Ask Reggi Your Question Now
Can you summarize Civ Code CACL Division 3 Part 4 Title 1.81?
OBLIGATIONS ARISING FROM PARTICULAR TRANSACTIONS [1738. - 3273.55.] > CUSTOMER RECORDS [1798.80. - 1798.84.]
Short Summary
The first legal document governs businesses that have an established business relationship with a customer and have disclosed personal information to third parties for direct marketing purposes. It requires businesses to provide certain information to customers upon request, including a list of categories of personal information disclosed and the names and addresses of the third parties who received the information. The second document pertains to the disclosure of security breaches of computerized data containing personal information. It requires businesses to notify affected California residents in a timely manner and provides guidelines for the content and format of the breach notification. The third document governs the handling of customer records by businesses and allows customers to institute civil actions for damages in case of violation. It also provides civil penalties for willful, intentional, or reckless violations. The fourth document outlines actions to be taken by consumer credit reporting agencies and third parties in case of security vulnerabilities. It requires testing, planning, and assessment of systems for implementation of software updates and the use of compensating controls. The fifth document defines the use of age information obtained on an Internet website in the context of employment or age discrimination. It prohibits the publication or sharing of age information without consent and provides guidelines for its removal upon request. The sixth document requires businesses to dispose of customer records containing personal information in a secure manner. It specifies methods such as shredding or erasing to make the information unreadable. Penalties for non-compliance are not specified in any of the documents.
Whom does it apply to?
Businesses that have an established business relationship with a customer and have disclosed personal information to third parties for direct marketing purposes, persons or businesses conducting business in California that own or license computerized data containing personal information, businesses handling customer records, consumer credit reporting agencies and third parties maintaining personal information about California residents, commercial online entertainment employment service providers, businesses that have customer records containing personal information
What does it govern?
Businesses that have an established business relationship with a customer and have disclosed personal information to third parties for direct marketing purposes, disclosure of security breaches of computerized data containing personal information, handling of customer records by businesses, actions to be taken by consumer credit reporting agencies and third parties in case of security vulnerabilities, use of age information obtained on an Internet website in the context of employment or age discrimination, disposal of customer records containing personal information
What are exemptions?
Businesses with fewer than 20 employees, delay of notification in case of impeding a criminal investigation, safe harbor for businesses disposing of abandoned records containing personal information
What are the Penalties?
Penalties for non-compliance are not specified in the document.
Jurisdiction
California