SmarterHQ offers a new Guide to help marketers handle CCPA
SmarterHQ puts together the key components of CCPA and the steps marketers need to take to properly prepare your customer data and marketing for compliance.
30-second summary:
- SmarterHQ has created a Guide to help marketers understand and navigate California’s new CCPA privacy law.
- It includes descriptions of consumers’ new rights, the key responsibilities organizations need to assign and some practical advice.
- CCPA is complicated by the fact that only preliminary regulations have been released to date, although the law’s start date is January 1. Technically, enforcement starts no later than July 1, but it could apply to violations going back to the year’s beginning.
Personalization platform SmarterHQ is out with a new Guide that is designed to make the new California Consumer Privacy Act (CCPA) a little less scary for marketers.
The free study, “A Marketer’s Guide to Navigating CCPA” [free, registration required], offers definitions, descriptions of consumer rights, and some practical advice and checklists.
The CCPA officially starts on January 1, with enforcement beginning July 1. But organizations are liable for offenses that began at the first of the year, and penalties for any violations could include being hit with consumers’ class-action suits or receiving significant fines from the state.
No final regulations yet
The new law covers businesses that have more than $25 million in annual revenue from California residents, that collect info on more than 50,000 California residents, households or devices, or that receive more than half their annual revenue from selling consumer data about California residents.
But, to complicate matters, the final regulations have not yet been released by the state’s Attorney General, who has the authority to describe what CCPA means in practice, in addition to enforcing those regulations. Expectations are that the final regulations will be unveiled before July 1, but companies need to be trying their best to comply with the prospective rules already released.
The report points out that the law gives California residents several new kinds of rights. They will have a right to know – about what kind of info is being collected by organizations and why, including name, email address, browsing history, geolocation, biometrics, personal property records, purchase records, employment info and more.
They can also request access to the full record of this info, or can require the info’s deletion, and they have the right to opt out of the sale or exchange of their info.
Specific responsibilities
With these new rights, the report notes, every compliant organization needs to address who has specific responsibilities, such as:
- Who is responsible for reviewing the proposed regulations in detail, and then the final ones, to see how they will be implemented at your organization?
- Who is responsible for mapping personal data across all systems, internal and vendor?
- Who is working with vendors to make sure they comply?
- Who’s responsible for making sure the proper notices and links are presented to consumers? This needs to include links to “Do Not Sell My Personal Information.”
- Who is responsible for managing consumer requests about their info?
Additionally, an organization’s Privacy Policy needs to be updated in ways itemized in this report, such as explaining what personal info is collected and why, the rights of consumers and the process for requesting that info be made available or deleted.
