MINDBODY and CCPA Readiness
By Jessica Sprenkle
This information contained herein does not constitute financial, legal, or other professional advice and is meant to be used solely for informational purposes. It does not take into account your specific circumstances and should be not acted on without full understanding of your current situation, future goals and/or objectives by a qualified professional. MINDBODY assumes no liability for actions taken in reliance upon the information contained herein.
You’ve probably heard about the new California Consumer Privacy Act (CCPA) which begins to take effect on January 1, 2020. This new law is designed to give California residents more control over their personal data.
Will your business be impacted by the CCPA?
You may have obligations under the CCPA if you do business in the state of California and meet one or more of the following three qualifications:
- Do over $25M in annual gross revenue
- Collect data from over 50K individuals annually
- Make more than half of your annual revenue selling personal information
While the law only applies to businesses that meet these requirements, privacy protection is becoming increasingly important, and it is good business practice to ensure you are protecting the privacy of your clients.
What’s in the CCPA?
The law covers the right of Californians to:
- Know what personal information is being collected about them
- Know whether their personal information is sold or disclosed and to whom
- Say no to the sale of their personal information
- Access their personal information
- Have equal service and price, even if they exercise their privacy rights
What does this mean for your organization?
- Your clients have the option to exercise their rights related to their data. Your clients can submit a request to your business asking to update, access, or remove their data through the MINDBODY Data Options page. Requests must be submitted one at a time and separately for each business they attend.
- Make sure you and your staff know what types of data you are collecting from customers and how to handle their personal information. Have a defined process in place so you and your staff can quickly respond to and honor the requests of your customers regarding their personal information. Make sure this process is part of your onboarding and training programs for your staff.
What is MINDBODY doing to support customers as they prepare for the CCPA?
We’re refreshing and expanding our tools and processes, including our Data Options page for consumers, to ensure adherence to the CCPA. While you are ultimately responsible for ensuring compliance with the key requirements of the CCPA, MINDBODY will assist you in meeting those requirements where possible.
If your clients choose the “forget my data” option, your business will then have the ability to approve or deny their requests through the Data Privacy page within your software.
Here’s how this process works:
Step 1: Once logged into your software, access Manager Tools and locate the Data Privacy page.
Step 2: View and approve or deny requests from clients requesting to remove their data.
Step 3: Return to the Data Privacy page to view the current status of client requests.