Everything hotels need to know about CCPA compliance requirements and consumer rights
The California Consumer Privacy Act (CCPA) is a state-wide data privacy law that regulates how businesses collect, use, and share personal information of California residents. It went into effect on January 1, 2020, and applies to businesses that meet certain thresholds.
Annual gross revenue over $25 million
Process personal info of 50,000+ consumers annually
Derive 50%+ revenue from selling personal information
The CCPA grants California consumers four fundamental rights regarding their personal information
Consumers can request information about what personal data is collected, used, sold, or disclosed
Consumers can request deletion of their personal information
Consumers can opt-out of the sale of their personal information
Businesses cannot discriminate against consumers for exercising their CCPA rights
Key compliance obligations that hotels must implement to meet CCPA standards
Understanding the financial and legal consequences of non-compliance
Per intentional violation
Per consumer per incident
Court-ordered compliance measures
The California Privacy Rights Act (CPRA), which went into effect in 2023, significantly expanded CCPA requirements and penalties. Hotels should ensure compliance with both CCPA and CPRA standards.
GuardStay handles all CCPA requirements automatically, from privacy policies to data subject requests
Get CCPA Compliant