Get ready for Colorado Privacy Act (CPA)
Understand how the CPA will impact your business and digital activities, and how Didomi can help solve key challenges.
Built for multi-regulations
Designed with a multi-regulation framework at its core, ensuring adaptability and resilience in the ever-evolving landscape of data privacy laws.
You'll work with a highly specialized privacy tech team, from implementation to ongoing assistance with regulation changes and framework updates.
Purpose-built to solve key challenges
From powerful branding and customization options, to the most advanced analytics available, our CMP is specifically designed to help you leverage consent as part of your wider business strategy.
What to expect
July 2023: CPA enforcement begins
Colorado consumers have new rights:
- Opt-out of data sale/use in targeted ads and significant profiling
- Access personal data held by companies
- Correct inaccuracies in personal data
- Request deletion of personal data
- Transfer data to a different company
As a business, you have new obligations:
- Provide a clear privacy notice
- Notify users about data sales and opt-out options
- Collect only necessary data
- Secure personal data against unauthorized access
- Get explicit consent for sensitive data
- Detail data collection, use, rights, and third-party sharing in the notice
- Comply with universal opt-out requirements
- Promptly handle data access, correction, deletion, and portability requests
- Conduct data protection assessments for risky processing activities
Financial and reputational risks for a business:
- Civil penalties up to $2,000 per violation, max $500,000 for related issues
- 60-day cure period for breaches until Jan 1, 2025
- Immediate action possible without cure period after this date
- Risk of reputation damage and customer loss. 40% of consumers would switch brands after a negative privacy experience*
* source: Google/IPSOS
Didomi helps you manage requirements for CPA and privacy laws worldwide.
ANY DEVICE, ANY ENVIRONMENT
Ensure user choices and transparency in all countries and devices.
Create privacy notices that reflect your brand while easily managing your site vendors and purposes.
Generate proofs of consent in a few clicks, from a single source of truth.
Measure and optimize consent rates with advanced Analytics.
Detect, apply and respect Global Privacy Control (GPC).
DSAR MADE EASY
Streamlined fulfilment of Privacy Requests
No more manual handling of requests.
Intuitive processes that reassure website users and ease the burden on your own team.
Monitoring of key metrics to optimize your DSAR flow and improve spend per request and turnaround time.
CPA IS ONLY PART OF THE ECOSYSTEM
Onboarding all new data privacy regulations
Our platform is built to onboard all privacy regulations and allow you granular consent management.
What is the digital impact of CPA?
CPA - METRICS
Impact on analytics
Businesses must ensure that only "adequate, relevant, and reasonably necessary" data is collected, potentially limiting the depth of insights.
If users opt-out of data collection, this could lead to gaps in data, making it harder to derive comprehensive insights.
Important: server-side tracking is not exempt. If users opt-out, you’ll need to calculate performance with data modelling.
CPA - MARKETING
Impact on media performance
As a business, your ability to run remarketing audiences depends on users agreeing to your CPA privacy notices and staying opted in to processing their personal data.
If users opt out, you cannot track conversions, resulting in lower in-platform performance and fewer data points for AI optimization.
If you are a site publisher, you won't be able to maximize advertising revenue if users opt out.
CPA - UX
Impact on user experience
Mapping out the customer journey is much harder if users opt-out of CPA notice
Gaining user trust is the key, ensuring their choices are respected and giving them simple and transparent ways to access their data at all times.
Clear language, reliable technology and attractive interfaces help to avoid bounce (i.e., when users leave a website due to confusing or off-putting privacy notices).