Welcome to LimeSpot!

What is the CCPA?

The California Consumer Privacy Act (CCPA) is a California law that was passed in June 2018. The CCPA gives California residents more control over their personal information. If your website is available to California residents or you are involved in the sale of California residents’ personal information, then this law likely applies to you.

As a LimeSpot Client, you have already agreed to our Customer Terms of Service and Privacy Policy, both of which are in full compliance with the CCPA to help empower and keep you in compliance with the regulations in regards to your use of LimeSpot services.

How CCPA Affect You?

Not all online stores are subject to CCPA. The CCPA only applies to businesses that collect personal information of California residents, and that meet one of the following conditions:

1. Have an annual gross revenue of more than $25 million USD.
2. Annually buy, sell, receive for commercial purposes, or share for commercial purposes the personal information of 50,000 or more California consumers, households, or devices.
3. Derive 50% or more of their annual revenue from selling California consumers’ personal information.

Businesses are not subject to the law if they do not have a physical presence in California and their commercial conduct takes place wholly outside of California.

Sale of personal information

CCPA defines "sale" broadly and includes any exchange of personal information for either money or other valuable consideration. LimeSpot does not believe that you are selling your customers’ personal information to LimeSpot when you use its services to run your store. LimeSpot operates as a service provider and uses the information only to provide its services.

How CCPA affects you

(What is Required of You as a LimeSpot Client)

As a Data Processor under the CCPA definitions, we may be collecting data on your site to provide our services at your direction. We have no visibility to, and therefore no way of managing, certain aspects of the interaction with your Shoppers. These aspects include, notably, obtaining consent and the means of collection (e.g. the interaction with your site).

Transparency:

The CCPA also requires your privacy policy to include the following information:

1. The categories of personal information that are collected and the purposes for which they will be used.
2. The categories of personal information that you share for business purposes.
3. A description of California residents’ rights under the CCPA.
4. Methods by which customers can submit data subject rights requests.
5. A list of personal information or categories of personal information that the business sells or a notice that the business does not sell personal information.

Opt-out of Sale

If you sell the personal information of consumers, then as of January 1, 2020, California residents have the following rights:

1. request a list of the categories of their personal information that you sold;
2. request a list of the buyers of that personal information, by category of personal information, over the previous twelve months; and
3. opt-out of the sale of their personal information going forward.

As described above, LimeSpot doesn't believe that you sell personal information to LimeSpot, so the sale and the opting out of sale takes place outside of LimeSpot. It should be easy for consumers to contact you to submit their requests.

If a customer opts out of the sale of their personal information, then you need to do the following:

1. Stop selling their information.
2. Keep track of the date of the request and the steps you took to verify the identity of the requester.
3. Wait 12 months before requesting that they opt-in again.
4. Don't deny them service or provide them with an inferior product.

Solely to the extent that the CCPA is applicable to you, we now require that you:

Obtain informed consent associated with your use of LimeSpot products with your e-Commerce platform;

Incorporate our Privacy Policy directly into your own privacy policy and make sure your Shoppers are aware of the existence of such policy;

Provide your Shoppers access to our Privacy Tool and the right to request to delete their personal information.

Data Protection Officer and Representative

LimeSpot has a Data Protection Officer (“DPO”) to respond to certain requests. On matters of data protection, our policy is to practice extreme caution for the benefit of both of us, as well as for the benefit of your Shoppers. While we believe that the Privacy Tool will pre-empt most communications to the DPO, our DPO will nevertheless be made available for LimeSpot-related inquiries that you may not otherwise be in a position to handle.

That said, please remember that most Shoppers will be unaware of LimeSpot’s involvement. You will, therefore, be, by default and necessity, a Shopper’s first point of contact regarding data protection and so will be considered the representative responsible with respect to the requirements of the GDPR. The LimeSpot DPO can be reached at dpo@limespot.com. ​ ​

This document has been created to help you comply with the CCPA in regard to your use of the LimeSpot services.

‍