Skip to main content
All CollectionsTerms & conditions
CCPA Compliance Introduction
CCPA Compliance Introduction

Marsello is compliant with both the CCPA regulations. Here’s some detailed information about how these laws and regulations affect Marsello.

Updated over a week ago

What is CCPA?

The Californian Privacy Act, or CCPA, is a Californian State Law that came into effect on January 1st, 2020. This regulation changes how companies collect, use and process the personal data of Californian residents.

Marsello is compliant with both the CCPA regulations. Here’s some detailed information about how these laws and regulations affect Marsello.

How CCPA affects Marsello

The CCPA are broad regulations that reshape the landscape of data usage for companies that operate in the State of California, United States. We have extensively evaluated how both CCPA affects us and our users. The good news is that these laws do not require us to change the services we provide - it just changes how we provide those services:

  • It requires us to re-organize our privacy team and to adequately document and keep records of certain privacy-related decisions made by us so that we are accountable for our privacy practices.

  • To make sure that we and our users are able to honor the rights of Californian customers over their personal data.

  • It requires us to make certain contractual commitments to our merchants and requires us to get certain contractual commitments when we use a third-party sub-processor to provide our services.

What we've done to prepare for CCPA

  • We appointed a Data Protection Officer to oversee the implementation plan.

  • We implemented a Data Protection Impact Assessment process, as required by the CCPA.

  • We deliver CCPA-focused training to key teams and personnel so that we are all aware of the law’s requirements and can design our products and business plans with privacy in mind.

  • We implemented a detailed procedure to deal with data subject access requests, deletion requests, and government access requests.

How CCPA affects how you run your retention marketing

Ultimately, CCPA compliance is the responsibility of every business that sells in the European Union and/or the State of California, regardless of where it is based. We suggest that every Marsello user consult legal experts to ensure they have sufficient privacy controls in place.

What you need to know when using Marsello

Marsello is a Data Processor, meaning that we process the data that you collect on your store, including personal data and non-personal data. When creating or editing your privacy policy, you will need to disclose that your customers’ data is being shared with Marsello for the purpose of the rewards program, including what data is being collected. The data we process for your customers includes:

Personal Data:

  • Name

  • Email

  • Phone Number

  • Address

  • IP Address

  • Date of Birth

Non-Personal Data:

  • Transactional Data

  • Account Creation Date

⚠️ Important: Marsello does not collect the customer's payment information (including credit card details) nor does Marsello sell any collected data.

How to remove customer data from Marsello

Under CCPA, Data Subjects have the "right to deletion". This means they can request that their data be removed at any point.

If you require a customer or a list of customers to be deleted from your retention marketing program, you can contact our support team via email or in-app chat. We will delete this customer data for you.


CCPA doesn't require companies to gather prior consent to send marketing emails to the customer, however, any limits on data collection will be imposed by individual customers who make requests to delete and opt-out

⚠️ Important: Marsello does require the customer to have given permission to receive email and/or SMS marketing from your store. This is to ensure your store is compliant with other marketing compliance laws and regulations such as GDPR, TCPA, and TCIA.

Note that transactional emails that relate to an order or transaction with your business are exempt from this requirement. If you are unsure about sending loyalty emails as transactional, you can always check the option in your settings to only send emails to customers who have opted into marketing emails.


The use of cookies is mentioned in the CCPA. They can be divided into essential and non-essential cookies.

  • Essential cookies are those necessary for providing the information requested by the user.

  • Non-essential cookies are considered to be identifiers and are used for analytics, advertising, or third parties including affiliates and those that identify a user when they return to the website. This type of identifier is considered to be personal data.

Marsello only retains essential cookies that are required for the proper functioning of the app and does not retain non-essential cookies.

Disclaimer: The information provided here is intended to be educational and should not be construed as legal advice. Marsello encourages all of our users — and all eCommerce merchants – to seek legal advice for counsel on how they specifically should prepare for CCPA.

Did this answer your question?