CCPA: A Summary of Key Consumer Rights
The California Consumer Privacy Act (CCPA) was adopted in 2018. Scheduled to go into effect from January 1, 2020, this regulation introduces new privacy privileges for California’s 40 million residents.
What are the Consumer Rights under the CCPA?
This legislation guarantees California residents five key rights in relation to their personal data.
The Right to Know
The CCPA requires businesses to make consumers aware of the information they collect about them. For this reason, companies must outline the kinds of information being collected and the purpose for which this data is gathered in their privacy policies.
The Right to Access
Under the CCPA, businesses are obligated to provide a mechanism through which the consumer can access and review the personal information collected about them.
The Right to Deletion
The CCPA’s deletion privilege is focused on allowing consumers to request the deletion of the information collected about them and stored by a business.
The Right to Opt-out
Consumers have the right - at any time - to command a company that sells personal information about them to third-parties to stope this sale under the CCPA. If a consumer is a minor, this regulation provides for the right to opt-in to the sale of data, which is exercised by minors aged between 13 and 16 years old or a guardian for minors under the age of 13 years.
The Right to Opt-In
After opting-out, consumers may choose to opt-in for the sale of their personal information again. This may happen due to the provision of certain products or services or for financial incentives in return for their data.
The Right to Equal Services and Prices
Under the CCPA, businesses are prohibited from discriminating against consumers by denial of goods or amenities, charging a different price or rate for goods or service, offering a different level or quality of goods or services, or implying that they will do any of these things as a result of a consumer’s exercise of any CCPA rights.
Learn more about CCPA using our detailed summary and find out how you can make your company and website CCPA compliant.
Once you have a clear picture of what you need to do to comply with CCPA, book a call today and get a personalized demo of our complete solution for free.
Data Governance & Compliance for AI Chatbots and RAG Systems
Enterprise AI chatbots powered by large language models have moved well past proof of concept. In 2026, most production deployments use Retrieval-Augmented Generation — a technique that grounds model responses in live organisational data rather than static training knowledge.
- AI Governance
Data Protection Management System (DPMS): Framework and Implementation Guide
Most organisations handle privacy compliance through a patchwork of disconnected activities: a spreadsheet for processing records, email threads for data subject requests, manual document checklists for DPIA sign-off. This works until it does not — until a regulator asks for evidence of accountability and the response is a folder of stale documents, or until a breach occurs and no one can confirm what data was processed where. A data protection management system replaces that patchwork with a structured governance framework: defined policies, operational workflows, and the technology to run them at scale.
- Privacy Governance
React Native Consent SDK: Implement Mobile Consent Management
Adding a consent banner to a React Native app is straightforward. Implementing consent management that actually controls data collection — where no third-party SDK fires a network request before the user has responded, where consent state persists correctly across sessions, and where every decision is logged for regulatory audit — is a different engineering problem.
- Mobile Consent