CCPA Compliance

What is the CCPA?

AB 375 allows any California consumer to demand to see all the information a company has saved on them, as well as a full list of all the third parties that data is shared with. In addition, the California law allows consumers to sue companies if the privacy guidelines are violated, even if there is no breach.

Does the CCPA affect my agency?

All companies that serve California residents and have at least $25 million in annual revenue must comply with the law. In addition, companies of any size that have personal data on at least 50,000 people or that collect more than half of their revenues from the sale of personal data, also fall under the law. Companies don't have to be based in California or have a physical presence there to fall under the law. They don't even have to be based in the United States.

If the CCPA  does affect my agency, what data would I need to collect from BrightFire if a request is made by a policyholder?

BrightFire is happy to share all data our system may have on a particular policyholder making a CCPA request.

The types of data we may have within our platform pertaining to a policyholder are listed below:

  • A review from the policyholder posted on your company website.
  • Net Promoter Score (NPS) survey feedback left through our Reviews & Reputation Management service.
  • Form submissions through your company website (quote requests, general contact, etc.).


While the CCPA does not apply to most independent insurance agencies, any agency that is affected by this law may request information from BrightFire on a particular policyholder should a CCPA request be made by a policyholder. We are happy to provide all applicable data within our platform when needed.