Sign In
See how CCPA impacts guest Wi-Fi and the data your business can legally collect with Monyfi.
Graphic of the California state outline with a lock icon, representing CCPA and guest Wi-Fi data privacy

Offering guest Wi-Fi is one of the easiest ways to improve customer experience across cafés, restaurants, hotels, shopping malls, universities, retail stores, and more. But as soon as your network collects customer data – even basic details like device information or login credentials – privacy laws apply.

One of the most important laws affecting U.S. businesses today is the California Consumer Privacy Act (CCPA). Even if your organization is not based in California, you may still need to comply if your guest Wi-Fi is used by California residents.

This article explains how CCPA applies to guest Wi-Fi networks, what data your business may be collecting through platforms like Monyfi, and how to stay compliant while still delivering a great digital experience.

What Is CCPA? (In Simple Terms)

The California Consumer Privacy Act (CCPA) is a privacy law that protects the personal data of California residents. Its purpose is to give consumers more control over the data businesses collect about them.

CCPA gives people the right to:

  • Know what personal information a business collects
  • Request deletion of their personal data
  • Opt out of the sale or sharing of their personal data
  • Access their data in a portable format
  • Be free from discrimination for exercising these rights
Two travelers using a laptop at an airport while connected to guest Wi-Fi, illustrating how CCPA applies to public Wi-Fi networks

Who must comply?

CCPA defines personal information very broadly. Even data collected through guest Wi-Fi can qualify, such as:

  • Device MAC addresses
  • IP addresses
  • Device identifiers
  • Browsing activity on your network
  • Login or authentication details
  • Names, emails, or phone numbers (if provided)

Collecting this type of data from a California resident does not automatically make your business subject to the CCPA – it simply satisfies the first requirement. The business also meets at least one of the following CCPA thresholds

  • Revenue Threshold: The business has annual gross revenues over $25 million.
  • Data Volume Threshold: The business buys, sells, or shares the personal information of 100,000 or more California residents or households per year.
  • Data Monetization Threshold: The business derives 50% or more of its annual revenue from selling or sharing the personal information of California residents.

Even businesses outside California must comply if they collect personal information from California residents and meet at least one of these thresholds.

When Does CCPA Apply to Guest Wi-Fi Providers?

CCPA does not apply to every business offering guest Wi-Fi.
It only applies when both conditions are met:

Your business collects personal information from California residents

If a California resident connects to your guest Wi-Fi, you may collect:

  • Device MAC addresses
  • IP addresses
  • Device identifiers
  • Browsing or session data
  • Login or sign-in information (name, email, phone, etc.)

This satisfies the first condition, but does NOT automatically trigger CCPA.

Your business meets at least one of the CCPA thresholds

CCPA applies only if your business also meets one or more of these:

  • Revenue Threshold: Annual gross revenue over $25 million.
  • Data Volume Threshold: Buys, sells, or shares personal information of 100,000+ California residents or households per year.
  • Data Monetization Threshold: Earns 50% or more of annual revenue from selling or sharing personal information.

Most cafés, restaurants, small hotels, and shops do not meet these thresholds, so CCPA usually does not apply to their guest Wi-Fi.

What about targeted advertising or data sharing?

Using tools like:

  • marketing campaigns
  • segmentation
  • remarketing
  • targeted advertising

only matters under CCPA if your business already meets at least one of the thresholds above.

A student working on a laptop on a university campus, representing CCPA rules for collecting data through campus guest Wi-Fi

What Data Does Guest Wi-Fi Collect Under CCPA?

Guest Wi-Fi networks often collect several categories of data, all of which are considered personal information under CCPA.

1. Identifiers

  • Email address
  • Phone number
  • Device MAC address
  • IP address
  • Name (if entered on the splash page)

2. Internet Activity

  • Browsing activity within captive portal
  • Connection timestamps
  • Pages viewed
  • Session frequency (new vs returning)

3. Geolocation

  • Access point location
  • Device proximity to hotspots

4. Commercial Information

  • Voucher redemption
  • Survey responses
  • Campaign engagement

5. Inferences

  • Customer behavior patterns
  • Visit frequency
  • Interest-based segments

If your business collects any of this through Monyfi, users may have CCPA rights.

