hero

Global Privacy and Consent Management

Achieve regulatory compliance and increase your customer’s trust

Global Privacy Standards

Strivacity is committed to upholding customer privacy rights and enabling your brand to provide your customers the benefit of these rights. We work hard to ensure you’re well-informed and compliant with the guidelines of these regulations, so you can rest assured your website or portal is not at risk of regulatory fines.

Meeting global privacy standards involves more than just providing features in a product. We believe in giving you , as a Customer Identity and Access Management (CIAM) stakeholder, the necessary guidance and facts for your business to satisfy legal and compliance asks.

Strivacity Fusion can centrally manage all customer personally identifiable information (PII) either via the Strivacity Identity Store or your own existing identity store. This helps solve the problem of customers’ personal data being scattered or duplicated across directories or databases.

The General Data Protection Regulation (GDPR) has paved the way for individuals’ privacy rights. Other jurisdictions are quickly following suit to preserve citizens’ rights. However, it's important for your brand to look beyond just meeting the minimum bar of compliance and realize the additional benefit this provides your customers. They will thank you for it by trusting your brand more and offering loyalty in the form of expanded relationships.

Learn more below about how Strivacity Fusion can shoulder the burden of compliance with the mainstream global privacy standards.

General Data Protection Regulation (GDPR)

The GDPR is a European Union (EU) regulation that went into effect on May 25, 2018.

The primary goal of GDPR is to provide a set of data protection laws that protect EU citizens across any business that delivers goods or services to customers in the EU, regardless of where the business is based.

The intent is to make it easier for EU residents to stay informed, remain in control and understand how their data is being used, even if they’re not in the country where their data is being stored or used. Financial penalties for any violation will be upheld against organizations that cannot demonstrate GDPR compliance even if they’re based outside of the EU.

How Strivacity Fusion Helps with GDPR Compliance

Let's get the buzzwords out of the way – Strivacity Fusion is a GDPR-compliant, cloud-based CIAM solution. That was a mouthful! Now to the important part. Our platform helps with GDPR compliance through the following:

  • Self-service consent management
  • Personal data export
  • Full self-service management capabilities, providing coverage of all major areas, including:
    Right to be informed
    Right to stop processing
    Right to data portability
    Right to restrict processing
    Right to access
    Reject automated decisions
    Right to correction
    Right to be deleted
  • Support of the Kantara Initiative, providing consent receipt specification.
  • Anonymization of customers’ PII that may be distributed across your CIAM user directories or databases
  • Anonymization of customers’ PII that may exist across event logs across your CIAM infrastructure

California Consumer Privacy Act (CCPA)

The CCPA of 2018 made California the first of the United States to introduce a comprehensive consumer-focused privacy law when it was signed on June 28, 2018, and will become effective on January 1, 2020.

Much like GDPR, the goal of CCPA is to provide a set of data protection laws that protect Californian residents* across any business that delivers goods and/or services to customers in California. CCPA provides the broadest set of rights for any individual than any other U.S. privacy law to date.

CCPA does incorporate several GDPR concepts, such as the rights of data deletion, data portability and rights to access, and there are several aspects of CCPA where the requirements are more specific than GDPR and where GDPR’s scope is greater than CCPA.

*Referring to anyone who pays taxes to the state of California regardless of where they live in the U.S.
Even if you’ve prepared for GDPR, you will still need to revisit your privacy policy due to the differences in requirements with CCPA.

Who is affected by CCPA?

Any for-profit company doing business in the state of California and meets one of the following requirements is affected by CCPA:

  • Has gross revenues of greater than $25 million USD
  • Annually shares, buys, sells and/or receives personal information of more than 50,000 consumers, households and/or devices for commercial purposes
  • Derives 50 percent or more of its annual revenues from selling consumers’ PII

How Strivacity Fusion Helps with CCPA Compliance

Here are more buzzwords for you. Strivacity Fusion is an CCPA-compliant, cloud-based CIAM solution. Our platform helps with CCPA compliance through the following:

  • Self-service consent management
  • Defining and managing consents, consent for data processing purposes and user attributes per consent.
  • Full customer identity management so brands can individually remove customers if required
  • Support of the Kantara Initiative, providing consent receipt specification
    • The following are consent-controlled based on customer preference:
      • Customer identity provisioning to third-party systems
      • Sharing of identity attributes via federation
      • Customer management of information during registration
  • Anonymization of customers’ PII that may be distributed across your CIAM user directories or databases
  • Anonymization of customers’ PII that may exist across event logs and your CIAM infrastructure

The Truth Behind the Penalty for Non-Compliance

CCPA Maximum Penalty:

Up to $2,500 that can increase to $7,500 for every violation

GDPR Maximum Penalty:

4 percent of global annual turnover, or €20 million, whichever is the higher amount

Isolation-by-Design

Strivacity Fusion is designed and built around our philosophy and approach of isolation-by-design, meaning every single brand that utilizes our platform is operated and managed on its own dedicated infrastructure.

Why Should I Care About Isolation-by-Design?

We’re striving to break down the barriers of cloud adoption for CIAM, especially for highly regulated industries.

Strivacity Fusion is 100 percent cloud-based, leveraging all of the advantages of today's progressive cloud technologies by providing reliability, scalability and redundancy without the downsides of multi-tenancy and/or shared infrastructure.

That's why we’ve taken our isolation-by-design principles and philosophy and applied them to Strivacity Fusion.

It doesn’t matter how large your company or your customer base is – every company and its customers should be safeguarded by the same levels of security and privacy. This is a table-stakes requirement to modern commerce.

  • 100 percent cloud-based with all of the benefits of a leading cloud offering, which are as follows:
    • Subscription-based licensing model
    • High availability
    • Infinite scale
    • Turn-key evaluation or production instances available in several minutes.
  • Zero shared infrastructure between brands (unless you have multiple brands – we can help there)
  • Zero shared datastore between the brands we support
  • Zero shared repositories of secrets between the brands we support

Want to know more? We’d be happy to tell you how we do it.