Get ready for Connecticut Data Privacy Act (CTDPA)
Understand how the CTDPA will impact your business and digital activities, and how Didomi can help solve key challenges.
Built for multi-regulations
Designed with a multi-regulation framework at its core, ensuring adaptability and resilience in the ever-evolving landscape of data privacy laws.
You'll work with a highly specialized privacy tech team, from implementation to ongoing assistance with regulation changes and framework updates.
Purpose-built to solve key challenges
From powerful branding and customization options, to the most advanced analytics available, our CMP is specifically designed to help you leverage consent as part of your wider business strategy.
What to expect
July 2023: CTDPA enforcement begins
Connecticut consumers have new rights:
- Access to personal data processed by controllers
- Correction of personal data inaccuracies
- Deletion of personal data upon request
- Data portability in a usable format
- Opt-out of data processing for ads, sales, or profiling
As a business, you have new obligations:
- Clear privacy notice with data use, rights, sharing, and opt-out details
- Mandatory reasonable data security practices
- Collect only necessary data for stated purposes
- Process data only for disclosed purposes unless consent is given
- Prior consent required for processing sensitive data
- Data protection assessments for high-risk processing
(Applies to businesses with significant data processing activities in Connecticut)
Financial and reputational risks for a business:
- Enforcement by Connecticut AG with a 60-day cure period until end of 2024
- Penalties up to $5,000 per willful violation
- Possible restitution, disgorgement, and injunctions
- Risk of reputation damage and customer loss. 40% of consumers would switch brands after a negative privacy experience*
* source: Google/IPSOS
Didomi helps you manage requirements for CTDPA and privacy laws worldwide.
ANY DEVICE, ANY ENVIRONMENT
Ensure user choices and transparency in all countries and devices.
Create privacy notices that reflect your brand while easily managing your site vendors and purposes.
Generate proofs of consent in a few clicks, from a single source of truth.
Measure and optimize consent rates with advanced Analytics.
Detect, apply and respect Global Privacy Control (GPC).
DSAR MADE EASY
Streamlined fulfilment of Privacy Requests
No more manual handling of requests.
Intuitive processes that reassure website users and ease the burden on your own team.
Monitoring of key metrics to optimize your DSAR flow and improve spend per request and turnaround time.
CTDPA IS ONLY PART OF THE ECOSYSTEM
Onboarding all new data privacy regulations
Our platform is built to onboard all privacy regulations and allow you granular consent management.
What is the digital impact of CTDPA?
CTDPA - METRICS
Impact on analytics
Businesses must ensure that only "adequate, relevant, and reasonably necessary" data is collected, potentially limiting the depth of insights.
If users opt-out of data collection, this could lead to gaps in data, making it harder to derive comprehensive insights.
Important: server-side tracking is not exempt. If users opt-out, you’ll need to calculate performance with data modelling.
CTDPA - MARKETING
Impact on media performance
As a business, your ability to run remarketing audiences depends on users agreeing to your CTDPA privacy notices and staying opted in to processing their personal data.
If users opt out, you cannot track conversions, resulting in lower in-platform performance and fewer data points for AI optimization.
If you are a site publisher, you won't be able to maximize advertising revenue if users opt out.
CTDPA - UX
Impact on user experience
Mapping out the customer journey is much harder if users opt-out of CTDPA notice
Gaining user trust is the key, ensuring their choices are respected and giving them simple and transparent ways to access their data at all times.
Clear language, reliable technology and attractive interfaces help to avoid bounce (i.e., when users leave a website due to confusing or off-putting privacy notices).