California Consumer Privacy Act / CPRA.
The CCPA (as amended by CPRA) grants California consumers rights over their personal information - including the right to know, delete, opt out of sale/sharing, and correct inaccurate data. It applies to businesses meeting revenue or data processing thresholds, with enforcement by the California Privacy Protection Agency (CPPA).
Maximum penalty
$7,500 per intentional violation
Source: §1798.155
Key requirements
Right to know what personal information is collected and how it's used
Right to delete personal information (with exceptions)
Right to opt out of sale or sharing of personal information
Right to correct inaccurate personal information
+4 more requirements in the complete guide.
Get the full CCPA/CPRA compliance guide →Enforcement examples
Sephora
First CCPA enforcement - failing to honor opt-out requests and disclose data sales
$1.2M
2022
DoorDash
Selling consumer data without opt-out mechanisms
$375K
2023
How Tessera automates CCPA/CPRA compliance
Automated consumer request handling (know, delete, opt-out, correct)
Do Not Sell/Share signal detection and honoring
Data inventory and processing purpose mapping
Privacy notice generation and compliance validation
Service provider agreement compliance tracking
CCPA/CPRA compliance checklist
Essential steps to achieve and maintain CCPA/CPRA compliance.
Determine if your business meets CCPA thresholds
Map all personal information collection and processing
Implement 'Do Not Sell or Share My Personal Information' mechanism
+4 more steps in the full checklist.
Get your complete CCPA/CPRA compliance checklist - free →Industries affected
Calculate your CCPA/CPRA exposure.
See exactly how CCPA/CPRA penalties apply to your revenue and industry profile.