Skip to main content

On-demand webinar coming soon...

CCPA Compliance

Automate CCPA compliance for your organization

Accelerate time to CCPA compliance with a unified, fully automated solution for responding to consumer rights and Do Not Sell requests. 

CCPA Compliance

Operationalize CCPA requirements

Our platform enables you to manage all aspects of CCPA compliance in one platform, including automating consumer rights requests, enabling opt-out of sale across platforms, and managing incident notifications. 

Access a centralized repository of CCPA resources that includes the law’s text, comprehensive guides, regulatory guidance, and a CCPA amendment tracker so you can stay up to date. 

Leverage CCPA-specific response workflows. Automate every phase of the consumer request process including intake, identity verification, data discovery, deletion, and secure response. 

Build “Do Not Sell My Personal Information” links and user interfaces for web, mobile, and CTV platforms with pre-built templates, and communicate opt-outs to third parties. 

Stay up to date by data mapping your IT systems, business processes, and third parties. Deploy automated data discovery and attach CCPA-specific labels with both out-of-the-box and custom classifiers. 

Centralize and analyze incidents across all detection and reporting channels with California Data Breach Notification templates. Streamline response and comply with the CCPA’s 30-day cure period. 

August 21, 2024

Transforming your data privacy and AI strategy with OneTrust

Join us for a live demo where we will discuss the advanced capabilities of OneTrust solutions in data privacy enforcement, first-party data collection, and AI innovation.

Play arrow icons on a green background.


The CCPA is one of the many data privacy laws that have been changing the regulatory landscape over the past few years. We provide answers to some frequently asked questions below. 

The California Consumer Privacy Act of 2018, and its 2020 amendment called the California Privacy Rights Act (CPRA), is a California law that seeks to provide more robust privacy protection to California consumers. It gives them the means to opt-out of the sale of personal information for targeted advertising, request deletion of data, and inform consumers if they were exposed to a data breach.

Any for-profit company that does business in California and fulfills any of these requirements: Its annual gross revenue is $25 million or more; it buys, sells, or receives 50,000 or more California residents' personal data; or it derives 50% or more of its annual revenue from selling their consumers’ personal information. Even out-of-state companies are affected by the CCPA and must ensure their privacy practices are updated and compliant. 

Under the CCPA, California residents have a right-to-know about the categories of personal information that is being collected, how it is used, the purpose of its collection, and the categories of third parties that buy or receive this sensitive data. They have a right to opt-out of sale of their personal information, and a right to have their personal information deleted upon request. Companies must also provide a notice of collection that has a Do Not Sell link and a link to their privacy notice. 

While the CCPA focuses on Californians’ consumer privacy rights and the GDPR protects European personal identifiers, these privacy laws are similar in their global reach: companies do not have to be based in either California or Europe to be affected. 

The OneTrust Privacy and Data Governance Cloud provides you with a way minimize risk of non-compliance by leveraging automation and a centralized regulatory knowledge base so you can stay up-to-date and compliant, shorten data processing, time and quickly fulfill consumer data requests, and maintain data accuracy across web, mobile, and CTV platforms. 

Ready to get started?

Request a free demo today to see how OneTrust can guide your trust transformation journey.