CCPA/CPRA Compliance

Consumer-facing privacy notice disclosing data collection, use, sharing practices, and consumer rights under CCPA/CPRA.

Internal procedures for handling consumer rights requests including access, deletion, correction, opt-out, and portability.

Policy for maintaining an inventory of personal information collected, used, shared, and deleted across the organization.

Procedures for honoring consumer opt-out requests from sale and sharing of personal information under CCPA/CPRA.

Retention schedules and secure deletion procedures for personal information under CCPA/CPRA data minimization principles.

Requirements for data processing agreements and service provider contracts to comply with CCPA/CPRA third-party requirements.

Reasonable security measures required to protect personal information and avoid CCPA private right of action for data breaches.

Training requirements for employees who handle consumer personal information or process consumer rights requests.