California Consumer Privacy Act (CCPA) Compliance
Security and Compliance · Updated June 18, 2025
Introduction
This document provides information regarding Reactor Data's compliance with the California Consumer Privacy Act (CCPA).
Background
The California Consumer Privacy Act (CCPA) is a state law that governs how businesses operating in California handle the personal information of California residents.
CCPA Rights for California Residents
The CCPA grants California residents specific rights concerning their personal information, including the right to:
- Know what personal information is being collected about them.
- Request that a business delete their personal information.
- Opt-out of the sale of their personal information to third parties.
Reactor Data's CCPA Compliance
Reactor Data is committed to maintaining compliance with the CCPA and has established a robust process for managing Customer Do Not Track requests.
Information Collected by Reactor Data
Reactor Data collects certain categories of information, as detailed in the following table:
| Category | Examples | Consumer Data Collected? |
|---|---|---|
| Identifiers | A real name, alias, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers. If you apply for a job through our website, we may collect any contact information (e.g., name, email, address, phone number) that you provide. | YES, if provided by you |
| Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, size information that may provide us with your end users' physical characteristics or description, address, telephone number. If you apply for a job through our website, we may collect any education or employment history that you provide. Some personal information included in this category may overlap with other categories. | YES, if provided by you |
| Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression), sexual orientation, veteran or military status, genetic information (including familial genetic information). | NO |
| Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | YES, if provided by you |
| Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | NO |
| Internet or other similar network activity. | Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. | YES |
| Geolocation data. | Physical location or movements. | YES, if provided by you |
| Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | NO |
| Professional or employment-related information. | Current or past job history or performance evaluations or job applications. | NO |
| Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student are maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | NO |
| Inferences drawn from other personal information. | Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | YES |
Personal Information Exclusions
It is important to note that personal information does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Information excluded from the CCPA's scope, including, without limitation:
- Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data.
- Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.
Additional Resources
- For more information regarding how Reactor processes customer data deletion requests, please see our Requesting Removal of Consumer Data documentation.
- For more information about Reactor Data's privacy policy, please refer to Reactor Data's privacy policy page: Reactor Data privacy policy page.
- For more information about the CCPA, please refer to the California government website: https://oag.ca.gov/privacy/ccpa.