Top 7 Questions To Ask Your First-Party Data Provider: Is This Data Legal?

by Julia Giacoboni, Director of Product Marketing

As consumer privacy laws become stricter, collecting data will become trickier. When partnering with a data provider, it’s important to ask them if their process is legal. With all the privacy laws, how can we be sure the data being provided is legal and compliant? 

State Consumer Privacy Legislation

CCPA and Other Regulations 

Do they follow the California Consumer Privacy Act (CCPA)? Although the CCPA is a California regulation, it won’t be long before other states follow suit establishing a similar act. If you do business in those states, this is incredibly important to be mindful of.  

Announced recently, a bill was drafted by Congress, known currently as the American Data Privacy and Protection Act. If the bill were to pass, it would require a public registry of data brokers and the option for consumers to opt-out of their information being collected. 1  

One way to ensure your data is future-proof is to verify that it is completely compliant. You always want to make sure, especially in a cookieless world, that you are paying attention to your privacy rules. 

Privacy Legislation Basics

Some Follow-Up Questions 

  • Is the data aggregated legally?  
  • Is it compliant with all state regulations?  
  • Do you have a consumer privacy plan in place? 

We always want to make sure data is legitimate. People move and things are constantly changing. If the data provider is pulling data from a source that is not reliable, that is a big problem.  

privacy compliance

Opt-Out and Validated Data 

Ask your data provider what kind of procedures they have in place to make sure there is an opt-out plan and that the data is checked, validated, and audited frequently. Does the data provider comply with the legislation and regulations currently in place? If they are a legitimate data provider, they should have their documents and privacy policy ready for you to review and approve.  

For Our Friends Outside the U.S. 

You might not need to worry about the CCPA; however, you do need to look at the regulations in your country. General Data Protection Regulation (GDPR) is a strict governmental regulation that needs to be kept in mind. Check with an attorney to make sure the data you are receiving is compliant with your local regulations. 

Partners of Your Data Vendor 

Take a look at the partners your data vendor is working with. You have many options for who you can partner with. works with OneTrust LLC, a leading Trust Intelligent Platform. With the help of OneTrust LLC, you can set up a legal plan and make sure opt-outs are accessible and unsubscribing or removal is an attainable, transparent process.  

Make sure your vendor has a general counsel, a lawyer, or a partner they are working with to make sure everything is done right procedurally. Not just someone behind the scenes deleting records when they don’t want them anymore.’s Promise To Comply With State Data Privacy Laws 

We understand how important privacy is. This is why we ensure that all our technology is opt-in and privacy-first in order to help you adapt to changing legal environments. We are committed to staying up to date on the latest privacy rules and regulations. We are also fully integrated with privacy tools, such as OneTrust LLC.  

If you are interested in learning more, check out our Privacy Hub and POV. Make sure to follow up by scheduling a demo

what kind of data are your providing me    privacy compliance    is the data clean

To read more in this series, check them out here:

Top 7 Questions To Ask Your First-Party Data Provider

What Is The Impact of Losing Third-Party Cookies?

What Kind of Data Are You Providing Me?

Is This Data Clean?

How Do I Get the Data?

How Much Work Is This Going To Be for Me?

What Should I Do with My First-Party Data?