Over the years, the growing concern towards data privacy and personal information has pushed legislators to create privacy laws and regulations that encourage companies to adapt or else they’ll face heavy penalties.
We saw the first of these laws surface when the EU passed the General Data Privacy Regulation (GDPR), which sought to make data privacy and management more transparent for protection of natural persons.
Today, we’ve seen other places follow suit, with regulations like the Washington Privacy Act (WPA), the Canada Personal Information Protection and Electronic Documents Act (PIPEDA) surfacing.
And as of January 1st of this year, the California Consumer Privacy Act (CCPA) has taken effect.
In this post, we take a look at what the CCPA is and who it affects, as well as how it affects the way we marketers do content promotion. Later on, we’ll be discussing different ways you can stay compliant with the new law while still promoting content to consumers in the best possible way.
What is the CCPA?
The CPPA is a new law that aims to make consumers more aware of how their personal data is being handled by marketers and companies. The law makes it a requirement for businesses to be transparent about how they collect, store, access, and share any data of customers.
Just like the GDPR, the CCPA is bound to have national and international impact, considering California’s status as the fifth largest global economy. So even if you aren’t affected by the CCPA now, we can only expect other states and countries to follow suit.
Who is affected by the CCPA?
CCPA applies to any business, including any for-profit entity that collects consumers’ personal data, which does business in California (based in CA or the consumers are from CA), and satisfies at least one of the following thresholds: has annual gross revenues in excess of $25 million, buys or sells the personal information of 50,000 or more consumers or households; or earns more than half of its annual revenue from selling consumers’ personal information.
If you meet one of the criteria, the CCPA applies to you.
Use this free checklist to see if your business ought to comply with the CCPA right away.
The effect of CCPA on your content promotion
So, what does the implementation of the CCPA mean for content marketers?
For one thing, it means personalizing content will become increasingly more challenging. Marketers still want to provide customers with personalized offers and content (as over 60% of customers also prefer), but it now becomes a delicate balance between giving personalized content while keeping personal data private.
Co-marketing campaigns may also be affected. You’ll need to be very transparent if you share email lists with a partnered business or affiliated co-marketers after running a marketing campaign.
Last but not least, the CCPA makes it mandatory for companies to review their current outsourcing activities. So for companies who purchase bulk personal data from data miners or outsource their marketing activities, it becomes crucial to understand how these third-parties gather, store, and share data with you.
Ways to make your content promotion CCPA compliant
The CCPA requires some revisions of your online marketing, so it protects consumers’ data as good as it can.
The CCPA encourages companies to create high-value, first-party lead generation strategies. It forces companies to be ones that customers can trust, When customers know that you treat their sensitive data with utmost privacy and care, they just might reward you.
Ready to make your content promotion compliant with the CCPA? Here are a few steps to follow.
Document a CCPA compliance plan
First of all, outline all the provisions of the new law that will inform any changes you make with your content promotion.
Narrow down specific areas of your marketing and sales processes that require tweaks or complete overhauls.
Here are some places you want to look at:
- Lead generation
- Website and social pages
- Third-party marketing software and tools (e.g., chatbots, analytics, etc.)
Update all your privacy policies to make sure that they comply
Your privacy policy is the first port of call for customers to know how you treat and handle their personal data.
Review the current clauses and terms you have then make adjustments for sections that need them. It’s also best to word your privacy policy in layman’s terms for consumers to understand.
For best results, consider hiring a lawyer familiar with consumer privacy laws to help you double-check your privacy policy’s compliance.
Review all the current policies of your social media distribution channels
All the major social media networks are headquartered in California, and they process a lot of your customers’ personal data.
Review the changes that these social media channels are making to see how they affect your business and marketing strategies. And while we can expect that these companies are also making reforms to comply with the CCPA, it’s important to know if they’ve implemented these changes.
Make transparency a part of your culture
Like we said before, the CCPA is paving the way for more trust between customers and brands. Because of this, it’s important to make transparency a key value in your culture.
From the top-down, encourage transparency in every aspect of your business. Higher management ought to inform employees about new changes and developments in marketing campaigns, and these changes – in the ways data is handled or collected – should be cascaded down to customers as well.
Remember, this can be a positive thing. As you improve the way you gather and treat this personal data, making it very transparent to customers in the process, you may find that customers trust you more. Even the data supports it: 92% of customers are more likely to trust your brand if you give them control over the information you collect from them.
Conduct a digital security audit
All these data privacy regulations came as a result of increasing privacy breaches and scandals over the years.
It’s not enough to simply comply with the best practices for gathering and managing data; you need to store this data securely. Many small to medium businesses are often the target of malicious online attacks for their smaller security budgets, so protect your website and business accordingly.
A good practices example: Create strong passwords for all company accounts, use a VPN when accessing private information, back up all your data, and keep employees informed about best practices for digital safety.
Understand how you’re collecting data
Many businesses outsource their content marketing and lead generation activities to external agencies. If this is the case for you, make sure you’re aware of how exactly these agencies handle data they collect from your customers.
Some of these agencies might not be based in California and may not be informed about the provisions about the CCPA. To make sure you stay compliant, align with your third party agencies to update the way you implement marketing and lead generation campaigns.
Gate your content
One aspect of the CCPA is how it aims to protect the personal data of California residents between 13 and 16 years of age. In this case the consumer must affirmatively authorize the sale of their personal information. If you have some content that may appeal to this age group, consider adding an age-gate that requires users to input their age before accessing or signing up for specific content or opt-ins.
If children or young teens are a core demographic for your business, redirect them to pages on your website that either don’t collect any personal data or have the parental consent forms on any applicable opt-ins. If the child is under the age of 13 years old, a parent or guardian must affirmatively authorize the sale of information.
Implement double opt-in to your forms
One of the conditions to be compliant (but not the only one from the legal point of view) is using double opt-in forms on your site can help you stay compliant with CCPA regulations.
This can prove that users consented to sign up for your marketing material, as they were required to confirm their subscription.
This is also an excellent step to introduce your data privacy policies for consumers. When you prompt them to confirm their subscription to your email list, you can encourage them to check out how you plan to use their data.
Give subscribers the option to check “Do Not Sell My Personal Information” on all your forms and landing pages
If you have co-marketing campaigns or sell personal data to third parties, give customers the option to opt out from this practice.
There may be some instances where customers are willing for their personal information to be shared between reputable businesses, such as a joint online sweepstakes or partnership. In these cases, you should still be very transparent about how their data will be shared with your partners in this campaign or agreement.
Make all links to your policies visible
Upload necessary privacy policies and terms and conditions on your content management system (CMS), then make these links accessible across each page.

The best place to have these links are at your site footer for easy access. These can also appear at the footer of opt-in forms and landing pages, so consumers can view your privacy policy at any time.
Key Takeaways
Complying to data privacy laws might seem like a lot of work, but consider it a necessary step in the right direction. As online attacks and scandals have surfaced, we have to put our customers first.
Use the steps in this article above to make sure you stick to a CCPA-compliant content promotion strategy. Besides, by complying with data privacy regulations, you ensure you’re a reputable company who has their customers’ best interests at heart.