What is the CCPA?
The California Consumer Privacy Act (CCPA) is a state statute intended to enhance privacy rights and consumer protection for residents of California, United States. It is one of the first data privacy laws in the United States requiring similar practices as the General Data Protection Regulation in Europe.
What data is covered by the CCPA?
The CCPA provides a non-exhaustive list of categories of personal information. While you should familiarize yourself with this list, a good general rule of thumb is this, the CCPA covers data that: can identify, relate to, describe, be associated with, or be reasonably capable of being associated with a particular consumer or household.
Who should care about the CCPA?
Any company that serves California residents and has at least $25 million in annual revenue must comply with the CCPA. Also included are companies of any size that have personal data on at least 50,000 people or that collect more than half of their revenues from the sale of personal data.
What penalties are associated with non-compliance?
Civil penalties can range from $2,500 for a non-intentional violation to $7,500 for an intentional violation. These fines are charged per user affected, so multiply that by hundreds or thousands of individuals and the cost of not caring becomes very steep.
How does SmartRecruiters’ product suite assure CCPA compliance?
| CCPA Obligation | How SmartRecruiters Helps | |
|---|---|---|
 |
Notices to data subjects | Customers are able to insert their privacy policy for a candidate’s viewing when a candidate applies for a job. |
 |
Data subjects have the right to access their data | Candidates can access their data via the candidate portal. |
 |
Data subjects have the right to delete their data | Candidates can delete their data via the candidate portal. |
 |
Data subjects have the right to opt-out of the sales of their data | Candidates can delete their data via the candidate portal. |
How is the CCPA different from GDPR?
In the table below, you can see while the GDPR and the CCPA have many differences, they share many similarities. Because of the similarities between the CCPA and the GDPR, SmartRecruiters, even before CCPA comes into effect, is well prepared to provide a means for our customers to comply with the CPPA. You can read more about SmartRecruiters’ GDPR compliance here.
| GDPR | CCPA | |
|---|---|---|
| Individual Rights |
|
|
| Security |
|
|
| Security Provider |
|
|
| Ability to Process Data |
|
|
| Data Transfers outside EEA |
|
|
| Accountability/Governance |
|
|
Do you know the CCPA requirements?
Any of your data processing activities involving personal data of California residents must comply with these key CCPA principles to be lawfully permitted:
- Notices to individuals
- Right to access data
- Right to be forgotten
- Appropriate data security
- Right to “opt-out”
- Contractual requirements with vendors
SmartRecruiters is your partner for data privacy
As a provider of talent acquisition software, SmartRecruiters’ business depends on continually providing a product suite that enables our customers to comply with the laws affecting the talent acquisition function in their business. As the laws impacting our customers evolve, so does SmartRecruiters' product suite.