Google Adsense added a Privacy and messaging option to Manage your privacy settings and use our simple messaging tool to acquire consent, reclaim ad income, and find new ways to monetize your site.

California Consumer Privacy Act Adsense Warning Notice: Display a message to your users about the California Consumer Privacy Act (CCPA). “It is your obligation to ensure that the CCPA message complies with the law.”

What is CCPA in Privacy and messaging option in google Adsense?

“California Consumer Privacy Act” is the acronym for “California Consumer Privacy Act.”

“The California Consumer Privacy Act of 2018 (CCPA) provides consumers more control over the personal information that businesses gather about them,” according to the Attorney General’s office. https://oag.ca.gov/privacy/ccpa

When you add Adsense to your website, and even other Google services like Analytics, Google collects a lot of information from visitors, which they use to create better-targeted goods for their customers, such as adverts. And, in many cases, this information is sold so that other businesses may use it for marketing purposes.

Google has a long history of prioritising the user in all we do. Google never sells personal information and gives consumers transparency and control over their ad experiences with features like My Account, Why this Ad, and Mute this Ad as part of their commitment to users. In order to maintain a healthy, sustainable advertisements environment and help you, our publishers, flourish, Google also invests in programmes like the Coalition for Better Ads, the Digital News Initiative, the Google News Initiative, and ads.txt.

Also Read: Millions of client names and email addresses were stolen in a data breach, according to Robinhood

What is GDPR in in Privacy and messaging option in google Adsense?

The General Data Protection Regulation (GDPR) is the world’s most stringent privacy and security regulation. Despite the fact that it was designed and enacted by the European Union (EU), it imposes duties on enterprises everywhere that target or collect data about EU citizens. On May 25, 2018, the regulation went into force. Those that break the GDPR’s privacy and security regulations will face severe fines, with penalties ranging in the tens of millions of euros.

The GDPR signals Europe’s hard position on data privacy and security at a time when more individuals are committing their personal data to cloud services and data breaches are becoming more common. GDPR compliance is a scary concept, especially for small and medium-sized businesses, because the law is broad, far-reaching, and lacking in specifics (SMEs).

This website was developed to help SME owners and managers overcome specific difficulties they may be facing. While it is not a substitute for legal advice, it may assist you in determining where your GDPR compliance efforts should be focused. We also provide advice on privacy tools and risk mitigation.

We’ll keep you up to date on emerging best practices as the GDPR is interpreted.

If you’ve arrived here after Googling “what is the GDPR?” you’re probably searching for a crash course. Perhaps you haven’t even discovered the paper (hint: here’s the complete regulation). Perhaps you don’t have time to read it all. This page is dedicated to you. We hope that this post will help to explain the GDPR and make it less intimidating for SMEs worried about GDPR compliance.

Scope, penalties, and key definitions

First, if you process the personal data of EU citizens or residents, or you offer goods or services to such people, then the GDPR applies to you even if you’re not in the EU.

Second, the fines for violating the GDPR are very high. There are two tiers of penalties, which max out at €20 million or 4% of global revenue (whichever is higher), plus data subjects have the right to seek compensation for damages.

The GDPR defines an array of legal terms at length. Below are some of the most important ones that we refer to in this article:

Personal data — Personal data is any information that relates to an individual who can be directly or indirectly identified. Names and email addresses are obviously personal data. Location information, ethnicity, gender, biometric data, religious beliefs, web cookies, and political opinions can also be personal data. Pseudonymous data can also fall under the definition if it’s relatively easy to ID someone from it.

Data processing — Any action performed on data, whether automated or manual. The examples cited in the text include collecting, recording, organizing, structuring, storing, using, erasing… so basically anything.

Data subject — The person whose data is processed. These are your customers or site visitors.

Data controller — The person who decides why and how personal data will be processed. If you’re an owner or employee in your organization who handles data, this is you.

Data processor — A third party that processes personal data on behalf of a data controller. The GDPR has special rules for these individuals and organizations. They could include cloud servers like Tresorit or email service providers like ProtonMail.

What the GDPR says about…

For the rest of this article, we will briefly explain all the key regulatory points of the GDPR.

Data protection principles

If you process data, you have to do so according to seven protection and accountability principles outlined in Article 5.1-2:

1. Lawfulness, fairness and transparency — Processing must be lawful, fair, and transparent to the data subject.
2. Purpose limitation — You must process data for the legitimate purposes specified explicitly to the data subject when you collected it.
3. Data minimization — You should collect and process only as much data as absolutely necessary for the purposes specified.
4. Accuracy — You must keep personal data accurate and up to date.
5. Storage limitation — You may only store personally identifying data for as long as necessary for the specified purpose.
6. Integrity and confidentiality — Processing must be done in such a way as to ensure appropriate security, integrity, and confidentiality (e.g. by using encryption).
7. Accountability — The data controller is responsible for being able to demonstrate GDPR compliance with all of these principles.

Conclusion

In just over 2,000 words, we’ve covered all of the important aspects of the GDPR. The rule itself is 88 pages long (not counting the associated directives). If you’re subject to the GDPR, we highly advise that you have someone in your business study it and consult an attorney to ensure that you’re GDPR compliant.