If a company`s service provider agreements have been properly crafted, it is unlikely that that company has breached the CCPA if one of its providers uses consumer information in a way that is not authorized by the CCPA (provided that that company has no knowledge or real reason to believe that the service provider intends to commit such an infringement). Given the importance of properly crafted service provider agreements (generally, and particularly from the perspective of CCPA compliance), it is important that companies now consult with experienced lawyers in order to start amending existing agreements and revising agreements to be used with new service providers. DocuSign eSignature provides reliable applicability of revised agreements with stamped, anti-manipulation, and court-authorized audit trails. Plus, DocuSign`s advanced workflow tools speed up your fulfillment process: the mass send feature allows you to get individual consent from a large number of users, while automated reminders and conditional routing keep complex permissions on track. (b) The Service Provider shall immediately notify the Customer when it receives a complaint, notification or communication directly or indirectly related to either party`s compliance with the CCPA. In particular, the service provider must inform the customer within 10 business days if it receives a demonstrable consumer request under the CCPA. With the implementation of the California Consumer Privacy Act (CCPA), which was passed on the 1st many companies should take a close look at their CCPA service provider agreements. In terms of context, the CCPA is a consumer-friendly data protection law that applies to different companies and their respective service providers. The CCPA provides consumers with protection and choice about how their personal data is collected, used and shared by businesses and other businesses. In accordance with the above, the CCPA requires companies to ensure that their service providers and other third-party partners refrain from using the personal data provided to them. Based on the above, companies that have not yet done so will need to revise CCPA service provider agreements in the future; and (2) proposed CCPA-compliant amendments to existing agreements to ensure that their respective contractual partners are not required to use consumer information for prohibited commercial purposes. (a) The Service Provider will reasonably cooperate and assist the Customer in fulfilling the Customer`s CCPA compliance obligations and responding to CCPA-related requests, including by responding to verifiable consumer requests, taking into account the type of processing of the Service Provider and the information available to the Service Provider.

Leaders are now taking the lead in strengthening their comprehensive approach to data protection compliance. One tactic to maximize your efforts now is to add a contractual language that matches the common similarities to the CCPA and GDPR. Regulators often view the EU`s GDPR as a model for many future regulations. Adding a strong data protection language will make it easier for you to comply with potential future rules. Given the current regulatory uncertainty and the specific requirements of the CCPA, it is insufficient and unwise to rely on „compliance with applicable law“. . . .