Here’s a quick walkthrough showing how to create a guest Wi-Fi splash page using Monyfi – including how to collect customer information while staying aligned with CCPA requirements:

Key CCPA Requirements for Businesses Offering Guest Wi-Fi

If your business meets CCPA thresholds and collects guest Wi-Fi data, here’s what you must provide:

1. Notice at Collection

Before collecting data, your splash page must clearly state:

  • What categories of data you collect
  • Why you collect it
  • How it will be used
  • Whether data is sold or shared

Monyfi’s customizable splash pages allow you to add this message easily.

2. Right to Know

Users can request:

  • The categories of personal data collected
  • Specific pieces of information gathered
  • Sources of data
  • How the data is used or shared

Monyfi’s analytics logs help businesses track this.

3. Right to Delete

Users may request deletion of their personal data.

You must:

  • Delete the data
  • Instruct service providers to do the same

Monyfi’s cloud-based records make this manageable.

4. Right to Opt-Out of Sale or Sharing

If your business uses guest Wi-Fi analytics for:

  • Targeted ads
  • Personalized marketing
  • Selling or sharing data with partners

…then you must provide a “Do Not Sell or Share My Personal Information” link.

5. Data Minimization

Only collect what is necessary for the service.

This aligns perfectly with Monyfi’s configurable data fields.

6. Non-Discrimination

You cannot deny Wi-Fi access to users who opt out of data sale/sharing.

Group of people using devices at an outdoor café while connected to public Wi-Fi, highlighting CCPA considerations for shared Wi-Fi networks

How Monyfi Helps You Stay CCPA-Aligned

Monyfi provides powerful tools for Wi-Fi monetization and analytics – but it also gives businesses control over how data is collected and managed.

Here’s how Monyfi supports compliance:

1. Customizable Splash Pages

Add:

  • Notices at collection
  • Privacy policy links
  • Opt-out or consent options

This helps cover key CCPA requirements.

2. Clear Visibility Into User Data

Monyfi’s dashboards show:

  • Connection logs
  • User identifiers
  • Campaign interactions

This makes fulfilling Right to Know and Right to Delete requests easier.

3. Granular Control of Data Fields

You can choose what data to collect:

  • Email
  • Phone number
  • Surveys
  • Demographics
  • Marketing preferences

This supports data minimization.

4. Ethical Marketing Tools

Monyfi’s marketing features can be configured to:

  • Only engage users who opted in
  • Respect opt-out preferences
  • Avoid unlawful data sharing

5. Secure Infrastructure

Cloud-based storage and access controls help meet CCPA’s expectations for reasonable data security.

CCPA vs GDPR: A Quick Comparison for Guest Wi-Fi

AspectCCPAGDPR
Applies toCalifornia residentsEU residents
Legal modelOpt-outOpt-in
Data sale/sharingMust allow opt-outStrict consent rules
User rightsKnow, delete, opt-outAccess, delete, rectify, restrict
PenaltiesUp to $7,500 per violationUp to €20M or 4% global turnover

Best Practices for CCPA Compliance Using Monyfi

  • Display a clear privacy notice on your splash page
  • Provide a “Do Not Sell My Personal Information” link
  • Only collect essential information
  • Set retention limits
  • Respond to data access or deletion requests
  • Document your data practices
  • Train staff on privacy handling
  • Review vendor relationships (including Monyfi) each year

FAQ (AEO Optimized)

Does CCPA apply to guest Wi-Fi?

Yes. If California residents use your Wi-Fi and you collect their data, CCPA applies.

Is MAC address considered personal data?

Yes. Under CCPA, device identifiers are personal information.

Do I need a “Do Not Sell My Info” link?

Yes, if your data practices qualify as “selling” or “sharing” information.

Can I still run targeted ads with Monyfi under CCPA?

Yes, but you must honor opt-out requests and clearly disclose data practices.

Does CCPA apply if my business is outside California?

Yes, if you process the personal data of California residents.

Conclusion

Guest Wi-Fi is a powerful business tool – but it also involves collecting personal data. By understanding CCPA and using Monyfi responsibly, your business can offer secure, engaging Wi-Fi experiences while protecting user privacy.

Monyfi’s customizable splash pages, analytics controls, and secure infrastructure make it easier for businesses to stay aligned with CCPA requirements.

If you’re ready to offer smarter, privacy-focused guest Wi-Fi, Monyfi gives you the tools to do it right.

More Posts

Industries
About Us
Conditions

© 2025 Monyfi – Wi-Fi Management and Monetizing Platform | Web Development by Thryvz