California new privacy law

Anyone have an idea about what we have to do with California’s new privacy law? Can I just use CookieJar and change the outgoing legaleze for the message to be California specific? Is there something else I need to do to be compliant.


Not a lawyer and not an official statement from RapidWeaver on the subject, but adding a cookie notice with a dedicated privacy policy page is sufficient in most cases. Every industry is different, and some have specific regulations/requirements. The main rule is disclosing usage of information/data collect; what data you collect; how you store it, etc. I’ve used this website for clients and it works well (they generate great policies):

I’m not a lawyer either, but CCPA isn’t anything like GDPR. The burden is placed more on the large information brokers (ie Google, Facebook, etc) than the small businesses websites.

Most RapidWeaver Websites Are probably Exempt from CCPA

Currently, the CCPA extends to for-profit companies established in California (i.e., doing business in California) and entities that “indirectly” qualify as doing business (i.e., parents and subsidiaries of companies established in California).

The CCPA will apply to for-profit businesses that collect and control California residents’ personal information, do business in the state of California, and meet at least one of the following thresholds:

  • Annual gross revenues larger than $25 million
  • Receive or disclose the personal information of 50,000 or more California residents, households, or devices each year
  • Make 50 percent or greater annual revenue from selling California residents’ personal information

Non-profits, smaller companies that don’t meet the revenue thresholds, and/or those that don’t traffic in large amounts of personal information from California residents, and don’t share a brand with an affiliate that’s covered by the CCPA won’t have to comply.

If you’re not exempt With CCPA:

  • There is NO cookie warning Modal requrement
  • You are free to use CDN’s for things like Fonts and JavaScript Libraries

You need to provide instructions to the consumer on how to have there personal information removed from the broker.

Most RapidWeaver sites are probably exempt, the one area of concern might be if you’re using something like Google Analytics.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.