Skip to content
Compliance

CCPA & CPRA Compliance

How ClickFortify handles California privacy law — no sale of personal information, fraud-prevention-only processing, and clear channels for consumer requests.

Overview

The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), gives California residents rights over their personal information. This page explains how ClickFortify’s click fraud protection service approaches those obligations. It complements our Privacy Policy and GDPR compliance documentation.

What information ClickFortify processes

To detect invalid clicks and fraud, the service processes technical traffic signals:

  • Identifiers: IP address and an anonymized device signature derived from browser and device characteristics
  • Internet activity: click timing, session behavior, and engagement patterns on pages where the tracking snippet runs
  • Commercial context: which ad, campaign, and platform a click came from
  • Customer account data: name, email, and billing details for ClickFortify customers

ClickFortify does not intentionally collect sensitive personal information, does not build advertising profiles on individuals, and does not use fraud signals for ad targeting.

No sale of personal information

ClickFortify does not sell personal information, and has not done so. Traffic data is processed solely to detect and prevent click fraud for the advertiser whose campaigns it relates to. Because no sale or cross-context behavioral sharing takes place, no “Do Not Sell or Share” opt-out is required to use sites protected by ClickFortify — but the request channel below is always available.

Our role: service provider to advertisers

When ClickFortify analyzes traffic on behalf of an advertiser, it acts as a service provider under the CCPA: processing is limited to the business purpose of fraud detection and prevention, governed by our Data Processing Agreement, and the data is never retained, used, or disclosed for any other purpose.

Your rights as a California resident

  • Right to know — what categories of personal information are collected and why
  • Right to delete — request deletion of personal information, subject to legal exceptions (including fraud prevention and security, which the CCPA expressly recognizes)
  • Right to correct — fix inaccurate personal information
  • Right to opt out of sale or sharing — not applicable in practice, as ClickFortify does not sell or share personal information
  • Right to non-discrimination — exercising these rights never affects service quality or pricing

How to submit a request

Email app@clickfortify.com with the nature of your request. We verify requests before acting on them and respond within the timelines the CCPA requires (45 days, extendable once with notice). If your request concerns traffic analyzed for one of our customers, that advertiser is the business responsible for the data — we support them in fulfilling verified requests as their service provider.

Minors

ClickFortify is a business-to-business service for advertisers and is not directed to minors. We do not knowingly collect personal information from anyone under 16.

Contact

Questions about California privacy rights: app@clickfortify.com. See also GDPR compliance, Data Security, and the Data Processing Agreement.