CCPA Compliance

CCPA Compliance, Cassie.

We can help your business attain true CCPA compliance under the CCPA regulations through our Personal Information Platform, Cassie. Cassie ensures there is one central, secure platform to manage personal data, legal basis, consent and marketing preferences.

Allowing you to meet regulations wherever your customers are, globally. Cassie is feature-rich and provides an essential bridging system between the multiple information pots held within modern organisations.

What is CCPA?

The California Consumer Privacy Act, (CCPA), is a set of legislations brought into law in June 2018 driven by the continued rise in consumer data breaches and growing privacy concerns of individuals.

CCPA concentrates upon entities processing personal information with annual gross revenue in excess of $25 million or who annually buy or sell for commercial purposes, information of 50,000 or more Californians, households or devices (or organisations that derive 50% or more annual revenue from selling such information).

CCPA gives individuals the right to bring a civil action against companies that violate the law and states that damages will be between $100 and $750 – or higher, if there is more proof of extensive damage. In addition, the state can bring charges against a company directly, levying a $7,500 fine for each alleged violation that isn’t addressed within 30 days.

There is also a separate bill still under consideration in California, AB-2546, targeted at strengthening anti-spam laws and moving California – and in effect the rest of America, away from opt-out marketing permissions.

Individuals rights to CCPA.

  • Transparency – CCPA imposes a requirement that website operators offer a do not sell link to their website, among other contact methods and that website privacy policies are updated every 12 months.
  • Access – CCPA grants individuals the right to access the information an organisation processes about them in the last 12 months.
  • Object – CCPA is focused on preventing the sale of personal data and discriminatory repercussions for exercising rights (e.g. – cannot be denied goods or services, charged different prices or be subject to a different level of quality or service).
  • Deletion – CCPA grants the right to request deletion free of charge; which must be honoured by downstream entities in a given timeframe.
  • Portability – CCPA grants individuals the right to move their data free of charge via an electronic, readily usable format.

CCPA requirements all met with Cassie.

CCPA requires organisation’s to be transparent with individuals about the data they hold about them.

We understand that this can be difficult. Your business receives data from various sources, whether that be through web forms, transactional services, e-mail, SMS and so on. Cassie enables a single truth to be created by the production of a homogenized virtual record whist keeping a full audit trail of every detail (including source), from origin to present time, across all your systems.

Transparency is enabled using either the fully customisable Data Subject Portal or by linking the feature rich API to existing access routes. Any corrections can be automatically distributed across the entire eco-system of an organisation simply and securely, saving time and money.

Future-proof compliance.

CCPA requires strict consent for certain activities from anybody 16 or below. This consent must be able to be proven and shown to have been given freely as part of an informed decision. There is the possibility of this being extended to cover all individuals.

Integral to consent is the concept of ‘proof’ and ‘context’. Cassie has multiple tools to enable the collection of consent in a business positive way, from web widgets to phone apps. Not only does Cassie remove the hurdles from collecting consent and using information, but the management of the process is simple, and the ‘proof/context’ fulfils all global requirements. Offering complete flexibility and multi-tiered granulation, Cassie has been designed to be future-proof as communication methods change and is also multilingual, covering all languages (including non-Latin character languages).

Granular records and audit reporting.

CCPA requires that certain administrative tasks can be requested by an individual at no cost to themselves. This can be both the provision or deletion of their details. These requests must be completed within a reasonable timeframe.

Cassie enables the easy export of all attributed data, pertaining to an individual, via its audit reporting features. These are simple to use and can create either a CSV or PDF report. In addition, the SAR management module allows for the tracking of requests where extra information needs to be collated from different areas within an organisation.

If a request for erasure is made, Cassie will flag the data it applies to. The request is then recorded for an administrative update. An administrator will then either provide an explanation as to why the request cannot be fulfilled or confirm the request has been completed. If the request has been completed, Cassie will pass the flagged data through a one-way encryption algorithm. This enables a record to be compared by passing it through the same algorithm if a query is raised in the future but fulfils the technical requirement of erasure.

Meet Cassie.

Cassie is a single platform that allows you to collect and consolidate user contact, consent and preference data so your organisation can be compliant and transparent under regulations such as GDPR and CCPA. The platform currently manages over 1.6 billion preferences, for over 100 million contacts globally.

CCPA Compliance Cassie personal information & consent management

Latest Regulatory News.

Read the latest regulatory news by visiting our articles, if you’d like any specific information regarding your region please feel free to get in touch with us.

Syrenis Featured in Gartner’s 2020 Market Guide for Consent & Preference Management

We are delighted to announce that Syrenis and CASSIE have been recognised as a leading vendor and product in Gartner’s 2020 Market Guide for Consent & Preference Management. This is our second appearance in Gartner’s annual flagship report on the consent and preference space, and a further acknowledgement of CASSIE’s position as a leading enterprise privacy solution.

Syrenis recognised as an overall leader in Privacy and Consent Management by KuppingerCole Analysts

Syrenis Ltd has been recognised as a product, innovation and overall leader as part of KuppingerCole Analysts 2020 Report for Privacy and Consent Management.

Syrenis in the UK’s top 100 Northern Tech Awards

Syrenis Ltd has been awarded a spot in the Top 100 Northern Tech Awards 2020. Once a year the Northern Tech Awards shines a light upon the leading technology businesses headquartered in the North of England and Scotland.

Trusted by.

Cassie software is trusted by and powers many leading enterprises and governments across the globe including: