If you have customers in California then you probably already know, that the State of California, is introducing new privacy legislation (“CCPA“) on January 1st, 2020. Because of the potential impact of this legislation on your business we recommend taking the time to understand how CCPA may affect you.
CCPA is similar to GDPR (European General Data Protection Regulation) in that its’ main themes are:
- Regulating the obtaining and storage of Personal Identifiable Information (PII)
- Regulating the sharing and sale of customers’ personal information
- Protecting customers’ “Right To Be Forgotten”
However, as opposed to GDPR, CCPA only directly applies to larger corporations and organisations.
Changes In Mouseflow
Here at Mouseflow, we’ve also had to prepare for CCPA, but because we are already 100% GDPR compliant, the changes have been relatively minor. The main change you will see in the Mouseflow app is that the last 3 digits of IP addresses from California will be masked and replaced with ***.
Making Sure You Are Ready For CCPA
If want to make sure that you, as a Mouseflow customer, is set up for CCPA we’ve made an official CCPA Resource Page to help you. Be sure to check it out, as it contains useful information related to data collection in your Mouseflow account. We also recommend that you check out our guide on how to exclude content from being recorded with our easy to use Visual Privacy Tool.
This post will serve as a general FAQ, answering some common questions about CCPA.
Q: What does CCPA stand for?
A: CCPA stands for the “California Consumer Privacy Act”.
Q: When does CCPA start?
A: CCPA (officially called AB-375) was adopted on June 28, 2018 as . It takes effect on January 1st, 2020.
Q: Who does CCPA affect?
A: CCPA applies to any business including any for-profit entity that collects consumers’ personal data, does business in California, and satisfies at least one of the following thresholds:
- Has annual gross revenues in excess of $25 million;
- Possesses the personal information of 50,000 or more consumers, households, or devices; or
- Earns more than half of its annual revenue from selling consumers’ personal information.
Q: What is personal data?
A: CCPA defines personal data as “information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, to a particular consumer or household such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.”
Q: How does Mouseflow comply with CCPA?
A: Mouseflow automatically anonymizes IP addresses for website visitors from California. Furthermore, we do not track ISP’s for visitors within California. In addition Mouseflow can disable the capture/tracking of keystrokes. This is useful if you don’t want to track data entered into input fields on your website.
Q: How has CCPA affected Mouseflow?
A: Since November 10th 2019, we have made changes to the Mouseflow accounts. This is to keep you safe, align with industry best practices, and aid in compliance with CCPA. If you’re an account holder at Mouseflow your visitors’ IP addresses and ISP information will be anonymized for all visits made by users located within the State of California (all other US visitors will be unaffected).
Q: As a Mouseflow client, what do I need to do to be ready for CCPA?
A: Mouseflow specifically prohibits the collection of personal data on your website. If your website logs personal data, you will need to use Mouseflow’s exclusion tools to ensure the data isn’t collected or processed.
Hopefully, this FAQ answers some of your questions regarding CCPA. As an important reminder, please review the “What You Need to Do” section on our CCPA page.
If you have any input or questions regarding CCPA or Mouseflow please let us know by contacting us at firstname.lastname@example.org.