This article does not constitute legal advice, nor is this information intended to create or rise to the level of an attorney-client relationship. You should seek professional legal advice where appropriate.
The California Consumer Privacy Act (CCPA) will become effective on Jan. 1, 2020. The most comprehensive privacy law to date in the US aims to give Californians more control over their personal information.
As a global company with headquarters in Europe, Criteo has adopted the General Data Protection Regulation (GDPR) regulations, passed in 2018, as the worldwide standard for all its services. Consequently, we have implemented processes to handle user rights and adopted best-practice data protection principles that go well beyond what is required by the CCPA.
Transparency Requirements & Data Protections
The CCPA adds transparency requirements for Criteo and Criteo clients and publisher partners while setting out obligations on a website’s footer, notice at collection, privacy policy, opt-out page, and more.
The CCPA offers new protections to consumers in California, including:
- The right to know; Users can gain access to the “specific pieces of personal information the business has collected about that user”.
- The right to delete; Users can request that a business delete any or all personal information about the consumer which the business has collected from the consumer.
- The right to opt out; Users will be able to instruct a company not to ‘sell’ their personal information to third parties.
Privacy = A Core Criteo Principle
Our product teams develop every feature with privacy in mind. It’s the cornerstone of Privacy by Design, a four-step approach that ensures an industry-leading level of safety for marketers and consumers alike:
- Power of Information. Our privacy standards are deliberately rigorous. We know that the more a consumer understands what we do, the more confident they’ll feel.
- User Choices. We make every effort to enhance the shopping experience, but we respect that some consumers would rather opt-out. We make it easy for them to do so with a few clicks.
- Security. Data is always securely collected and retained. We operate our own servers and have a dedicated security team.
- Privacy Counsel. Our team of privacy experts constantly assess risks, provide company-wide privacy training, and help us to build even better products.
Our Commitment to Global Privacy
We require a high level of data protection and privacy requirements on all our partners across the world. Thus, should the relationship with one of our partners involve data subject to the CCPA, our partner is formally required to comply with best-practice data protection standards and adhere without any restrictions or limitations to the CCPA.
Protecting consumers’ privacy and being clear and transparent about business practices is essential to our global organization. When customers understand exactly how their information is being used and are given control over their personal browsing data, it strengthens their trust in us and, ultimately, your business.
To learn more, download our CCPA report.
Disclaimer: This summarizes the main requirements related to the CCPA, without going into full details. We advise our clients and publisher partners to consult with legal counsel to ensure compliance of their practices.