California Consumer Privacy Act (CCPA) and Rocket.Chat

Gabriel Engel
February 10, 2020
min read

Starting the first of January this year, many businesses serving customers in California follow CCPA - a new regulation in California - when they process their personal data. Are you looking for a communications platform that can be used with the CCPA? Or are you already using Rocket.Chat and looking for some details about the effects of CCPA? Look no further, we have some answers for you right here.

What is the CCPA?

In short, a comprehensive consumer privacy law in the United States, enacted in 2018 and put in force on the first day of 2020. It is in parts much alike the General Data Protection Regulation (GDPR) in Europe and aims to put consumers in control of their data. The search engine of your choice will likely produce millions of results on the CCPA as it has been widely debated over the last few months. Rather than providing you a recap, let's dive right into Rocket.Chat.

How can you use Rocket.Chat to comply with CCPA?

Rocket.Chat comes with numerous capabilities that make it easy for you to follow the requirements of CCPA when using Rocket.Chat. Being open-source, Rocket.Chat generally comes in two ways of installation:

  • Self-managed, where you run it on the infrastructure of your choice. We have both a Community Edition and an Enterprise Edition with more features available.
  • Our hosted offering, where we provide you the full service of running the edition of your choice for you. (Start your trial here)

What is important for you under CCPA depends on the type of installation you want to use.For all installations, including self-managed:

  • You can fully customize your privacy notice in Rocket.Chat. Either set an individual privacy notice text or place a URL to your overarching policy. This way you can inform your users about how you intend to use Rocket.Chat in your organization and what data you want to collect.
  • You can manage all data subject rights by yourself. Rocket.Chat gives you capabilities e.g. to delete personal data of individuals or to export data in an industry-standard format. According to your preferences, you can even toggle if you want this process as a user self-service or under the control of the administrator.
  • With our granular permission system, you can also give selected roles (e.g. moderators of a channel) the rights needed to purge messages, so your communities can govern themselves if you wish to.

For our hosted offerings:

  • We are a service provider under CCPA. In our privacy policy, we describe the categories of personal data we process. We also limit the usage of the personal data of your instance: we only use it in ways necessary to provide you the service. We do not collect and sell your personal data, you remain the owner of your data and in full control. As CCPA is a new law, there are different interpretations in how to address it in service provider agreements: So if you have specific contractual language that you would like to include, feel free to reach out to your sales representative.
  • We charge the same price for the same tier, regardless of the data inside. In today's economy, some services offer free services as long as you allow them to analyze and sell onward your data. This is not our business model. We do not charge you different prices based on the personal data you enter in your instance. Our pricing tiers are purely based on features and in every tier, you remain in control of your data. Also in your free trial period.
  • All servers run on a secured infrastructure based on AWS. You can choose the region of where your data is hosted. In case an incident would occur, we would inform you and cooperate in the incident response to your users.

We hope this helped you with the implications of CCPA on your organization. As the next update of the CCPA called CCPA 2.0 is already in planning, let us know which other features you would like to see upcoming.

Get started with Rocket.Chat’s secure collaboration platform

Talk to sales

Frequently asked questions about <anything>

Gabriel Engel is the CEO and co-founder of Rocket.Chat, the leading open source communications platform.
Gabriel Engel
Related Article:
Team collaboration: 5 reasons to improve it and 6 ways to master it
Want to collaborate securely with your team?
Deploy Rocket.Chat on-premise or in the cloud and keep your conversations private.
  • Digital sovereignty
  • Federation capabilities
  • Scalable and white-labeled
Talk to sales
Looking for a HIPAA-ready communications platform?
Enable patients and healthcare providers to securely communicate without exposing their data.
  • Highly scalable and secure
  • Full patient conversation history
  • HIPAA-ready
Talk to sales
The #1 communications platform for government
Deploy Rocket.Chat on-premise, in the cloud, or air-gapped environment.
  • Digital sovereignty
  • Trusted by National Geospatial-Intelligence Agency (NGA), the US Army, the US Navy, and the US Air Force
  • Matrix federation capabilities
Talk to sales
Want to customize Rocket.Chat according to your own preferences?
See behind the engine and change the code how you see fit.
  • Open source code
  • Highly secure and scalable
  • Unmatched flexibility
Talk to sales
Looking for a secure collaboration platform?
Keep your conversations private while enjoying a seamless collaboration experience with Rocket.Chat.
  • End-to-end encryption
  • Cloud or on-prem deployment
  • Supports compliance with HIPAA, GDPR, FINRA, and more
Talk to sales
Want to build a highly secure in-app chat experience?
Use Rocket.Chat’s APIs, frameworks, and managed backend to build a secure in-app or live chat experience for your customers.
  • Supports compliance with HIPAA, GDPR, FINRA, and more
  • Highly secure and flexible
  • On-prem or cloud deployment
Talk to sales

Our best content, once a week

Share this on:

Get your free, personalized demo now!

Build the most secure chat experience for your team or customers

Book demo