CCPA
Last Updated: January 13th 2021
The following document is intended to provide you with information on how the workings of CCPA with regards to your own customers or visitors.
To learn how we comply with CCPA with regards to Squeaky's own visitor and customer data, please see our privacy policy.
What is the CCPA?
The California Consumer Privacy Act, also referred to as CCPA, is a privacy-centric bill aimed at protecting the privacy of California consumers that became effective on January the 1st, 2020.
Do I need to comply with CCPA?
Many people mistakenly believe that the CCPA doesn't apply to them e.g. because they are not based in California, but this is not always true - so please make sure you're clear if CCPA applies to you.
You will need to comply with the CCPA if you do business in California and meet any of the following requirements:
- Have $25 million or more in annual revenue
- Buy, receive, or sell the personal information of 50,000 or more California residents, households, or devices
- Earn more than half of your annual revenue selling California residents' personal data
Keep in mind that the CCPA might apply to you even though you're not based in California or intentionally target California residents, as long as you have at least 50,000 Californians using your service.
How does the CCPA affect Squeaky?
If you are a Squeaky customer, under the CCPA you're considered the 'business' and Squeaky is the 'service provider'. As such, we as Squeaky are responsible for processing the data our service captures on your website or web app and is stored on our servers. As noted in our Privacy Policy, we will never sell personal data to third parties.
As a Squeaky customer, do I meet the basic requirements of the CCPA?
The CCPA is a large piece of legislation and covers many topics that have no direct impact or tie with your use of Squeaky. However, there are areas of the CCPA where your customers might have rights that relate to your use of Squeaky. We've included a brief explanation of their rights and how Squeaky can be used in a manner that supports you in servicing them below.
1. Privacy notice
Under the CCPA, businesses must update privacy notices to specifically state what data is collected, categorize the data collected, explain the purpose for the data's use, identify third parties with which that data is shared, and communicate the rights available to an individual.
We recommend that you perform a full review of your company's terms of service and privacy policy to ensure you meet the CCPA's requirements and, if necessary, disclose the use of Squeaky.
You can include the following text in your Privacy Policy when you mention which tools you are using to collect and analyse visitor data:
Squeaky
We want to process as little personal information as possible when you use our website or service, that's why we've chosen Squeaky for our web analytics. Squeaky doesn't use cookies and complies fully with the GDPR, and CCPA data privacy regulations - ensuring all usage is tracked anonymously unless otherwise defined or requested. Whilst using this privacy-friendly website analytics software, your IP address is briefly processed for screening purposes and never stored. As per the CCPA, your personal information is not identifiable without your express consent. You can read more about this on Squeaky's website.
The purpose of us using this software is to understand our website traffic in the most privacy-friendly way possible so that we can continually improve our website and business. The lawful basis as per the GDPR is "f); where our legitimate interests are to improve our website and business continually." As per the explanation, no personal data is stored over time.
Address: Squeaky B.V., Debussystraat 43, 2324KH Leiden, The Netherlands
Usage data: locale, device width and height, browser width and height, referrer, useragent, timezone, session start and end time, click coordinates, clicked elements, scroll position, mouse position, page views, user feedback (if submitted).
Data storage: AWS eu-west-1 region (The Republic of Ireland).
To learn more about Squeaky, you can visit https://squeaky.ai/legal/gdpr.
2. Personal information requests (right of access and deletion)
Under the CCPA, California consumers may have the right to request and receive a list of personal information and additional details a business collects (or has collected), as well as the intended business use for collecting this data.
The consumer may al so be able to request that any specific personal information be deleted. With the exception of specific types of data (e.g. billing or other regulatory required information), these deletion requests must be fulfilled by you, the business.
You can easily delete individual users with the click of a button in your Squeaky visitors table. If you'd like to provide an artifact of all personal data to your customer, you can download a .JSON file of all the raw events we have recorded for any visitor by clicking on the button on their visitor profile.
3. IP addresses
Under CCPA, an IP address may be considered personal data if it can identify a household. Squeaky does not store your customer's IP addresses, however you could technically pass the IP address of a customer to Squeaky from your own database using our Linked Data feature. If you decide to do this you must determine whether you feel this consistutes personal data, and inform your customers if it is being processed by Squeaky in such a manner.
Disclaimer: we're here to help, but we can't give you legal advice. The information on this page is only intended to summarize the main points of the CCPA and inform you, our customers, about how Squeaky can be used in a compliant manner. We recommend that you work with a trusted legal partner to fully understand your obligations under the CCPA.