The California Consumer Protection Act (CCPA) ushered in another set of compliance risk —and with it an opportunity for organizations to level up their marketing in a digitally-mature and customer-focused way.  

Our recent CCPA webinar outlined some of the critical areas for marketing action, discussed some practical CCPA use cases, and provided clear next steps for marketers to take in this era of data privacy. 

We received so many great questions from attendees during the Q&A session and had our experts weigh in below. 

It’s always important to consult with your legal team when navigating the world of data privacy regulation, and there are also many ways to take immediate action that will move your organization toward privacy-aware marketing practices. 

If you have a question that isn’t addressed below, get in touch: info@cardinalpath.com   

Q. What is marketing’s role in responding to privacy requests?

Once an organization’s legal requirements are established, marketing must play a leadership role in responding to requests. Customer communications require the type of care and finesse delivered by marketing to guard against the real risks of brand erosion that can result from poor messaging and bad experiences.

Q. If you could suggest just one thing to do as a starting point, what would that be?

A critical first step is data mapping. Understanding what data is being captured and where it is being stored is the starting part of an organization’s ability to respond to data requests efficiently.

An added value is that the process allows organizations to discover what information is not being captured, leading to the development of data capture strategies to improve marketing sophistication.

Q. Does CCPA apply to tracking unauthenticated users?

It could.  Even when unauthenticated, there are still methods that can be used to identify an individual. If, for example, an unauthenticated user can be identified through data mapping (e.g. Client ID), then the CCPA would apply. 

Q.  Do all websites need a pop-up window asking the user to agree to privacy terms?

It doesn’t necessarily need to be delivered in a pop-up window, but the CCPA requires businesses to disclose certain pieces of information in their privacy policy. This would include a description of a consumer’s rights, a list of personal information categories an organization has collected, etc.

Q.  What about advertising to get new members (beyond first-party)?

Levering campaigns that have people sign up or create an account in a value exchange is an effective approach.

The key is having a symmetrical exchange: what information you ask for from the customer must be of similar value to what they receive from you.  Offering that which is of value and interest to the customer contributes to brand trust. 

Q. If sales leads are being added to a database, do they need to receive a CCPA privacy notice?

Sales leads added from a networking event, for example, would not need to receive a privacy notice. However, individuals have the right to follow-up to see if their information was stored, what information was stored about them, and to ask that your organization to delete it.

Q. Our website has Google Analytics on it and it helps with tracking our customers. Are we responsible for providing a customer with a summary of stats about them from GA as well?

If you are able to match website behavior to an actual person, you would have to provide them with website browsing behavior data because it is personally identifiable information.

If however, there is no way to identify an individual within Google Analytics, then you would not have to provide that data.

Q. Can brands advertise only with publishers that are CCPA compliant?

If the publisher is collecting data and selling it to the advertiser, then we would recommend the advertiser thoroughly audit how any personally identifiable information was captured.

If the advertiser is collecting personally identifiable information directly through a publisher’s website, they would need to provide this data to a user (or delete it) upon request.

 Q. Regarding customer match with third-party platforms, how would we know which vendors follow best practices?

You can provide them with a self-assessment form to complete that will allow you to review a vendor’s data practices. You may want to amend language in any contracts or agreements with vendors that would help protect you in the event of a privacy incident.

As always, check with your legal counsel to determine the preferred methods to ensure your vendor organizations meet your privacy standards.

Message Sent

Thank you for registering.

Cardinal Path hosted a live session to connect with you and answer all your questions on Google Analytics.
Get all the expertise and none of the consultancy fees in this not-to-be-missed, rapid-fire virtual event.

Thank you for submitting the form.

Thank you for submitting the form.

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

Message Sent

Thank you.

Click here to download access the tool.

Message Sent

Thank you for registering.

Message Sent

Thank you.

Message Sent

Thank you.

Message Sent

Thank you

Message Sent

Thank you

Message Sent

Thank you.

Message Sent

Thank you

Message Sent

Thank you.

Message Sent

Success!
Your message was received.

Thank you.

Thank you for registering.

Cardinal Path is continuing with its series of free training. Next we are conducting training on Google Data Studio. Check it out here.

Message Sent

Thank you for registering.

Thank you for your submission.

Your request has been submitted and a rep will reach out to you shortly.

Message Sent

Thank you for your interest.

Thank you for registering.

You should receive a confirmation email from GoToWebinar with your unique webinar login information. If you do not receive this email or have trouble logging in to the event, please email asmaa.mourad@cardinalpath.com.

Thank you for subscribing!

You're now looped into the world's largest GMP resource hub!

Thank you for your submission.

Thank you for your submission.

Thank you for your submission.

Thank you for your submission.

Message Sent

Thank you for registering.

Message Sent

Thank you for your submission.

Thank you for your submission.

Message Sent

Thank you for registering.

Thank you for registering.​

Paid media spend by Government websites increased a whopping 139% YoY in 2020.

2020 Online Behavior Live Dashboard

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

2020 Online Behavior Live Dashboard

Thank you for your submission.

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

Message Sent

Thank you for registering.

Message Sent

Success! Thank you
for reaching out.