California Consumer Privacy Act (CCPA)

On the heels of Europe’s General Data Protection Regulation (GDPR), a new regulation called the California Consumer Privacy Act (CCPA) went into effect January 1, 2020. Passed into law on June 28, 2018, the CCPA protects personal information of California consumers. The CCPA defines “consumer” as “a natural person who is a California resident.”  The CCPA applies to companies worldwide who do business in California or handle California residents’ personal information – making its impact far-reaching. The law will expand and enforce the rights of California consumers in several areas and businesses will be required to be extremely transparent about how they are collecting, using and disclosing their customers’ personal information.

Tealium helps companies stay compliant with evolving consumer data privacy regulations like the CCPA by supplying data governance tools to help them unify their data and build a secure and governed data supply chain. As a result, organizations will be able to get a complete view of their data, manage its use and stay compliant with data privacy regulations.

The CCPA is another opportunity for companies across the world to assess where they are in their efforts to manage customer data effectively and leverage it for insight and action.

This new report from Forrester highlights the strategic importance of customer data and how to begin evaluating your company’s maturity level towards that transformation. 

Read the Tealium commissioned Forrester research on customer data maturity.

Organizations should be aware that consumers gain new rights under the CCPA to protect their data and privacy

1. The right to know what personal information has been collected and where it was sourced from and the purposes for which it is being used. The CCPA gives consumers the right to gain visibility into how businesses are processing their data. This makes establishing an end-to-end data supply chain, from collection to delivery, critical.

2. The right to know if personal information has been sold or disclosed (and to whom) and the categories of that information. To comply, companies will need to audit and trace the end-to-end journey of data from collection, to business units to technologies utilizing the data.

3. The right to equal service and price, even after opt-out. The CCPA gives consumers the right to not be discriminated against if they tell a company not to sell their personal information.

4. The right to access their personal information. Under the CCPA, consumers have the right to make two requests per year for access to their personal information that a company has stored over time.

5. The right to erase personal information. To comply with this CCPA requirement, companies will need the ability to automatically orchestrate the transmission of data throughout your company’s ecosystem, audit its journey, and store its current state.

6. The right to say “no” to the sale of personal information. Companies will need to be able to present consumers clear and obvious opt-out choices before data collection. This means adding a “Please Do Not Sell My Personal Information” link on homepages, download pages for mobile apps, or pages that are otherwise collecting personal information.

Tealium’s solution consultants are knowledgeable and ready to help you strategize your data governance plan to help you get ready for CCPA.