Compliance with the California Consumer Privacy Protection Act (CCPA)

  1. What is CCPA?
  2. Does AppMetrica allow its users to comply with CCPA?
  3. Who and what does CCPA apply to?
  4. Complying with the GDPR

What is CCPA?

CCPA (California Consumer Privacy Act) is a California consumer privacy law that establishes the rights of California residents related to the confidentiality of their personal information. The law applies to companies operating in the state of California and meeting certain other criteria, like income indicators and information processing volume. This law gives residents of the state the right to prohibit “the sale” of their “personal information” (these terms are defined in the text of the law).

Does AppMetrica allow its users to comply with CCPA?


The users of AppMetrica are app owners.

Yes. AppMetrica allows its users to comply with CCPA:

  • Yandex is a service provider in respect of personal information processed with AppMetrica.
  • AppMetrica users can delete personal information processed with AppMetrica.
  • Yandex takes reasonable security measures to protect personal information processed with AppMetrica.
  • Users of AppMetrica shall comply with their obligations under COPPA and ensure that their use of AppMetrica complies with COPPA.

Who and what does CCPA apply to?

CCPA defines how businesses and service providers should handle and store California consumers' personal information.

“A Business”, according to CCPA, is a company that conducts business in the state of California and meets at least one of the following criteria:

  • Has an annual revenue of more than $25 million.
  • Processes personal information of at least 50 thousand consumers a year.
  • Makes at least 50% of its annual revenue by “selling” the consumers' personal information.

“A Service Provider”, according to CCPA, is a company that processes personal information on behalf of a Business. AppMetrica is considered a “Service Provider”.

“Personal Information”, according to CCPA, includes:
  • IP addresses.
  • Email addresses.
  • Account names.
  • Social security numbers.
  • Driver's license numbers.
  • Bank account numbers.
  • Credit card numbers.
  • Personal property records.
  • Biometric information.
  • History of visited pages.
  • Search history.
  • Geolocation data.
  • Online IDs.
  • Information about the consumer's interaction with a site/application/advertisement.
  • Information about a consumer's preferences.
  • Professional or work-related information.
  • And much more.

Complying with the GDPR

The main innovation of CCPA is granting consumers certain rights concerning their personal data and establishing corresponding obligations for companies that are subject to CCPA. Companies (including users of AppMetrica) will be required to:

  • Provide consumers with information about the categories and purposes of data collection prior to collecting the data.
  • Include in the privacy policy detailed information about the sources, business purposes and categories of personal information that is collected, including the sale or transfer of these data categories to other legal entities.
  • Provide consumers with the right to access, delete, and transfer certain parts of the personal information you collected.
  • Enable functionality that allows consumers to refuse the "sale" of their data. There may be exceptions. For example, transferring data to a service provider.
  • For minors under the age of 16, include opt-in consent to eliminate the possibility of selling the personal data of a minor without active consent.

The information provided on this page does not constitute legal advice. Yandex is not responsible for the consequences of its use. Before making legally significant decisions, it is recommended to consult a lawyer.