Our plugin assists in different ways to comply with the CCPA, but you also have to do some aspects yourself. This includes setting up several aspects within your Google Analytics. These are not as strict as the GDPR, but it has to be done.
Step 1: Make sure that Google Analytics is included in your Opt-Out Preferences document
Within the CCPA, you have to inform users about which cookies are used. You do this on your DNSMPI (Do Not Sell My Personal Information) / Opt-out Preferences page.
Make sure you indicate what activities you perform within Google Analytics, under Wizard > Consent > Statistics. For example, is Google allowed to use the data for other Google services?
Within Google Analytics, a lot is being shared with other Google services, such as Google Adwords, Google Optimize etc. You also need to mention this if you have enabled this. Disabling can be done under Admin > Account Settings > Data Sharing Settings.
User ID Function
Within Google Analytics, there is also an option that tracks the surfing behavior of different devices and keeps track of the number of sessions. You should also describe this on your DNSMPI/Opt-out Preferences page if you have enabled this.
You can use the following method to check if you’re currently using this (you can also disable it here): Admin > Property Settings > Tracking Info > User ID.
Sharing for advertising purposes
Google Analytics also shares data for advertising purposes, such as Remarketing. Do you do Remarketing? Make sure to state this on your DNSMPI/Opt-out Preferences page. If you don’t want to do this, uncheck it on the next page: Admin > Tracking Info > Data Collection.
Step 2: Sign a service providing agreement with Google
Service providing agreements are an important part of the CCPA. You will also need to sign one with Google Analytics. These can be found here:
Account Settings > Data Processing Agreement > Review Amendment.