When it comes to privacy compliance, businesses will have a lot on their plate in 2023. Major changes to the California Consumer Privacy Act (CCPA) are going into effect (including the expiration of employee data exemption), as well as four new state privacy laws. Among these is the Utah Consumer Privacy Act (UCPA).
The UCPA is somewhat more pro-business than the other state laws, including the Virginia Consumer Data Privacy Act on which it’s modeled, but it still imposes significant privacy obligations. The first step toward compliance is determining whether Utah’s privacy law applies to your business.
Compared to the other data privacy laws, the UCPA is narrower in scope. A for-profit business must comply with the Utah Consumer Privacy Act if it meets the following three criteria:
This is the most basic requirement. Having a physical presence in the state counts as doing business there, but so does selling goods or services online to Utah residents.
This requirement is unique to the UCPA. It’s worth noting that the $25 million figure refers to all gross revenue, not just revenue from Utah.
For businesses that operate online, the 100K-consumer threshold is easier to meet than they may realize. Websites are processing personal data (IP address, cookies, etc.) from each of their visitors. Getting just 8,400 unique visitors from Utah per month will put them over 100,000 for the year.
The UCPA lists several exemptions for certain types of organizations and personal data. These include:
Navigating the complexities of multiple privacy laws at once can be difficult for any business, but it’s even harder for businesses that don’t have in-house privacy experts or legal departments. TrueVault US simplifies multi-state privacy compliance, allowing businesses of any size to handle it on their own.
Designed by attorneys, TrueVault US is an all-in-one privacy software that helps you get your business fully compliant with laws like the UCPA, CCPA, and more, even if you’re starting from scratch. From onboarding vendors to processing privacy requests, TrueVault provides guidance at every step.
Contact our team to learn more and view a demo.
Disclaimer: This content is provided for general informational purposes only and does not constitute legal advice. This content is not a substitute for obtaining legal advice from a licensed attorney. The information on this page may be changed without notice and is not guaranteed to be complete, correct or up-to-date, and may not reflect the most current legal developments.