7500$ per violation for businesses, and 750$ per affected person.
2.Monetary penalties to the tune of 10 million $ or 3%, of the gross global revenue of an organisation, whichever higher, are imposed for violating the CPPA provisions.

What is CPRA?

  • CPRA applies to California businesses that make a profit of more than $25 million yearly and collect, utilise, and distribute personal information about California residents.
  • The CPRA aims to supplement, upgrade and build upon the CCPA and shall replace it when it takes full effect from July, 2023. It covers under its ambit, the information collected during the course of January 1, 2022, to July 1, 2023.
  • Is applicable to business that deals with the information of at least 100,000 California residents. On the lines of GDPR, it isn’t necessary for the business to be located in California, if the business as much as interacts with the residents of California, it shall be subject to its compliance.

The salient features include:

  • CPRA acts as a surveillance and enforcement tool for checking CCPA compliance.
  • A special designation is given to Sensitive Personal Data.
  • More legal recourses for those falling prey to data thefts and related inconveniences.
  • Tripled fines and stricter penalties for crimes involving minors to ensure their protection.
  • Restrictions on tracking of data.
  • Provision of reporting, managing and making alterations to incorrect personal information/data for consumers.

Fine:

Monetary penalties to the tune of 10 million $ or 3%, of the gross global revenue of an organisation, whichever higher, are imposed for violating the CPPA provisions.

How our privacy team can help

If your organisation is fully compliant to the CCPA & CPRA-
  • It will protect your organisation from hefty penalties for non-compliance.
  • Helps in improving customers’ and investors’ trust in your organisation.
  • We at Tsaaro, will ensure data protection by design for your organisation.

How our privacy team can help

If your organisation is fully compliant to the CCPA & CPRA-
  • It will protect your organisation from hefty penalties for non-compliance.
  • Helps in improving customers’ and investors’ trust in your organisation.
  • We at Tsaaro, will ensure data protection by design for your organisation.

Why Us?

At Tsaaro, our privacy team comprises of experienced lawyers and InfoSec professionals.

Together we ensure that your organisation is compliant with all regulatory requirements along with best possible technical and infrastructural solutions.

We provide personalised plans to our customers to inculcate data protection by design and by default in their processes in a cost efficient manner.

dpo data protection
dpo data protection

Why Us?

At Tsaaro, our privacy team comprises of experienced lawyers and InfoSec professionals.

Together we ensure that your organisation is compliant with all regulatory requirements along with best possible technical and infrastructural solutions. We provide personalised plans to our customers to inculcate data protection by design and by default in their processes in a cost efficient manner.