Who’d have thought that a brewer with operations in Colorado and North Carolina would have to comply with privacy regulations promulgated in California? New Belgium Brewing learned that would be the case at the end of 2018, when the California Consumer Privacy Act (CCPA) was passed with provisions covering California consumers doing business with out-of-state companies—like New Belgium Brewing. The compliance details that New Belgium Brewing needed weren’t available until the following July, and the company had only five months to develop a compliance system by the law’s deadline of December 2019. Failure to do so could have meant big fines.
With help from Nintex, New Belgium Brewing developed a solution in just one month. Its solution standardizes and automates the way the company handles privacy requests from its California customers, enabling the company to meet those requests twice as fast as the law requires and leaving employees with plenty of time for their top priority: crafting great beer.
The Swiss army knife of technologies
Using Nintex, New Belgium Brewing had previously streamlined, automated workflow solutions for everything from human resources and sales to volunteer management, planning product launches, and tracking beer shelf life. “We began using Nintex 12 years ago,” says Tye Eyden, Collaboration Business Systems Analyst at New Belgium Brewing. “We use it on-prem and in the cloud, for solutions within a department and throughout the company. The more our people experience Nintex, the more they come to us to propose new ways to use it.”
The CCPA-compliance solution is among the broadest Nintex-based solutions at New Belgium Brewing, engaging the company’s marketing, sales, environment health and risk, HR, and even corporate sustainability departments.
The process kicks off when California-based consumers ask the company what personally identifiable information it holds on them through a form built on Nintex Workflow Cloud. Once submitted, the data is stored in SharePoint Online and a workflow routes the request to each department. Each department identifies the consumer’s information in their database and forwards their responses. The consumer is then sent an email that lists the stored information and gives them the option to request its deletion. Once they reply, the workflow routes their request back for each department to take the appropriate action and once completed, a confirmation email is sent. All these steps are captured by Nintex, stored in SharePoint, and are immediately available in case of audit.