Are Nonprofits Covered?
An individual nonprofit organization’s website collecting such information may or may not be regarded a commercial website. Some important factors may be whether the organization’s website promotes any unrelated business activities, includes any paid advertising, or solicits new members who may receive in return for their dues some commercial benefit not related to the organization’s exempt purpose. Accordingly, an organization should carefully consider whether it would be advantageous to comply with the Act’s requirements.
- Identify the categories of (a) PII collected through the website or online service about individual consumer visitors and (b) third-party persons or entities with whom the operator may share such information.
- Provide a description of the process for an individual consumer to review and request changes to his or her PII collected through the website or online service, if the operator maintains such process.
- Inform consumers of how the organization responds to Do Not Track signals or similar mechanisms that provide consumers the ability to exercise choice regarding the collection of PII about an individual consumer’s online activities over time and across third-party Web sites or online services, if the operator engages in that collection.
- Identify its effective date.
Resources (updated 2/24/16)
You can find more information about privacy policies and the Online Privacy Protection Act at the links below:
California Privacy Enforcement and Protection, Office of the Attorney General
California Privacy Laws, Office of the Attorney General
Making Your Privacy Policies Public, Office of the Attorney General
General Online Privacy Resources
State Laws Related to Internet Privacy, NCSL (2016)
A Nonprofit’s Cyber Liability And Data Privacy, The Nonprofit Times (2015)
Nonprofits and Online Website Privacy, Wagenmaker & Oberly (2015)
75+ free tools to protect your privacy online (Comparitech)
You must be logged in to post a comment.