GDPR and CCPA compliance Solutions and Services Get Started

X Close

Privacy Compliance

Confidently provide consumer data privacy and build trust while ensuring regulatory compliance with PossibleNOW’s applications and services.

CCPA Requirements and tips for compliance
GDPR Compliance Solutions & Services

Global Privacy

With data breaches becoming more common every day and marketing technology that tracks and targets consumers with personalized advertisements, privacy is at the forefront of everyone’s mind. Countries around the globe are introducing new privacy regulations to drive companies to adopt a posture of transparency and trust. In 2018, the EU’s General Data Protection Regulation (GDPR) went into effect. And this triggered many others to follow suit. Many companies are still confused about how the GDPR impacts them and their business processes. Yet, finding a cost-effective solution is important, because it’s easy to underestimate how badly the fines and consequences of noncompliance can affect businesses of all sizes, from SMB to enterprise.

The EU is leading the way for more stringent regulations. In addition to GDPR, the new ePrivacy Regulation is right around the corner to replace the former ePrivacy Directive. Other countries are also taking action, and although the US doesn’t yet have a federal privacy law, individual states have begun their own legislation.

Learn More About GDPR

List Management

U.S. Privacy

Without a federal privacy law, states are proposing their own individual laws. They vary widely and are a constantly-changing landscape. Some focus on internet and social media privacy, some focus on general consumer privacy protection, but all of them will affect companies doing business in the US.

So far, fifteen states have proposed their own consumer privacy legislation, and three of those states’ laws have been passed. They go into effect at different times – beginning in October 2019.

They each contain provisions for consumer rights and business obligations. Depending on the state such as California, consumers in the US will now be able to request that their data not be shared, sold, or collected. They can also request that their data be edited or deleted outright. Meanwhile, businesses have a variety of new obligations, such as data breach notifications, processing limitations and more. But they vary by state.

How can you, as a company, tell the difference?  See below for a breakdown of the proposed and passed state bills, and what consumer rights and business obligations they affect:

  • U.S. Privacy Law Comparison

OnePoint Privacy Management

So now that we have this complex landscape of ever-changing privacy laws, how can a company address them confidently and transparently, to build consumer trust and avoid regulatory fines?

Our OnePoint Privacy Management Platform automates your privacy programs. OnePoint can be easily configured to accommodate and manage consumer privacy requests across your organization through its robust workflow engine. It enables you to:

  • Map organizational data
  • Define tasks
  • Assign task owners
  • Define workflows
  • Maintain an archive of all completed tasks

Each consumer privacy request is classified as either a dynamic (unique to each consumer and requires human intervention) or static workflow (standard information that can be provided in real-time via automation) within the OnePoint platform.
Dynamic workflows include:

  • Right to access – provides the consumer a copy of their personal information
  • Object to processing – allows consumers to opt-out of their data being shared or sold
  • Right to deletion – allows consumers to request that their personal data be deleted

Static workflows include:

  • Collection sources – discloses the sources used to collect personal information within the last 12 months
  • Categories of personal information – displays the categories of personal information that have been collected within the last 12 months
  • Third-Party affiliates for sharing and selling data – reveals the categories of third-party businesses or vendors with whom the customer’s personal information is shared or sold
  • Business purposes – defines the commercial or business purpose for sharing or selling of the consumer’s personal information
  • slide 1
  • slide 2
  • slide 3
  • slide 4

Consumers are provided access to the Consumer Privacy Request Portal, which allows them to submit requests related to their privacy rights, including:

  • Right to access
  • Right to deletion
  • Objection to processing
  • Disclosure of information collected or sold
  • Right to opt-out

They are provided a confirmation code to track the status of their request and are notified when it is completed.

Upon completion of a set of tasks or workflows, an auditor can view all work, evidentiary data, and other documentation related to the completion of a task and approve or reject it if it doesn’t meet the required standard. All evidential artifacts are stored in a central repository for validation and audit purposes.

PossibleNOW provides the tools you need to provide transparency, build trust with your customers, and honor privacy rights – from the initial prospect contact through ongoing customer communications.  

OnePoint Privacy Portal

Consumers submit data requests through the Consumer Privacy Request Portal which are then routed to all appropriate departments and personnel for resolution.

Research Report on the Anatomy of a Preference Center

What Our Customers Say

We could go on forever about the benefits of enterprise preference management, but sometimes it’s better to let our customers do the talking.

Listen to their challenges and solutions — and get inspired!


  • Twitter
  • RSS
  • YouTube
  • LinkedIn
What interests you? Visit our Preference Center & tell us.