Categories of Third Parties

CCPA requires that businesses disclose the categories of third parties with whom the business shares personal information. The CCPA regulations state:

“Categories of third parties” means types or groupings of third parties with whom the business shares personal information, described with enough particularity to provide consumers with a meaningful understanding of the type of third party. They may include advertising networks, internet service providers, data analytics providers, government entities, operating systems and platforms, social networks, and data brokers.

TrueVault has mapped hundreds of third party systems and has found the following categorizations to be both understandable and useful:

Category Examples
Business Communication and Collaboration Tool Gmail, Mailchimp, Asana, Confluence, SurveyMonkey
Data Analytics Provider Amplitude, Sisense
Hosting Services Provider AWS, GCE, WPE
Data Storage Service Provider Box, Dropbox, Google Drive
Payment Processor Stripe, Authorize.Net, Square, Paypal
Ad Network Facebook Ads, Google Ads, Rubicon Project
Sales and Marketing Tool Hubspot, Salesforce
Product Infrastructure Tool New Relic, Bugsnag
Product Engineering and Design Tool Jira, Circle CI
Order Fulfillment Fishbowl Inventory, Shipbob
eCommerce Shopify, Squarespace
Finance and Accounting Tool Quickbooks Online, Fuse Billing
Social Network Twitter, LinkedIn
Data Broker Crunchbase, ZoomInfo
ISP Comcast
Government Entity IRS, State Franchise Tax Board