1. A Step-By-Step Guide to
California Consumer Privacy
Act (CCPA) Compliance

2. Table of Contents
1.
2.
3.
4.
What are the CCPA regulations?
Why is the CCPA essential?
Who and what falls under the
purview of the CCPA?
How is BizProspex compliant with the
CCPA regulations?
5.
How the CCPA compares to GDPR?

3. What are the CCPA regulations?
The California Consumer Privacy Act of 2018 (CCPA)
gives consumers more control over the personal
information that businesses collect about them and the
CCPA regulations provide guidance on how to
implement the law. This landmark law secures new
privacy rights for California consumers, including:
● The right to know about the personal information a
business collects about them and how it is used
and shared;
● The right to delete personal information collected
from them (with some exceptions);
● The right to opt-out of the sale of their personal
information; and
● The right to non-discrimination for exercising their
CCPA rights.
The regulations went into effect on August 14, 2020.
Additional amendments to the regulations went into
effect on March 15, 2021.

4. For California residents who exercise these rights, the CCPA
specifies a non-discrimination clause, meaning that everyone
is accessible to the same services and price, regardless of
whether they allow organizations to sell their data or not.
Intended to enhance consumer protection and data privacy
rights, The CCPA’s goal is to equip consumers with
increased knowledge of what happens with their personal
data. It aims to provide data transparency and
accountability, allowing consumers to see their digital
footprint and prevent the selling of their personal
information.
Why is the CCPA essential?

5. Who and what falls under the purview
of the CCPA?
Only California residents have rights under the CCPA. A California resident is a natural person (as opposed to a
corporation or other business entity) who resides in California, even if the person is temporarily outside of the
state.
The CCPA seeks to protect California residents from
the risks of unauthorized disclosure of personal
information including identity theft, destruction of
property and reputational damage.In addition,
organizations that must follow CCPA compliance are
also required to maintain reasonable security practices
in order to protect consumer data.
Personal information (under the CCPA regulations) is
information that identifies, relates to, or could reasonably
be linked with you or your household and which is not in
the public domain. For example, it could include your
name, social security number, personal email address,
records of products purchased, internet browsing history,
geolocation data, fingerprints, and inferences from other
personal information that could create a profile about your
preferences and characteristics.
Under the CCPA, only publicly available data is not
considered personal information.
3/11

6. Expected CCPA (California Consumer Privacy Act) compliance of companies in
the United States according to security professionals in 2020
Source Statista
4/11

7. California Consumer Privacy Act (CCPA) compliance among companies in the United
States as of 2nd quarter 2022, by company size
Source Statista
5/11

8. How the CCPA compares to GDPR?
Source Deloitte
6/11

9. 4 reasons why only 11% of companies are fully compliant with the CCPA.
CYTRIO, a leading data privacy software company in the US recently released numbers- 5,175 U.S. companies with
revenues ranging from $25 million to more than $5 billion and released the findings in the State of CCPA Compliance:
Q1 2022 report.
1. CCPA is a complex regulation to decipher and implement
CCPA is a complex regulation that applies to any company 1) over $25 million in revenue that is conducting business in
California, 2) generating more than 50% of revenue through the sale of personal information, or 3) collecting more than 50,000
pieces of information from California citizens. To keep track of the regulation requirements and associated changes is a
complex task for companies. About 60% of companies with 10,000+ employees researched have deployed an automated data
rights management solution to avoid these high costs.
2. Companies are in a holding pattern
Due to the slow pace of enforcement, many companies slowed the process of implementing CCPA/CPRA compliance
solutions. Some companies implemented a difficult to use manual process with email or web forms to enable consumers to
exercise their rights under CCPA. However, 44% of companies that will need to comply did not deploy any solution at all
– automated or manual.
7/11

10. 3. Many companies are not seeing the large number data requests (YET!)
Some companies are using manual processes to address DSAR compliance, and one reason is they aren’t yet seeing a
lot of data requests. However, data requests will increase several fold as consumers become more aware of their data
privacy rights from continued data breaches and fines associated with non-compliance. Under GDPR, it took almost
two years before the first set of fines were announced, and there has been a massive increase in the number of fines over
the last two years. In 2021, total fines imposed under the GDPR hit more than $1.2 billion.
4. 1st Gen data rights management solutions are complex to deploy
First generation CCPA privacy rights management automation solutions are complex and cumbersome to deploy. In fact,
according to G2, the average reported implementation time for data privacy management software is three months; the
longest implementation is reported at just over five months. This has contributed to a low adoption rate. However, as
next-generation solutions become available that are less complex and easier and faster to deploy, like CYTRIO’s privacy
rights management, adoption will certainly increase.
8/11

11. How is BizProspex compliant with the CCPA regulations?
BizProspex, being the leading services provider in the
business, understands the requirements and
responsibilities of delivering legitimate and accurate
data. We stand out as global leaders when it comes to
CRM cleaning, Data appending, Data mining, Tech
install, Data Merging and Data Deduping for B2B
clients. We aim at supplying our clients with public data
scraping of the highest quality to boost your sales
numbers. At BizProspex, we focus on becoming the
partner your organization needs to survive, and in the
long run, thrive.
BizProspex, being the leading services provider in the
business, understands the requirements and
responsibilities of delivering legitimate and accurate
data. We stand out as global leaders when it comes to
CRM cleaning, Data appending, Data mining, Tech
install, Data Merging and Data Deduping for B2B
clients. We aim at supplying our clients with public data
scraping of the highest quality to boost your sales
numbers. At BizProspex, we focus on becoming the
partner your organization needs to survive, and in the
long run, thrive.
9/11

12. However, we take necessary steps to ensure that the
CCPA requirements are seamlessly met with,
● By conducting an assessment of the data
protection risks associated with any new project
and initiating a plan to mitigate those risks.
● By assessing and implementing the CCPA
compliance to existing or pre-dated data
protection plans.
● By initiating and executing an immediate
mitigation plan to address any gaps or risks
posed in delivering our data services.
Our privacy policies (that are mentioned on the
website) clearly state how the data for processing is
collected, how it is processed, who in our team can be
contacted regarding data storage and processing. As a
CCPA-compliant enterprise its our responsibility to
ensure that-
● Informing people of a data breach.
● Absolutely honoring requests that personal
information not be sold.
● Avoiding discrimination against individuals who
exercise CCPA rights.
We claim the highest standards of work ethics with utmost obedience to laws that we are subject to.
All the pre-scraped public data that we collect and process is done so with the contractual consent
of our customers under the purview of CCPA guidelines. At BizProspex our compliance and audit
experts work tirelessly to make sure all the right compliance controls are in place when it comes to
data.
10/11

13. Partner with us to benefit with the highest-quality and CCPA
compliant data services. Contact us to know more.
https://www.BizProspex.com/
murtaza@bizprospex.com
11/11