iab award

Ensighten Data Privacy, Website Compliance, and Consent Management

Enabling website compliance and data leakage prevention in line with global data privacy legislation including the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA) and the General Data Protection Regulation (GDPR)

Product Sheet

Compliance Enforcement Has Never Been Easier

New call-to-action

Playbook

How Data Privacy and Compliance Can Improve Website User Experiences 

New call-to-action

Blog Post

Why Your Website's Privacy Workflow Solution is Exposing Your Business to Risk

New call-to-action

Privacy Report

Build a strategic approach to privacy that includes third-party data access

New call-to-action
GDPR,  CCPA.   And more regulations to come.
 
Data to protect. Fines if you don’t.

Add to all this that today’s websites use on average 60 external libraries and services, and user data is exchanged constantly with them in most cases.
These libraries and services are developed, maintained, and even hosted by different organizations
and sometimes in other countries where privacy laws do not apply.

A daunting compliance challenge.
If your organization has no control over the practices, procedures, and code functionality of these third-party services,
should data be disclosed when a user has requested it not be, you are ultimately liable in the form of compliance violation fines.
Privacy regulations, such as the CCPA and GDPR, have given consumers rigorous control over how organizations use their data, often affording them the ability to opt-out of certain types of collection. While your organization may have implemented compliance workflows within online properties,
such solutions often cannot enforce the choices users make, leaving the business open to litigation.
With the CCPA legislation being in enforcement and hefty GDPR penalties applied, your business is even more at risk of non-compliance. With today’s websites being rich, immersive and therefore complex, a lack of enforcement throughout the website supply chain often results in exposed data.
 
 
Contact Ensighten. We can help ensure global compliance regulations are adhered to
within your websites and their entire supply chains.

California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)

Opt-out from sale of personal data

  • Organizations must provide consumers with a clear way to opt-out of the business’ sale of the consumer’s personal information

Notice of data collection and purpose

  • Consumers must be presented right to information about the business’ collection, sale and other disclosure of the consumer’s personal information collected. This includes disclosure of categories of personal info collected, transferred/sold (to whom info is sold, by category, for each third party) and business purpose for disclosure

Access to data collected

  • Organizations must provide the right to access personal information collected.  There must be minimum two methods to submit requests and an organization must respond within 45 days

Right to erasure of personal data

  • Right to erasure/request deletion of personal information collected by the business

 

Learn more about the CCPA and CPRA and how Ensighten can help you comply here

General Data Protection Regulation (GDPR)

Notification, consent and enforcement

  • Under the GDPR mandates, a business within the EU (European Union) must enforce that data is not collected until notification is given and explicit consent is received. Inaction cannot be considered consent. In addition, a website visitor must be provided with the ability to change or revoke their consent

Unauthorized data collection

  • A business is responsible for any data collection that occurs within their digital properties. Websites rely on third-party vendors to deliver critical functionality but often those vendors invoke additional tags in a process called piggybacking. A business must be able to identify and block unauthorized data collection

Compliance audit and analysis

  • Organizations must be able to prove compliance when audited by a Supervisory Authority (SA) which includes the ability to prove that consent was received for collected information at an event-level audit log to prove compliance

 

Learn more about the GDPR and how Ensighten can help you comply here

Solution: Full website compliance and data privacy capabilities

Organizations can face large fines under both regulations. Ensighten’s global website data privacy enforcement solution enables compliance in line with the CCPA/CPRA, GDPR and Nevada Law regulations:

  • Global consent enforcement (GDPR)
  • Data leakage prevention through unauthorized third-party vendors (CCPA/CPRA & GDPR)
  • Full audit trail for consent, collection, sale and erasure (CCPA/CPRA & GDPR)
  • Opt-out of data sale and collection (CCPA/CPRA & GDPR)

Comply with global data protection regulations

Get in contact to learn more about how Ensighten can enable full compliance in line with the CCPA and GDPR legislations.