CalOPPA was enacted in 2003 and is intended to help consumers understand what personal information is being collected about them and how it will be used, as well as giving them the ability to make informed choices about sharing their personal information with websites and online services.
CalOPPA applies to any commercial website or online service that collects PII from California residents, regardless of where the website or service is located.
PII includes information like a person’s name, address, email address, social security number, and other data that could be used to identify an individual.
Under CalOPPA, website and online service operators must include the following information in their privacy policies:
- The categories of PII that the website or service collects
- The categories of third parties with whom the website or service shares PII
- A description of the process for users to review and request changes to their PII, if such a process exists
- A description of how the website or service responds to web browser “Do Not Track” signals, if applicable