You have to comply with CalOPPA only if your website or mobile app collects personally identifiable information through the internet. So if you have a website or mobile app but you collect all such information in email, phone or in person only, the law does not apply.
- Categories and examples of personal information you collect
- Categories of third parties with which you share the information
- How users can request changes to any of the information
- The effective date of the policy and any amendments
- Whether third parties may collect information from you about a consumer's online activities over time and across different websites
- How you respond to "do not track" requests of users
"Tracking" means collecting personal information from the individual's online activities on other websites. If you do not do such tracking and do not use a third-party service to do so, you can ignore the last requirement or just say, "We do not track your online activities on other websites."
If you don't like the word "policy," you can use a similar word after "privacy," including "notice," "statement" or "agreement."
The policy must be simply worded and simply organized using bullet points or clear section headings.
If you have an online booking engine vendor's booking form on your website, or if you just have a link to one, you must still comply with CalOPPA because you are collecting and keeping the personal information, even if the booking engine vendor does so, too.