an entity’s base of operations is in the EU (this applies whether the processing takes place in the EU or not);
an entity not established in the EU offers goods or services to people in the EU. The entity can be government agencies, private / public companies, individuals, and non-profits; or where
an entity is not established in the EU, but it monitors the behavior of people who are in the EU, provided that such behavior takes place in the EU.
Currently, having user consent is the most common lawful ground. However, the rule for collecting and keeping the data has become stringent by the GDPR.
BOTH of the following conditions apply
You have a business; and
you target Californian consumers.
If you seek a fast and easy way to get your website GDPR and CCPA ready, then the WPLegalPages plugin is the one you need. It can ensure that your website meets all the GDPR and CCPA compliance requirements, including Agree to Terms and Conditions, Affiliate disclaimer generator, Cookie Consent and more.