Mind Your P's & Q's with CCPA and GDPR

Kate Reinarz, Jr. Marketing Manager

Kate Reinarz, Jr. Marketing Manager About The Author

February 13, 2020

header graphic_no text

In our increasingly complex, connected digital world, protecting the data of your prospects and customers has become a critical business responsibility that faces more and more legal scrutiny from international, federal and state governments. To make sure you are adhering to the most current regulations, we are committed to taking all necessary steps to ensure you stay compliant in your digital marketing efforts.

What are CCPA & GDPR?

GDPR, or, General Data Protection Regulation is a set of rules set forth by the European Union* for personal data protection. CCPA (California Consumer Privacy Act) is a new set of regulations for the acquisition, retention and selling of personal data. These types of regulations are being issued in order to make sure people have more personal protection over their data.

*Why does GDPR apply to US companies? GDPR pertains not specifically to a business, but to the individual whose data is being collected. This means if you are collecting the data of any individual who resides in the EU, you are required to comply with GDPR.

When do these laws go into effect?

GDPR went in to effect May 25, 2018. CCPA went in to effect on January 1st, however no enforcement action will be taken until July 1, 2020.

What is rezora doing to make sure you’re compliant?

Because rezora specializes in the unique relationship between marketing directors, agents, and an agent’s contacts, we’re taking all necessary steps to ensure we are not only CCPA & GDPR compliant, but staying vigilant as many other states begin to pass similar laws. Because CCPA is so similar to GDPR (read about the difference here), the efforts taken to comply can be summed up similarly.

These include:

  • An additional option for requesting the deletion of your data: you can email us at support@rezora.com, or you can send us some snail mail at 4845 Pearl East Circle, Suite 118 #81061, Boulder, CO 80301.
  • The ability for agents to view (and delete if they wish) their personal information associated with their rezora account.
  • A link at the bottom of emails where a contact is able to view (and delete if they wish) their personal information associated with their send history through rezora.
  • A message to agents, upon import of new contacts, reminding them of the explicit permissions that various international, federal and state regulations require for gathering contact’s data and subsequently, marketing to them.

What does this mean for you and your contacts?

The best way to make sure you’re staying compliant is to stay educated. Here are a few things you should know about the regulations set forth by GDPR and CCPA:

  • CCPA only applies to businesses that meet one or more of the following requirements:
    • Has gross annual revenues in excess of $25 million;
    • Buys, receives, or sells the personal information of 50k or more consumers, households or devices;
    • Derives 50 percent or more of annual revenues from selling consumers’ personal information.
  • Under CCPA, once a data deletion request has been received, the company has 45 days to disclose & deliver which information they’ve collected and what it’s used for, as well as erase the information.
  • Businesses must provide notice to consumers at the time of or before data collection. You should know how you obtain, keep and manage consent and whether you need to make any changes. 
  • Businesses must provide consumers at least two ways to request the deletion of data (ex: via email and snail mail).
  • Provide an updated and accurate privacy statement/policy.
  • Know the source of your information: If you’ve obtained information about a contact, how did you get it? And, are you sharing it anywhere?

As more states follow suit, remember to keep up-to-date and make sure you’re providing your contacts with adequate information as well (like what their data is being used for, or where their data may end up). We know these laws can seem tedious to unpack and act upon, so we at rezora will continue to provide you with all of the information we can to keep you confident in your digital marketing efforts.

If you’d like to continue reading up on CCPA, GDPR and other data regulations, here are a few great resources:

CCPA Fact Sheet
11 New State Privacy & Security Laws Explained
Quick Overview: CCPA
What GDPR & Other Regulations Mean for 2019 and Beyond
GDPR: A Cheat Sheet

Any notices or questions regarding these or other privacy regulations should be directed to Data Protection Officer, Rezora, LLC, Alex W. Trautman, Esq., Trautlaw, LLC, 3858 West 102nd Avenue, Westminster, CO 80031.

Topics: Best Practices, About rezora, Data Regulation

Enjoy the read? Subscribe for more.