What is the CCPA?
The California Consumer Privacy Act (CCPA) ‘s primary aim is to give control to individuals in California over their personal data. The regulation contains provisions and requirements related to the processing of personal data of individuals who are located in California.
Any organization that holds personal data are subject to the CCPA if the organization is doing business in California or is providing services or goods to individuals residing in California. Only California residents have rights under the CCPA. A California resident is a natural person (as opposed to a corporation or other business entity) who resides in California, even if the person is temporarily outside of the state.
Which Data Elements Fall under the CCPA?
Personal information is information that identifies, relates to, or could reasonably be linked with you or your household. For example, it could include your name, social security number, email address, records of products purchased, internet browsing history, geolocation data, fingerprints, and inferences from other personal information that could create a profile about your preferences and characteristics.
What is not considered personal information under the CCPA?
Personal information does not include publicly available information from federal, state, or local government records, such as professional licenses and public real estate/property records.
Zumigo’s CCPA Policy
Zumigo is committed to continually examining and reviewing its practices and policy on how we protect our customers, partners, and employee data. The CCPA will help drive a stronger framework of requirements for personally identifiable information of individuals in California.
Zumigo has an established Global Privacy Policy and a team of privacy professionals. Our Global Privacy Policy process includes:
- Updates to our Privacy Statement and internal policies and process.
- Providing continuous efforts to support privacy and data protection by re-assessing and improving our CCPA & privacy policy enforcement through process improvements and updates to support any regulation changes.
- Design and implement a process to allow individuals in California to exercise their rights, which include accessing, modifying, and deleting their personal information.
The CCPA provides for two different relationships for a business handling personal data. The Data Controller determines the intent and methods of processing personal data, whereas the Data Processor is processing data on behalf of the Data Controller.
Zumigo as a Data Processor
Zumigo is purely a Data Processor for products or services that are offered to its enterprise customers. The enterprise customers are the data controllers collecting personal data from their own products and services offered to their consumers. Zumigo does not store Personally Identifiable Information (PII) data and only acts as an agent to process PII data on behalf of its enterprise customers.
The Data Processor is legally required to protect personal data according to the CCPA. The data protection requirements should be clearly determined by all parties with data protection terms in their agreements to ensure the customer’s personal data is properly processed as required by the CCPA.
Zumigo as Data Controller
In conducting business through Zumigo.com websites or business communications with corporate clients, partners, and prospects, Zumigo may collect and process Personal Information such as names, business email, business phone number, business names, and business titles. Zumigo does not share or resell any of this information with third parties.
Contact Us
You may contact us if you have general questions or concerns about this CCPA Policy Statement or how we process your Personal Data.
Our Privacy team can be contacted at privacy@zumigo.com. You can also contact us by writing to:
Zumigo, Inc.
ATTN: Privacy & Data Protection Unit
2001 Gateway Place, Suite 435E
San Jose, CA 95110
USA
Resources
– Zumigo Global Privacy Policy Statement
Effective Sept 4, 2020