The California Consumer Privacy Act (CCPA) is a California law that was passed in June 2018. The CCPA gives California residents more control over their personal information. If your website is available to California residents or you are involved in the sale of California residents’ personal information, then this law likely applies to you.
As a LimeSpot Client, you have already agreed to our Customer Terms of Service and Privacy Policy, both of which are in full compliance with the CCPA to help empower and keep you in compliance with the regulations in regards to your use of LimeSpot services.
Not all online stores are subject to CCPA. The CCPA only applies to businesses that collect personal information of California residents, and that meet one of the following conditions:
Businesses are not subject to the law if they do not have a physical presence in California and their commercial conduct takes place wholly outside of California.
CCPA defines "sale" broadly and includes any exchange of personal information for either money or other valuable consideration. LimeSpot does not believe that you are selling your customers’ personal information to LimeSpot when you use its services to run your store. LimeSpot operates as a service provider and uses the information only to provide its services.
(What is Required of You as a LimeSpot Client)
As a Data Processor under the CCPA definitions, we may be collecting data on your site to provide our services at your direction. We have no visibility to, and therefore no way of managing, certain aspects of the interaction with your Shoppers. These aspects include, notably, obtaining consent and the means of collection (e.g. the interaction with your site).
Transparency:
The CCPA also requires your privacy policy to include the following information:
Opt-out of Sale
If you sell the personal information of consumers, then as of January 1, 2020, California residents have the following rights:
As described above, LimeSpot doesn't believe that you sell personal information to LimeSpot, so the sale and the opting out of sale takes place outside of LimeSpot. It should be easy for consumers to contact you to submit their requests.
If a customer opts out of the sale of their personal information, then you need to do the following:
Solely to the extent that the CCPA is applicable to you, we now require that you:
Obtain informed consent associated with your use of LimeSpot products with your e-Commerce platform;
Incorporate our Privacy Policy directly into your own privacy policy and make sure your Shoppers are aware of the existence of such policy;
Provide your Shoppers access to our Privacy Tool and the right to request to delete their personal information.
LimeSpot has a Data Protection Officer (“DPO”) to respond to certain requests. On matters of data protection, our policy is to practice extreme caution for the benefit of both of us, as well as for the benefit of your Shoppers. While we believe that the Privacy Tool will pre-empt most communications to the DPO, our DPO will nevertheless be made available for LimeSpot-related inquiries that you may not otherwise be in a position to handle.
That said, please remember that most Shoppers will be unaware of LimeSpot’s involvement. You will, therefore, be, by default and necessity, a Shopper’s first point of contact regarding data protection and so will be considered the representative responsible with respect to the requirements of the GDPR. The LimeSpot DPO can be reached at dpo@limespot.com.
This document has been created to help you comply with the CCPA in regard to your use of the LimeSpot services.