The CPA imposes new legal requirements for applicable businesses and data controllers. We address some frequently asked questions below.
The Colorado Privacy Act (CPA) is the 3rd comprehensive consumer rights and privacy law enacted in the United States and is effective on July 1, 2023. It provides additional protection to Colorado residents’ personal data.
Like other US privacy legislation such as the California Consumer Privacy Act (CCPA) or the Virginia Consumer Data Protection Act (CDPA), the Colorado Privacy Act can be applicable even if you are not based in the law’s region. It applies to controllers who conduct business or produce or deliver commercial products or services to Colorado residents. They also must either control or process 100,000 or more individuals’ personal data in a year or derive revenue or discounts from the sale of personal data and control or process the personal data of at least 25,000 consumers.
Fundamentally, you must ensure your collection and processing of data is adequate, relevant, and limited to specified and necessary purposes. Business, or data controllers, must obtain opt-in consumer consent to data collection, have a universal opt-out mechanism of the processing of personal data, fulfill consumers’ requests to access, correct or delete of their data in a timely manner, and allow data portability so consumers could obtain a copy of their data.
OneTrust Privacy and Data Governance Cloud helps you achieve compliance with real time regulatory updates, automated data privacy operations backed by AI, and easy auditing and reporting. We also provide access to a centralized repository of resources on the Colorado Privacy Act (CPA) that includes the law’s text, guides, and regulatory guidance on the latest amendments.
Ready to get started?
Request a free demo today to see how OneTrust can guide your trust transformation journey.
Our privacy center makes it easy to see how
we collect and use your information.
When we collect your personal information, we always inform you of your rights and make it easy for you to exercise them. Where possible, we also let you manage your preferences about how much information you choose to share with us, or our partners.