What legal notices, like privacy policies, must I include in the footer of my business website under California law?

Under California law, you must include specific legal notices in your website's footer, primarily a comprehensive Privacy Policy and, if applicable, a link to opt-out of data sales. Here is how to ensure your business website is compliant. Step 1: Determine Which Privacy Laws Apply to Your Business First, assess if your business falls under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). The CCPA/CPRA applies if your for-profit business collects personal data from California residents and meets one of the following: has annual gross revenues over $25 million; buys, sells, or shares the personal information of 100,000 or more consumers or households; or derives 50% or more of its annual revenue from selling or sharing consumers' personal information. The California Online Privacy Protection Act (CalOPPA) applies to nearly any commercial website that collects personally identifiable information from California consumers. Step 2: Draft a Comprehensive Privacy Policy Create a single, detailed Privacy Policy that satisfies both CalOPPA and CCPA/CPRA. This document must be easy to read and must accurately describe: the categories of personal information you collect; the sources of that information; the business purposes for collecting, selling, or sharing it; the categories of third parties you disclose it to; and how consumers can exercise their privacy rights (like the right to know, delete, and correct their data). Step 3: Add a "Privacy Policy" Link to Your Footer Place a conspicuous link in your website's footer that says "Privacy Policy" and directs users to the full policy. This link must be visible on your homepage and, ideally, on every page where you collect personal information. Step 4: Post a "Do Not Sell or Share" Link (If Applicable) If your business "sells" or "shares" personal information as defined by the CCPA/CPRA, you must provide a separate, clear link in your footer titled "Do Not Sell or Share My Personal Information." This link must lead to a page where consumers can easily opt-out. Step 5: Consider an Accessibility Statement To comply with the Unruh Civil Rights Act, which incorporates standards from the Americans with Disabilities Act (ADA), ensure your website is accessible to people with disabilities. While not a required footer notice, posting an "Accessibility Statement" in your footer is a best practice. This statement should affirm your commitment to accessibility and provide a way for users to report issues. Important considerations: The definitions of "personal information," "sell," and "share" under California law are extremely broad and may include activities like using third-party analytics cookies or targeted advertising trackers. Your policies must be updated at least every 12 months. Note: Failure to comply can result in significant fines from the California Attorney General or the California Privacy Protection Agency. These requirements are strict and the legal landscape is constantly evolving. This is general information and does not constitute legal advice. For complex situations or to review your specific compliance needs, consult with a qualified California attorney.