Our plugin assists in different ways to comply with the CCPA, but you also have to do some aspects yourself. This includes setting up several aspects within your Google Analytics. While these are not (currently) as strict as the GDPR, but it has to be done.
Step 1: Make sure that Google Analytics is included in your DNSMPI
Within the CCPA, you have to inform users about which cookies are used. You do this on your DNSMPI (Do Not Sell My Personal Information) / Opt-out Preferences page.
Make sure you indicate what activities you perform within Google Analytics, under Wizard > Consent > Statistics. For example, is Google allowed to use the data for other Google services?
Within Google Analytics, a lot is being shared with other Google services, such as Google Adwords, Google Optimizer etc. You also need to mention this if you have enabled this. Disabling can be done under Admin > Account Settings > Data Sharing Settings.
User ID Function
Within Google Analytics, there is also an option that tracks the surfing behavior of different devices and keeps track of the number of sessions. You should also describe this on your DNSMPI/Opt-out Preferences page if you have enabled this.
You can use the following method to check if you’re currently using this (you can also disable it here): Admin > Property Settings > Tracking Info > User ID.
Sharing for advertising purposes
Google Analytics also shares data for advertising purposes, such as Remarketing. Do you do Remarketing? Make sure to state this on your DNSMPI/Opt-out Preferences page. If you don’t want to do this, uncheck it on the next page: Admin > Tracking Info > Data Collection.
Step 2: Sign a service providing agreement with Google