Not only achieve CCPA & CPRA compliance, but also generate competitive advantages
-
Achieve a CCPA-compliant online presence for your website or app
-
Minimize data privacy risks and associated fines and penalties
-
Document the collection, storage and use of personal data according to best practices
-
Benefit from privacy-compliant and autonomous solutions with us by
-
implementing a CMP, with the highest possible opt-in rates
-
Turn compliance into real competitive advantage and delight your customers
Ask for a free initial consultation
What do the CCPA & CPRA laws contain?
The California Consumer Privacy Act (CCPA) came into force on January 1, 2020 and is the first comprehensive data protection law in the USA that applies specifically to the state of California. This law strengthens the consumer protection rights of California's citizens and sets new standards in the handling of personal data. An important extension of this law is the California Privacy Rights Act (CPRA), which came into force on July 1, 2023, with retroactive effect until January 1, 2022. The CPRA tightens the requirements for companies regarding the use of personally identifiable information (PI) and ensures that this data is handled responsibly and in compliance with the law from that date. The CPRA also established the California Privacy Protection Agency (CPPA), a new government agency that monitors and enforces compliance with data protection statewide.
Focus on the rights of consumers & companies
Consumer rights in California
-
Right to prohibit data sharing: Consumers can ask companies not to sell or share their personal data (Do not share or sell my personal information). Express consent is also required for sensitive personal data (Limit the use of my sensitive personal information).
-
Right to correction and deletion: Citizens have the right to request the correction or deletion of their data. Companies are also obliged to ask third parties who hold this data to update or delete it.
-
Right of access: Consumers can request to see what personal data is stored and receive information on how long this data is stored (Data Subject Access Requests = DSAR)
Obligations for companies
- Opt-out rights for consumers: Provide consumers with the ability to opt-out of the use or sale of their personal data on your website or app.
- Implement required buttons: Add buttons such as “Do Not Sell or Share My Personal Information” and “Limit the Use of My Sensitive Personal Information” on your platform to comply with legal requirements.
- Comply with the right of access: Ensure that consumers have the right to request access to data collection and all related processes. It is recommended to implement procedures for Data Subject Access Requests (DSARs).
What are the consequences of non-compliance?
Fines & penalties
Companies that willfully violate regulations can be fined up to USD 7,500 per violation.
Reputational damage
Data breaches and non-compliance with legal requirements can significantly damage a company's reputation.
Regulatory interventions
The government authority (CPPA) may even prohibit the processing of personal data in serious cases.
Who is affected by the CCPA/CPRA data protection laws?
The California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) establish privacy standards specifically for for-profit entities that collect and manage personal data of California residents. This affects any business that processes personal data of consumers in California, regardless of its location. The following companies must comply with these laws:
+25 Mio.
Companies with an annual gross revenue of more than 25 million US dollars.
>50 %
Companies where 50% or more of their annual revenue comes from the sale of personal data of California residents.
+50.000
Companies that annually buy, receive, or sell the personal data of 50,000 or more residents, households, or devices in California.
CCPA & CPRA Compliance through a Consent Management Platform (CMP)
To meet the requirements of the CCPA and CPRA, effective management of consents is necessary. This is where the Consent Management Platform (CMP) by Usercentrics comes into play. The CMP is specifically designed to assist businesses in the transparent collection and management of user data, thereby achieving CCPA/CPRA compliance. As a market leader, Usercentrics offers a comprehensive all-in-one solution that enables simultaneous compliance with CCPA, GDPR, and other key privacy laws. The CMP provides more than 2,200 legal templates to save time and resources in implementation and maintenance.
Setting up the CMP according to CCPA and CPRA guidelines and utilizing the diverse features of the Usercentrics CMP can be particularly challenging for beginners. For this reason, we offer to implement the CMP for you on your website. You determine the required features and design, and we seamlessly integrate the CMP into your technology stack. Avoid legal risks and save time and resources by having your CMP setup done by our expert team.
Your Advantages of the Usercentrics Consent Management Platform (CMP)
Centralized Consent Management
Using a CMP allows you to manage all privacy requirements neatly in one place. This helps maintain an overview and ensures that all processes comply with the regulations.
Global Data Protection:
The Usercentrics CMP enables you to efficiently meet privacy requirements across multiple states or countries. With this platform, you can ensure compliance with various data protection laws worldwide by addressing the specific requirements for consumers in each region.
Seamless Integration
The Usercentrics CMP is distinguished by its hassle-free integration into common Content Management Systems (CMS) and website builder platforms. Additionally, the platform can be extensively customized to meet your specific requirements, ensuring optimal functionality and user-friendliness.
Choose DWC for Your CCPA Compliance and Generate Valuable Insights
We are experts in consent management and collaborate closely with leading providers Usercentrics and BigID to create optimal solutions in consent and data management for our clients. Our focus is on implementing tailored, privacy-compliant Consent Management Platform (CMP) solutions that enable the highest possible consent rates (opt-in). This enhances your data collection for more effective analysis and targeted marketing. Leverage our global expertise and partnerships with industry leaders not only to meet data protection requirements but also to gain significant competitive advantages.