Online Privacy Protection Act FAQ

The California privacy laws are aimed at any business worldwide that collects data from California residents. That means that no matter where your business or website is located, if the website does collect personal information from California residents, then that website must comply with the California privacy laws.

Can I Be Sued Even If My Business Is Not Located In California?

Yes. For example if you operate a small website that sells pet sweaters from your home in Florida, but you have at least one customer that resides in California, you could be sued in California for non-compliance unless you follow the California privacy law explicitly. And while in one sense, compliance is better late than never, you should get compliant with the law now, even if you have not yet had a customer from California.

If your business is located in another state and the California government or a California consumer sues you for non-compliance, you would need to respond to the lawsuit in California. Hiring an attorney and the costs of possibly traveling to California would be high. VeraSafe helps protect websites from these dangerous contingencies by creating and verifying privacy policies that meet COPPA requirements as well as CAN-SPAM, “Shine the Light” and other state and federal privacy laws and standards.

What if my website is just informational and does not sell goods/services?

Many, if not most informational or brochure websites are also subject to COPPA, as these websites frequently contain a contact form where users can submit questions along with their email address, name, etc. Given that these types of data are considered to be “personally identifying information”, this is within the scope of the California privacy laws.

This is all news to me. How can I stay informed about these obscure privacy laws that affect my business?

In the early days of the Internet, navigating privacy compliance meant hiring a costly attorney to create a privacy policy and regularly update it. Now, VeraSafe has become a leader in helping websites with privacy compliance and was even recognized by the US Postal Service for our VeraSafe Website Privacy Verification Program. While not a law firm, VeraSafe has the expertise to evaluate your electronic data collection and craft a compliant privacy policy for your specific needs. We verify that your policy meets our strict program criteria, which in turn satisfies all current applicable privacy legislation in the United States (all 50 states, Washington DC, PR and Federal law). Plus we will keep you up to date about regulatory changes that affect your privacy policy. We are your partner in privacy compliance and will help streamline the process so you can focus on running your business.

Contact VeraSafe to discuss your data security management and privacy program today.