CCPA: A Summary of Key Consumer Rights
The California Consumer Privacy Act (CCPA) was adopted in 2018. Scheduled to go into effect from January 1, 2020, this regulation introduces new privacy privileges for California’s 40 million residents.
What are the Consumer Rights under the CCPA?
This legislation guarantees California residents five key rights in relation to their personal data.
The Right to Know
The CCPA requires businesses to make consumers aware of the information they collect about them. For this reason, companies must outline the kinds of information being collected and the purpose for which this data is gathered in their privacy policies.
The Right to Access
Under the CCPA, businesses are obligated to provide a mechanism through which the consumer can access and review the personal information collected about them.
The Right to Deletion
The CCPA’s deletion privilege is focused on allowing consumers to request the deletion of the information collected about them and stored by a business.
The Right to Opt-out
Consumers have the right - at any time - to command a company that sells personal information about them to third-parties to stope this sale under the CCPA. If a consumer is a minor, this regulation provides for the right to opt-in to the sale of data, which is exercised by minors aged between 13 and 16 years old or a guardian for minors under the age of 13 years.
The Right to Opt-In
After opting-out, consumers may choose to opt-in for the sale of their personal information again. This may happen due to the provision of certain products or services or for financial incentives in return for their data.
The Right to Equal Services and Prices
Under the CCPA, businesses are prohibited from discriminating against consumers by denial of goods or amenities, charging a different price or rate for goods or service, offering a different level or quality of goods or services, or implying that they will do any of these things as a result of a consumer’s exercise of any CCPA rights.
Learn more about CCPA using our detailed summary and find out how you can make your company and website CCPA compliant.
Once you have a clear picture of what you need to do to comply with CCPA, book a call today and get a personalized demo of our complete solution for free.
Data Broker Registration Explained (2026): How to Register Under U.S. Privacy Laws
Data brokers occupy a peculiar position in the privacy landscape: they are often the most consequential handlers of personal information that consumers have never heard of. A person may carefully manage what they share with their bank, their employer, and the apps on their phone — and still find their name, home address, income range, health interests, and browsing behavior for sale across hundreds of databases they never interacted with.
- Legal & News
- Data Protection
EU AI Act Implementation Sprint: A 90-Day Playbook for Enterprise Compliance
The EU AI Act is no longer a regulation on the horizon. Prohibited AI practices have been enforceable since February 2025. General-purpose AI obligations have applied since August 2025. And on 2 August 2026 — five months from now — the full weight of high-risk AI system requirements under Annex III comes into force, bringing with it a penalty structure that exceeds even the GDPR: up to €35 million or 7% of global annual turnover for the most serious violations, and up to €15 million or 3% for non-compliance with high-risk obligations.
- AI Governance
React Native Consent SDK: Implement Mobile Consent Management
Adding a consent banner to a React Native app is straightforward. Implementing consent management that actually controls data collection — where no third-party SDK fires a network request before the user has responded, where consent state persists correctly across sessions, and where every decision is logged for regulatory audit — is a different engineering problem.
- Mobile Consent