SmarterHQ offers a new Guide to help marketers handle CCPA
SmarterHQ puts together the key components of CCPA and the steps marketers need to take to properly prepare your customer data and marketing for compliance.
SmarterHQ puts together the key components of CCPA and the steps marketers need to take to properly prepare your customer data and marketing for compliance.
30-second summary:
Personalization platform SmarterHQ is out with a new Guide that is designed to make the new California Consumer Privacy Act (CCPA) a little less scary for marketers.
The free study, “A Marketer’s Guide to Navigating CCPA” [free, registration required], offers definitions, descriptions of consumer rights, and some practical advice and checklists.
The CCPA officially starts on January 1, with enforcement beginning July 1. But organizations are liable for offenses that began at the first of the year, and penalties for any violations could include being hit with consumers’ class-action suits or receiving significant fines from the state.
The new law covers businesses that have more than $25 million in annual revenue from California residents, that collect info on more than 50,000 California residents, households or devices, or that receive more than half their annual revenue from selling consumer data about California residents.
But, to complicate matters, the final regulations have not yet been released by the state’s Attorney General, who has the authority to describe what CCPA means in practice, in addition to enforcing those regulations. Expectations are that the final regulations will be unveiled before July 1, but companies need to be trying their best to comply with the prospective rules already released.
The report points out that the law gives California residents several new kinds of rights. They will have a right to know – about what kind of info is being collected by organizations and why, including name, email address, browsing history, geolocation, biometrics, personal property records, purchase records, employment info and more.
They can also request access to the full record of this info, or can require the info’s deletion, and they have the right to opt out of the sale or exchange of their info.
With these new rights, the report notes, every compliant organization needs to address who has specific responsibilities, such as:
Additionally, an organization’s Privacy Policy needs to be updated in ways itemized in this report, such as explaining what personal info is collected and why, the rights of consumers and the process for requesting that info be made available or deleted.