Global Privacy and Consent Management

Achieve regulatory compliance and increase your customer’s trust

Global Privacy Standards

Strivacity is committed to upholding customer privacy rights and enabling your brand to provide your customers the benefit of these rights. We work hard to ensure you’re well-informed and compliant with the guidelines of these regulations, so you can rest assured your website or portal is not at risk of regulatory fines.

Meeting global privacy standards involves more than just providing features in a product. We believe in giving you , as a Customer Identity and Access Management (CIAM) stakeholder, the necessary guidance and facts for your business to satisfy legal and compliance asks.

Strivacity Fusion can centrally manage all customer personally identifiable information (PII) either via the Strivacity Identity Store or your own existing identity store. This helps solve the problem of customers’ personal data being scattered or duplicated across directories or databases.

The General Data Protection Regulation (GDPR) has paved the way for individuals’ privacy rights. Other jurisdictions are quickly following suit to preserve citizens’ rights. However, it's important for your brand to look beyond just meeting the minimum bar of compliance and realize the additional benefit this provides your customers. They will thank you for it by trusting your brand more and offering loyalty in the form of expanded relationships.

Learn more below about how Strivacity Fusion can shoulder the burden of compliance with the mainstream global privacy standards.

California Consumer Privacy Act (CCPA)

The CCPA of 2018 made California the first of the United States to introduce a comprehensive consumer-focused privacy law when it was signed on June 28, 2018, and will become effective on January 1, 2020.

Much like GDPR, the goal of CCPA is to provide a set of data protection laws that protect Californian residents* across any business that delivers goods and/or services to customers in California. CCPA provides the broadest set of rights for any individual than any other U.S. privacy law to date.

CCPA does incorporate several GDPR concepts, such as the rights of data deletion, data portability and rights to access, and there are several aspects of CCPA where the requirements are more specific than GDPR and where GDPR’s scope is greater than CCPA.

*Referring to anyone who pays taxes to the state of California regardless of where they live in the U.S.

Even if you’ve prepared for GDPR, you will still need to revisit your privacy policy due to the differences in requirements with CCPA.

Who is affected by CCPA?

Any for-profit company doing business in the state of California and meets one of the following requirements is affected by CCPA:

Has gross revenues of greater than $25 million USD
Annually shares, buys, sells and/or receives personal information of more than 50,000 consumers, households and/or devices for commercial purposes
Derives 50 percent or more of its annual revenues from selling consumers’ PII

How Strivacity Fusion Helps with CCPA Compliance

Here are more buzzwords for you. Strivacity Fusion is an CCPA-compliant, cloud-based CIAM solution. Our platform helps with CCPA compliance through the following:

Self-service consent management
Defining and managing consents, consent for data processing purposes and user attributes per consent.
Full customer identity management so brands can individually remove customers if required
Support of the Kantara Initiative, providing consent receipt specification
- The following are consent-controlled based on customer preference:
  - Customer identity provisioning to third-party systems
  - Sharing of identity attributes via federation
  - Customer management of information during registration
Anonymization of customers’ PII that may be distributed across your CIAM user directories or databases
Anonymization of customers’ PII that may exist across event logs and your CIAM infrastructure

The Truth Behind the Penalty for Non-Compliance

CCPA Maximum Penalty:

Up to $2,500 that can increase to $7,500 for every violation

GDPR Maximum Penalty:

4 percent of global annual turnover, or €20 million, whichever is the higher amount

Isolation-by-Design

Strivacity Fusion is designed and built around our philosophy and approach of isolation-by-design, meaning every single brand that utilizes our platform is operated and managed on its own dedicated infrastructure.

Why Should I Care About Isolation-by-Design?

We’re striving to break down the barriers of cloud adoption for CIAM, especially for highly regulated industries.

Strivacity Fusion is 100 percent cloud-based, leveraging all of the advantages of today's progressive cloud technologies by providing reliability, scalability and redundancy without the downsides of multi-tenancy and/or shared infrastructure.

That's why we’ve taken our isolation-by-design principles and philosophy and applied them to Strivacity Fusion.

It doesn’t matter how large your company or your customer base is – every company and its customers should be safeguarded by the same levels of security and privacy. This is a table-stakes requirement to modern commerce.

100 percent cloud-based with all of the benefits of a leading cloud offering, which are as follows:
- Subscription-based licensing model
- High availability
- Infinite scale
- Turn-key evaluation or production instances available in several minutes.
Zero shared infrastructure between brands (unless you have multiple brands – we can help there)
Zero shared datastore between the brands we support
Zero shared repositories of secrets between the brands we support

Want to know more? We’d be happy to tell you how we do it.