The California Consumer Privacy Act: What Retailers Should Know and How Nosto Has Prepared for It

The California Consumer Privacy Act: What Retailers Should Know and How Nosto Has Prepared for It

Disclaimer: The content in this post is not – and should not be interpreted as – legal advice. For detailed information regarding the technicalities of CCPA, please seek legal counsel.



If you’re a business serving clients within the State of California, you’ve likely heard of the California Consumer Privacy Act going into effect on 1 January 2020 (“CCPA”). The CCPA will essentially change the way businesses can collect and process any personal data from California residents and it follows the trend started by the EU General Data Protection Regulation (GDPR) which was introduced in 2018.

To help your business remain CCPA compliant, we’ve put together a rundown of what you should know (and what you’ve likely asked yourself) regarding CCPA – as well as the tools we at Nosto have put in place to help ensure our clients abide by CCPA regulations.



What is the CCPA?

The California Consumer Privacy Act (CCPA, for short) is a Californian data protection regulation that grants consumers new rights with respect to the collection of their personal information. In the context of the CCPA, the term “consumer” refers to a California resident. The CCPA essentially reshapes the way organizations across the U.S. approach data protection – strengthening data protection for all individuals who interact with these businesses.



Even though CCPA is a Californian regulation, could it also apply to U.S. companies outside of California?

The short answer: yes, it could apply to U.S. companies outside of California. While the CCPA is a regulation binding and applicable across the State of California, it has implications and requirements for all non-Californian businesses processing California residents’ data.

The CCPA obligations apply to an organization (“business”) that:

1. is for-profit

2. collects consumers’ personal information, or on the behalf of which such information is collected

3. determines the purposes and means of the processing of consumers’ personal information

4. does business in California

5. meets any of the following thresholds –

  • has annual gross revenue in excess of $25 million
  • alone or in combination, annually buys, receives for the business’s commercial purposes, sells or shares for commercial purposes the personal information of 50,000 or more consumers, households, or devices, or
  • derives 50% or more of its annual revenues from selling consumers’ personal information.

If an online retailer located outside of California processes the data of a California resident, that data must be processed and stored according to the CCPA, and not only following the legislation of the retailer’s business location. This is why we have applied changes throughout our customer base, regardless of business location; this way all Nosto-powered retailers regardless of their location can be CCPA compliant.



How has Nosto prepared for CCPA?

We take data privacy very seriously. The introduction of the GDPR was an important milestone for us, and in preparation for GDPR, we fine-tuned our processes in order to cater for the needs of the regulation. The CCPA is in many ways quite similar to the GDPR and has therefore not required extensive changes to our infrastructure or processes.



Which data types are gathered?

The Nosto service allows merchants to control the personal data that is gathered from the consumers and has built-in tools to assist the Nosto-powered retailers in fulfilling the requirements of the CCPA.

The Nosto Service has the capability to collect the following data types: first name, last name, email address, user agent (browser), IP address, events, viewed products, order events, cart content, liked products, image files, disliked products, external campaign attributions, clicked recommendations, order information, phone number, zip code, country code and sent emails.

Disabling data types will have a negative impact on the functionality of the Nosto service. For example, disabling emails will prevent Nosto from sending triggered emails.



How do I manage the data that is in the Nosto Service?

Nosto-powered retailers can extract and/or deleted data through the back-end of the Nosto Service. This will assist the retailer in complying with consumers’ disclosure or data deletion requests.



What else do I have to know about CCPA?

Please bear in mind that businesses must inform end-users about the types of information that will be collected from them and how it will be used. They may also be required to post links and information on their websites. Please seek legal counsel in order to ensure that your business fully comply with the relevant obligations.

Explore more articles

BFCM Holiday Shopping Statistics 2024
Ecommerce BFCM Holiday Shopping Statistics 2024

The frenzy of Cyber weekend 2024 has now passed! And we’ve wrapped up our annual breakdown of ecommerce performance. Analyzing over a hundred million website visits to over a thousand Nosto-powered stores, here’s your breakdown of how retail’s most anticipated weekend looked for ecommerce this year. Overall weekend performance Percentages represent year-on-year increases and decreases. […]

Read more
What’s New in Nosto: Enriching Product Recommendations with User-Generated Content
Product updates What’s New in Nosto: Enriching Product Recommendations with User-Generated Content

User-generated content (UGC) is becoming all the more important for ecommerce brands to nurture trust and influence shopping decisions. In fact, in a survey last year, 92% of ecommerce marketers stressed how UGC influences purchasing decisions—with 85% saying it’s now critical to their business. While Nosto’s long enabled brands to showcase UGC across their stores, […]

Read more
30% of Holiday Shoppers to Spend More if Their Chosen Presidential Candidate Wins, Research Reveals
Ecommerce 30% of Holiday Shoppers to Spend More if Their Chosen Presidential Candidate Wins, Research Reveals

Amazon is the top source for seasonal gift ideas, but this year shoppers will also start asking for tips from the likes of ChatGPT and Google Gemini  Nearly a third 1(30%) of US consumers will spend more this holiday shopping season if they get the confidence boost of seeing their chosen candidate voted in as […]

Read more
Nosto’s Future of Work Policy: Providing flexible working options for all employees
Culture Nosto’s Future of Work Policy: Providing flexible working options for all employees

At the start of the pandemic, Nosto – like many companies – quickly switched to a fully work-from-home arrangement, and soon witnessed the benefits and challenges that came with this. Better work-life balance was accompanied with feelings of isolation. Time saved from commuting came with decreased quality of coworker relationships.  As we began to think […]

Read more