Compliance
Iowa CDPA
The Iowa Consumer Data Protection Act (ICDPA) serves to protect Iowa residents from the misuse of their personal data.
Cassie helps you achieve compliance without you having to compromise your business goals.
What is the Iowa Consumer Data Protection Act (ICDPA)?
The Iowa Consumer Data Protection Act (ICDPA) grants consumers the right to access, the right to delete, the right to portability and the right to opt out of the sale of their personal data.
Similar to other state privacy laws, the Iowa privacy law applies to entities that conduct business in Iowa or offer products or services aimed at consumers within the state.
Does your business need Iowa CDPA compliance?
The ICDPA applies to a business that targets Iowan consumers and:
- Controls or processes personal data about at least 100,000 consumers, or
- Controls or processes personal data about at least 25,000 consumers and derives at least 50% of revenue from selling personal data.
This application threshold mirrors new state privacy laws in Virginia and Utah.
Consumer rights under Iowa CDPA
The ICDPA provides Iowa consumers with the following rights over their personal data:
The right of access: To confirm whether the controller processes their personal data and to access the personal data.
The right to delete: To delete personal data provided by the consumer.
The right to data portability: To access a copy of personal data provided by the consumer (with some exceptions, see below) in a portable and machine readable format.
The right to opt out: To opt out of the sale of personal data.
Consumers may submit a consumer rights request up to twice per year.
Controllers must establish a “secure and reliable” way to authenticate consumers’ identities before fulfilling a request. This must not require the creation of a new account.
Why choose Cassie?
Most consent management providers offer templated solutions so that you can ensure compliance. This might sound good and exactly what you’re after, but you’ll have to sacrifice your business goals to achieve this.
With Cassie’s CPM you can be confident in knowing that you’ll be compliant with ICDPA and other relevant regulations without having to jeopardize business aims and objectives. As well as achieving compliance, you’ll be able to build trust and loyalty with your customers by offering transparency.
Protect individual privacy
Allow end users to take control of their preferences with granular consent controls enforced across domains, devices and platforms
Avoid fines and brand damage
Cassie enables organizations to meet the complex requirements of APP and mitigate risk with a robust framework for managing consent, avoiding severe penalties and reputational damage
Pass audit inspections
Be prepared for compliance audits with demonstrable tracking and complete history logs, alongside advanced RoPA and DSAR modules to improve efficiencies and assess risk
Ensure data security
Cassie is SOC 2 certified, assuring organization’s data is safeguarded from unauthorized access or breaches with industry-leading encryption protocols and practices
Centralized source of truth
Use Cassie to honor and enforce consent data via APIs and integrations at high volume, in real-time for APP compliance across your tech stack (CRMs, CMS, marketing automation tools, BI tools)
Complex consent made simple
For every consent captured, Cassie can store unlimited key value pairs of additional information against those consents to unlock scalable, granular consent management
