Sephora, an international cosmetics giant, has become the first company to be publicly fined for violating California’s relatively new Consumer Privacy Act. The fine was announced in a press release on Wednesday, and California Attorney General Rob Bonta mentioned the settlement. California alleges that Sephora violated the privacy act, resulting in penalties of $1.2 million. The California Attorney General’s Office stated that it conducted an investigation into the company’s privacy policies, finding that it failed to notify customers that it was selling their personal data.
Perhaps more severe, the beauty chain has also been charged with failing to allow users to opt out of the sale of their data by neglecting to process such requests. In addition, the company did not resolve these violations within the 30-day grace period allowed by the CCPA. The act was passed in 2018 and offers California consumers specific rights concerning the use and sale of their personal data.
Read More: Cosmetics giant Sephora first to be fined for violating California’s Consumer Privacy Act