“Data is the pollution problem of the information age, and protecting privacy is the environmental challenge.”
Why, of course you do!
It’s the smaller, somewhat less imposing younger brother of GDPR!
Also known as AB-375, CCPA was implemented in January 2020 and focuses exclusively on data collection and privacy. It moves California out of the rules established by CAN-SPAM and puts it in sync with international anti-spam laws.
In fact, the law mentions that it is in response to the Facebook-Cambridge Analytica Data Scandal. The scandal was about the gathering of the personal data of 87 million people from their Facebook profiles without their consent.
While we know the implications of CCPA, what does the data privacy law mean for marketers?
What are some best practices that your marketing team should follow to comply?
Well, we talk about all that and much more in this blog post!
So first things first,
What does CCPA mean for marketers?
For the high-volume-email-sending marketer, CCPA means that you need to make necessary changes to your policies in order to be as well-equipped as possible.
One can not emphasize enough on how necessary it is to know what information you are collecting, where it is going or coming from, and how it is being used.
Having consumer privacy in mind is of paramount importance. Seeking permission to collect data, giving stakeholders the freedom to opt-out of data collection, or deleting existing data when asked is an integral part of CCPA.
With the specifics out of the way, we’d now like to talk about some steps that marketers ought to take.
Reanalyze usage of third-party data
The California Consumer Privacy Act confers consumers with the right to know “the categories of sources from which personal information is collected.” In case you are purchasing third-party data (beyond what is available publicly about your customers), it will ultimately come to light through a CCPA request. If your company is unable to explain that to customers, then you might want to halt the practice.
The Californian law requires you to issue a notice to inform your customers what information has been collected and for what reason.
It must clearly inform consumers that they can opt-out of data collection if they wish. You now need to display the new rights of the residents of California. It is imperative that you make the entire process of obtaining, requesting an erasure, and opting-out of the collection, or selling of personal data, clear.
Delete consumer data when requested
CCPA stipulates that Californian-consumers have the right to be forgotten and the right to get whatever data a company has on them, deleted. You must delete the data within 45 days of receiving a request.
Apart from the right to delete, the law empowers Californian consumers with the right to:
- Determine the categories of personal information being collected
- Know who their information is being sold or disclosed to
- Refuse the sharing/sale of their information to any third-party
- Access all their personal information held by an organization
- Equal service and price, even if any privacy rights created by the CCPA are exercised
Refrain from selling your customer’s information
If you plan on selling your customer’s data to other companies, ensure that you keep a record of all sales up to a year. It is imperative that you introduce a “Do Not Sell My Personal Information” link on your homepage that your users will check to prohibit the selling of their personal data. Failure of which will result in civil penalties up to $7,500.
Now that we’ve taken a look at some of the most important tips that you need to follow, let us quickly take a look at this checklist you, as a marketer, need to strictly comply with.
Marketers need to take the responsibility to:
- Ensure your team has clarity about CCPA and its compliance process
- Comprehend how personal data is being used to message and serve your customers
- Confirm that you and your organization are following a comprehensive checklist to comply with CCPA
As a part of the marketing team, make sure of the following:
- If you’re using CRM, marketing automation, or ad platforms to send messages to your customers, try and understand how these systems will comply to CCPA
- Connect with your in-house information security and legal teams to ensure that there is a process in place for handling the CCPA rights requests that consumers may make.
For marketers, CCPA compliance translates into more responsibility that requires planning, focus, and quick execution of solutions. Take the time to understand and review your next steps and involve the right departments within your organization. The faster you prepare yourself to be compliant with the law, the better it is for your company.
Team Grazitti Can Help You Prepare for CCPA the Right Way! Contact Us.