United States of America: Announced settlement in the investigation into Sephora over non-compliance with California Consumer Privacy Act

On 24 August 2022, the California Attorney General announced that it had reached a settlement with Sephora, closing its investigation into the e-commerce platform’s non-compliance with the California Consumer Privacy Act (CCPA). The Attorney General opened its investigation, alleging that the e-commerce platform failed to inform its customers that it was selling their personal information and did not process the opt-out of personal data sale requests from its users. According to the settlement, Sephora is fined USD 1.2 million and is obliged to update its privacy policy to disclose that it is selling costumer’s data and offer customers the possibility to up-out from the sale of personal information.