Botdoc and CCPA/CPRA
At Botdoc, trust is our #1 value. Privacy compliance is paramount. The California Consumer Privacy Act (“CCPA”) is a comprehensive privacy law that takes effect on January 1, 2020 and California voters approved the California Privacy Rights Act (CPRA), which amends the CCPA and went into effect December 16, 2020 but most of the provisions revising the CCPA became “operative” on January 1, 2023. While we believe a federal privacy law is necessary so that an individual’s privacy does not depend on their ZIP code, we welcome the CCPA/CPRA as a step forward in shaping data protection requirements in the United States and as an opportunity for Botdoc to continue to strengthen its commitment to privacy and data protection.
The CCPA creates several new rights so individuals may control access and use of their personal information. These include the right to access or delete personal information collected by a business and the right to opt out of a “sale” of their personal information. The opt-out right is particularly significant because the CCPA defines “sale” in very broad terms that encompass many commonplace data sharing arrangements, even where no money is exchanged. However, transfers to “service providers” are not considered “sales.” The CRPA created two additional rights which include the right to correct and right to limit use and disclosure.
Botdoc businesses and organizations subject to our Privacy Statement do not sell personal information (organizations may operate under different privacy terms). While we do share some data with trusted “service providers” to improve and market our services and to operate our websites, we do not allow any third parties to use the personal information we share with them for their own purposes.
What Can Our Customers Expect from our Products and Services?
With respect to our customers doing business in California, we are a “service provider” as defined in the CCPA. As a “service provider,” we only use customer data and personal information as permitted in our customer agreements. The terms of Service TOS and DPA meet the requirements in the CCPA for “service providers” and are sufficient for our customers to continue to use our services.
We look forward to working with our customers on their CCPA compliance efforts.