Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters
GLOSSARY
General
California Consumer Privacy Act (CCPA)

What is the California Consumer Privacy Act (CCPA)?

The California Consumer Privacy Act is a state statute passed in 2018. It gives California residents new data privacy rights and requires compliance obligations from any for-profit entity that does business with California residents. Enforcement of CCPA regulations went into effect on January 1, 2020.

New privacy rights for California residents include:

  • The right to know about the personal information a business collects about them and how it is used and shared

  • The right to delete personal information collected from them (with some exceptions)

  • The right to opt out of the sale of their personal information

  • The right to non-discrimination for exercising their CCPA rights

Public, non-profit entities are exempt from complying with the CCPA. Any business’s contractual provision that would otherwise waive a California resident’s data rights is unenforceable under the CCPA. 

The CCPA protects personal information (PI) that identifies, relates to, or could reasonably be linked with a California resident or their household. Examples of CCPA-protected data include social security numbers, credit card numbers, and internet search history. Publicly available information is not protected under the CCPA.

The compliance news you need. Delivered securely to your inbox.

Everything you need to get compliance audit ready, fast.