Are you CCPA compliant?
If your company targets California residents, you will need to make sure your data processes comply with CCPA. This legislation became effective on January 1, 2020, and required changes to the way data is captured and reported. Having gone through a similar transition with our European customers in 2018, iText is fully GDPR and CCPA compliant and has the expertise and experience to help you navigate the uncertainty of CCPA.
Our goal is to help you become CCPA compliant by providing you with easy-to-use tools:
- iText DITO enables you to provide your consumers a PDF read-out with all the information your company has about them, in an easy to output PDF format.
- pdf2Data lets you easily extract data from PDFs where tagging isn’t available. It offers a framework to intelligently recognize data inside PDF documents, based on selection rules that you define in a template.
- iText Core allows you to add markers in PDF files to indicate where personal data is located (to enable its extraction or removal), and use encryption and digital signatures to protect your customers' data.
For iText Core users, we also have the pdfSweep add-on to support you in this matter:
- With pdfSweep you can remove (redact) information from PDF documents in a reliable and secure way.
To find the best solution for your individual needs, please contact us to schedule a call with an iText specialist.
California Consumer Privacy Act - FAQ
Here are some facts you should know about CCPA.
What is the California Consumer Privacy Act (CCPA)?
The CCPA, a landmark privacy law became effective on January 1, 2020. As of this date, consumers are able to demand that companies disclose what personal data they have collected about them, and ask companies to delete that data or forbid them from sharing it with third parties.
Meanwhile, companies have to do more to tell consumers upfront about what data they collect. Those companies also have to put a button on their website that allows consumers to state they do not want their personal data sold, and further demand a company delete their data if asked to do so.
What the CCPA means for businesses?
The CCPA applies only to large companies or those that make the sale of data a core part of their business.
More specifically, there are the three types of businesses that are covered:
- Companies with more than $25 million in gross revenue
- Businesses with data on more than 50,000 California consumers
- Firms that make more than 50% of their revenue selling consumer data (i.e. data brokers)
What are the risks of non-compliance?
The CCPA calls for penalties of up to $7,500 for each intentional violation and $2500 for those lacking intent.
In the end CCPA (like GDPR) changes how companies view data. In the past, firms adopted a "data is gold" mentality and made an effort to collect as much personal information as possible. But that is now changing, and CCPA forces companies to reconsider what data they collect, and be more careful of how they retain it.
Either iText Core, iText DITO, or pdf2Data: Let us help you find the right solution.
With iText Core you have the power to add markers in PDF files to indicate where personal data is located, which can be leveraged when using text extraction for easy retrieval of marked data. You can also use encryption to protect your customer data using industry standard algorithms and practices.
iText DITO can be used to set up a process of template-based PDF generation to send your customers reports that provide an overview of all data records kept regarding the person in question.
Our user-friendly pdf2Data lets you easily extract data from PDFs where tagging isn’t available. It offers a framework to intelligently recognize data inside PDF documents, based on selection rules that you define in a template.