Starting in January 2020, the California Consumer Privacy Act (CCPA) goes into effect.
In this article, review your responsibilities as a client of Mindmatrix and as a marketer, according to the CCPA. Please be advised that this article will not constitute the total sum of your responsibilities. We recommend that all of our clients take the time to familiarize themselves with the regulations under CCPA and ensure that they are operating within the bounds of compliance under this new law.
Under this new regulation, you have additional responsibilities towards contacts you add to your CRM or account within Mindmatrix software. The CCPA guarantees citizens of California the right of privacy, including “the ability of individuals to control the use, including the sale...of their personal information” (Title 1.18.5, Section 1798.100, Part 4 of Division 3 of the Civil Code, relating to privacy, June 28, 2018).
If a contact is a resident of the state of California -- as a business owner, you have the responsibility to -
Capture the consent of contacts before you add them to your account within Mindmatrix
Easily share with potential contacts how you plan to use their personal contact data, and give them the option to opt-out of starting the process
Share, upon request the categories of information you plan on collecting back to January 1, 2019.
In addition to this, it also imposes additional consent requirements for sale and usage of personal data.
If your company does business in California, or you collect the contact information of potential leads across the US as a part of your sales and marketing efforts, you need to complete your own due-diligence to ensure that you are operating within the bounds of the law.
While it is every user’s responsibility to capture consent before adding contacts to Mindmatrix, there are tools you can use to make this a little easier.
Add forms to your website or use forms at events to capture the consent of contacts.
Export options for contact lists to help you review
Review your lists to find any contacts that may be from California. Update your records to ensure that you have the correct address details.
Email campaigns to periodically capture consent
Since contacts may change residency, it’s important that your lists are up-to-date. From time to time, make a habit of reaching out to your contacts to ensure that you’ve properly captured their consent to send them email campaigns. You can do this by phone or email.
If a contact personally reaches out to you asking to be unsubscribed, unsubscribe them from your lists and do not re-add them.
If a contact requests to be removed, delete the contact from your database.
If any contacts were added without their consent, prior to January 1, 2019 we are recommending that you reach out to these contacts to capture their consent.
You are required to adequately document and process the personal data of contacts starting January 1, 2019 with proven record of consent to store their information within your CRM or Mindmatrix.
Contacts that fall under the jurisdiction of the CCPA may email email@example.com to request more information about the campaigns to which they are subscribed, personal data collected about them, and may request to be removed.
The CCPA will enforce fines of $2,500 per violation or $7,500 per intentional violation and does not place a cap on total fines. Individuals also have the right to sue your organization under CCPA for non compliance.
If a contact reaches out to Mindmatrix to request to be removed from your database, Mindmatrix will remove this record upon request. To learn how to delete contacts on your own, search our help desk.
No. As the owner of the data, you are responsible for capturing clear consent from any contacts before you add them to Mindmatrix software.
If Mindmatrix does receive a complaint, we will remove the data based on GDPR Requirements regardless of location (As of November, 2019).