California Consumer Privacy Act (CCPA)
This document is intended to be informational only and it does not serve as legal advice for our customers. Each organization should evaluate its specific needs regarding the CCPA and consult its attorney for legal guidance.
Some key aspects of the law and regulations are still under development and we expect amendments and new guidance during 2020. Any changes to the law or regulations may impact these FAQs. Greater Giving will update the FAQ document periodically but please bear in mind it may not reflect all changes to the law as they occur.
Your privacy is a top priority for us. As with all laws that impact our business operations, we have devoted resources to understanding CCPA’s requirements and assessing any required solutions in a proactive way. Our privacy team has also created this FAQ page (greatergiving.com/ccpa) where you will find answers to your questions about how CCPA will affect Greater Giving and your organization.
Frequently Asked Questions
What is the California Consumer Privacy Act (CCPA)?
The California Consumer Privacy Act (CCPA), is a law passed in the state of California that enhances privacy rights and consumer protections for California residents. CCPA was signed into law in June 2018. Key provisions of CCPA will go into full effect on January 1st, 2020.
Our nonprofit organization is based in California, what does CCPA mean to us?
Under the CCPA, there are several factors that determine whether, and to what extent, the law applies to each entity processing Personal Information of California residents. For example, the impact of CCPA is different for for-profit businesses versus non-profit organizations. In many (but not all) cases non-profits fall outside the scope of the CCPA. The obligations are also different for large businesses versus small ones. You can review the scope and requirements of CCPA at the CCPA website maintained by the California Attorney General’s Office (https://oag.ca.gov/privacy/ccpa).
What is Greater Giving doing to prepare for the CCPA?
Greater Giving is a service provider to non-profits who are in most cases outside the scope of the CCPA. Nevertheless, and as with all laws that impact our business operations, we have devoted resources to understanding CCPA’s requirements and assessing solutions in a proactive way. We have implemented the following:
- Created a Privacy Team at Greater Giving working with the Privacy Office at Global Payments, our parent company
- All employees have completed Global Payments’ Privacy Compliance training
- Education of all employees on CCPA laws
- Created the CCPA FAQ for our customers, their donors and partners
- Updating software to be compliant with current privacy requirements
- Plan to continue tracking developments in the law and stay prepared to respond accordingly.
Where can I read about how Greater Giving supports CCPA requirements?
This FAQ page is where we will keep any information related to CCPA and how it affects our company, and the nonprofits we work with. As things change, we will update the page.
Can we still export information from Greater Giving if we remove donors that ask to be forgotten?
Yes, you can still export information from Greater Giving if you remove donors that ask to be forgotten.
Do you have a privacy team to advise you on compliance with the CCPA?
Yes, Greater Giving has a Privacy Team, and our parent company Global Payments has a Privacy Office employed by lawyers and privacy experts who are working together to ensure Greater Giving and Global Payments are compliant with CCPA and GDPR laws.
How is CCPA related to PCI compliance?
The CCPA is a consumer privacy law, aimed at providing consumers more transparency and control over their personal data. PCI compliance on the other hand, generally refers to compliance with security standards set forth by the Payment Card Industry to protect cardholder data. The security standards in place for PCI compliant organizations may be useful to meet data security obligations for other laws like the CCPA. You can find out more about Greater Giving’s PCI compliance here.
If you are an End User who has a relationship with one of our Customer’s and have a question about how your personal information is collected, used, or shared, please contact the Customer directly.
For other questions you may contact Greater Giving as follows:
Greater Giving, Inc.
Attention: Privacy Office
1920 NE Stucki Ave
Hillsboro, OR 97006