CCPA Compliance Checklist

California Consumer Privacy Act compliance in a checklist format. Check off what you've done, work through what you haven't.

// privacy notice requirements

Categories of personal information collected. Business purposes for collection. Categories of third parties you share with. "Do Not Sell My Personal Information" link if applicable.

// consumer rights

Right to know what data you have. Right to delete. Right to opt-out of sale. Right to non-discrimination. Verification process for requests.

// operational requirements

Two methods to submit requests. 45-day response timeline. 12-month lookback for disclosures. Employee training documentation.

// what triggers ccpa

$25M+ annual revenue, OR data on 50,000+ California residents, OR 50%+ revenue from selling personal info. If you don't hit these thresholds, CCPA technically doesn't apply—but following the principles is still smart.