Loading...

Knowledge Base

California Consumer Privacy Act (CCPA) FAQs

The California Consumer Privacy Act (CCPA) provides residents of California with distinct rights concerning their personal data that businesses collect. This encompasses the right to be informed about the data collected, the right to have it deleted, and the right to refuse its sale.

In this article, we will discuss:

For general information on the California Consumer Privacy Act (CCPA), please see the Fact Sheet available on the California state website.

What is the CCPA?

CCPA stands for the California Consumer Privacy Act. The CCPA creates new consumer rights for residents of the state of California relating to the access to, deletion of, and selling of their personal information that is collected by businesses. This regulation grants the following new privacy rights to California consumers:

  • The right to know what personal information is collected, used, shared, or sold by a business;
  • The right to delete personal information held by a business;
  • The right to opt out of the sale of personal information and
  • The right to non-discrimination in terms of price/services when a consumer exercises privacy rights under the CCPA.

 

Who is impacted by the CCPA?

The CCPA aims to protect all residents of California. The CCPA applies to businesses both inside and outside of California, provided they:

  • Have annual gross revenues in excess of twenty-five million dollars ($25,000,000);
  • Buy, receive, sell, or share- for commercial purposes, the personal information of 50,000 or more consumers, households, or devices annually;
  • Earn more than half of its annual revenues from selling consumers' personal information.

 

When does CCPA go into effect?

The CCPA went into effect on January 1, 2020.

 

As a Network Solutions customer, in relation to CCPA. What am I entitled to?

The CCPA imposes new obligations on businesses that are subject to the CCPA. In accordance with these obligations, the subject business must:

  • Provide notice to customers at or before data collection;
  • Create procedures to respond to data subject access requests from customers related to their data (a "DSAR" request);
  • Respond to DSAR requests within specific timeframes;
  • Verify the identity of consumers making DSAR requests;
  • Disclose financial incentives offered in exchange for the sale of personal information; and
  • Maintain records of DSAR requests for 24 months.
  • As Network Solutions progresses its compliance efforts, we may reach out to you with more information relevant to our relationship with you.

 

Whom should I contact at Network Solutions for privacy-related issues?

Please email [email protected].

 

Does Network Solutions sell its customers' personal information?

No, we do not sell our customers' personal data and only use it for the purposes outlined in our Privacy Policy.

 

Does Network Solutions maintain a data retention policy?

Yes. In addition to CCPA, Web.com complies with a number of regulations that include financial and data retention obligations. These include, but are not limited to, the General Data Protection Regulation (GDPR), the Health Insurance Portability & Accountability Act (HIPAA), and the Payment Card Industry Data Security Standard (PCI DSS).

 

When Network Solutions no longer needs personal data for processing, accounting, or other legal reasons, will it systematically be deleted?

Yes, in accordance with our data retention policy, personal data will systematically be deleted when it is no longer needed for processing, accounting, or other business or legal reasons.

 

How will Network Solutions manage DSARs (Data Subject Access Requests) from its CA customers?

Web.com has created a DSAR portal located here, which can be utilized by its CA customers to submit DSAR requests. This portal is reserved for Web.com CA customers only.

If you are unable to submit DSARs on your own, you can submit through one of the following options.

 

How long will it take Network Solutions to process a DSAR?

As per the CCPA, a DSAR will be handled within forty-five (45) days but, under extenuating circumstances, may be processed within ninety (90) days.

 

Are there circumstances where requests to be forgotten cannot be processed?

Yes. Data subjects have the right to request the erasure of personal data under specific conditions. However, a number of our services, including but not limited to domain registration services, will be assessed to determine if we still need to retain the data for processing purposes. For example, we cannot remove data we retain for an active domain name holder because the data is still relevant for registration purposes. In addition, as an accredited ICANN registrar, we are contractually obligated to keep certain data regarding registered name holders for the life of the domain name plus two (2) years.

The information contained herein in no way constitutes legal advice. Any person who intends to rely upon or use this information in any way is solely responsible for independently verifying the information and obtaining independent expert advice if required.

 

Review

Network Solutions is committed to protecting your privacy and complies with California Consumer Privacy Act (CCPA) regulations. This FAQ provides information on how to access, manage, and delete your personal data. For further assistance, contact Web.com through the provided channels. Remember, your CCPA rights empower you to control your information.

Did you find this article helpful?

 
* Your feedback is too short

Loading...