CCPA Compliance & Data Compliance Policy
Last updated: 25th August, 2022
What is the CCPA?
The California Consumer Privacy Act (CCPA), is a new California privacy Law, effective from January 1, 2020. The CCPA enhances privacy rights and consumer protection for residents of California, United States. To be compliant with the CCPA, a company must provide data rights to its customers, including but not limited to: a) deletion of their personal data, b) access to their personal data, and c) the ability to opt-out of sale of their personal data (and ensure that any subsequent reselling of data is done with appropriate notice and consent). These requirements extend to any customer data that may be processed, held or stored by any service providers.
Consent Kit CCPA Summary
Consent Kit is committed to helping all customers prepare for data privacy regulations. Consent Kit maintains a robust privacy and security program that we continually improve to meet the needs of our customers, and to maintain industry standard data protection among research tool companies. We have consistently reinforced our commitment to privacy and security through our compliance with the CCPA, and the right to be forgotten for any customer or respondent.
Does Consent Kit have a Delete API?
Yes! Available upon request as part of Enterprise plans. Consent Kit is happy to participate in this single API update/delete program, and can ensure the API is highly secure and structured according to your needs, which is one of the reasons we only include this type of access in our Enterprise plans.
General API specification here (note the delete portion is not included by default).
Do Not Sell My Personal Information
Consent Kit maintains links for both right to be forgotten and explicit do not sell my personal information, but since our terms clearly prohibit Consent Kit selling any personal information, it’s probably a moot point.
Does CCPA Apply to Consent Kit?
Many of our customers work hard on CCPA compliance, so it’s important that Consent Kit supports that compliance through our own terms and policies. Since customers can edit their own legal terms in any Consent Kit email, each customer is ultimately able to manage their own compliance. Consent Kit does not currently meet any of the direct following official CCPA criteria (Cal. Civ. Code section 1798.140(c)):
- Annual gross revenue over $25 million;
- Annually buys, receives, sells or shares the personal information of 50,000 or more consumers, households or devices for commercial purposes; or
- Derives 50% or more of its annual revenue from selling consumer personal information.