Get started
We are having lots of fun on Discord. Come and join us!
Star on GitHub 43.6K Get started
Back to blog
  • 6 min

Appwrite is now CCPA compliant: Build privacy-first applications with confidence

Appwrite complies with the standards of the California Consumer Privacy Act.

Jake Barnby

Jake Barnby

Engineering Lead

At Appwrite, we're committed to helping you build secure, privacy-focused applications that meet the highest data protection standards. Now, Appwrite is fully CCPA-compliant, providing secure and reliable data management.

What is CCPA, and why does it matter?

The California Consumer Privacy Act (CCPA) is a landmark data privacy law that enhances consumer rights for residents of California. It was signed into law in 2018 and enacted on January 1, 2020. The law aims to give California residents more control over the personal data that businesses collect about them. Although CCPA is specific to California residents, its impact is often felt nationwide and across borders. Many companies that do business in California implement CCPA protections for all users simply because it's easier than maintaining separate data policies for different regions.

Key rights granted by the CCPA include:

  1. Right to know: Consumers can request information about the personal data a business collects, uses, shares, and sells.

  2. Right to delete: Consumers can request that a business delete their personal data, with some exceptions.

  3. Right to opt-out: Consumers can opt-out of the sale or sharing of their personal information.

  4. Right to non-discrimination: Businesses are prohibited from discriminating against consumers who exercise their CCPA rights (e.g., by denying services or charging higher prices).

  5. Right to correct: Consumers can correct any inaccurate personal information a business has about them.

  6. Right to limit: Consumers can limit how a business uses and shares their sensitive personal information.

The CCPA applies to businesses that meet certain criteria, including having annual gross revenues of over $25 million, handling the personal information of 50,000 or more consumers, or deriving 50% or more of their annual revenues from selling consumers' personal information.

It's similar to the GDPR (General Data Protection Regulation) in Europe, though the two have some differences in scope and enforcement. Learn more about CCPA vs GDPR.

What does Appwrite’s CCPA compliance mean for you?

Besides wanting to put your user's privacy first, complying with CCPA is crucial for your business for:

  • Legal and financial implications: Non-compliance can lead to hefty fines and lawsuits, especially in cases of data breaches.

  • Customer trust: Adhering to CCPA shows that a company values privacy and is willing to go the extra mile to protect users, which can differentiate it in the marketplace.

  • B2B partnerships and contracts: Many companies, particularly those handling sensitive or personal data, are now requiring their partners, vendors, and service providers to be CCPA compliant.

With Appwrite’s CCPA compliance, you can trust that Appwrite will adhere to the strictest data privacy regulations. So whether you are developing apps that handle sensitive user data or simply looking to improve your data management practices, Appwrite helps you achieve privacy-first applications as we focus on privacy by design. But remember, it’s up to you to maintain the same standards in your compliance measures to ensure your user's privacy.

Measures taken to comply

To ensure we adhere to the strict rules and regulations, we have taken the following steps:

  • Added CCPA references to Appwrite’s DPA to execute with customers.

  • Added CCPA references to Appwrite’s DPA to execute with vendors.

  • Updated the data subject rights summary to add details of data subjects' rights under CCPA, and Appwrite should assist customers in complying with these rights.

  • Employees' training for handling inquiries about privacy practices and Appwrite’s compliance with CCPA.

  • Updated Appwrite’s data retention and deletion policy.

  • Updated Appwrite’s data breach and incident response policy.

Appwrite safeguards personal information to the same extent it protects its own, complying with relevant privacy laws and regulations in the jurisdictions where its services are offered.

If you’re searching for a backend provider that’s CCPA-compliant or considering CCPA- and GDPR-compliant alternatives to Firebase, Appwrite might be a great fit for you. Take a look at our documentation to learn more about how we approach security and compliance.

More security and compliance resources

Learn more about Appwrite compliance:

Read next

Subscribe to our newsletter

Sign up to our company blog and get the latest insights from Appwrite. Learn more about engineering, product design, building community, and tips & tricks for using Appwrite.