CCPA is applicable to your organization if:
You have a gross revenue greater than $25 million.
You annually buy, receive, sell, or share the Personal Data of more than 50,000
consumers, households, or devices for commercial purposes.
You derive 50 percent or more of your annual revenue from selling
consumers’ Personal Data.

• Your policy needs to be translated into reality.
  • For e.g., when you state in your policy that you use the Personal Data you collect only for a list of, say, 5 purposes, then you need to ensure that you put the right processes and controls in place to ensure that actually happens in reality. Further, you need to monitor these to ensure they actually work.
• Similarly, you may have a documented process for catering to an incoming Rights request from a Data Subject. This has to be operationalized so that when someone actually exercises their rights with you, you are geared up for it.
  • For e.g., someone may ask you to erase her data with you. For this, you need to know all the places where her data is located – within your organization as well as with any vendors or partners. You need to have a mechanism to authenticate the request – to ensure it is not a fraudulent request. You need to have people in your organization trained to track and respond to such requests. And several such other steps.
• All of this – and more – can be deployed and managed easily and effectively with Arrka’s solution.

• We at Arrka have done all the hard work on your behalf – so you don’t need to spend time understanding what CCPA is all about. All of this is baked into the platform via our Frameworks and libraries.
• Further, we have a team of consultants who will handhold you through the whole process to get you going. And if you need help for day-to-day management of your GDPR program, then the Arrka team can take that on as well. In short, we work as your extended CCPA Compliance team.

Yes, Arrka’s platform is designed to equip you to take care of both your privacy as well as security compliance and governance needs.

• Yes, Arrka can do both in tandem

The Arrka platform is designed to help you do ‘simultaneous compliance’. Which means
you can comply with all the applicable Data Privacy & Security Laws & Standards
simultaneously, in one go. Further, you can add on any new law or standard anytime
without having to go back to the starting point.

• This is great news. The Arrka platform perfectly synchronizes with the work done by your legal counsel and operationalizes all that the legal team does.

• Not at all! Your data continues to remain exactly where it is. The Arrka platform only helps you manage the compliance end-to-end, for which we do not need access to the actual data at any point in time.

• No. Nothing is required to be installed or deployed on your servers

• Yes, Arrka has a pool of Privacy Experts who can step in to help you with any queries you have or any assistance you may need.