CCPA Compliance
Take control of CCPA requirements and confidently demonstrate compliance

Your Complete Solution for CCPA Compliance
The California Consumer Privacy Act (CCPA) broadly expands the rights of consumers and requires businesses within scope to be significantly more transparent about how they collect, use, and disclose personal information. The CCPA was signed on June 28 2018, went into effect on January 1 2020, and began enforcement on July 1 2020.
TrustArc simplifies CCPA compliance so that you can focus on growing your business. Comply with CCPA requirements by knowing how data flows in your organization, identifying who has access to the collected data, and automating your ability to manage and respond to consumer rights and data subject requests.
Accelerate Your CCPA Preparedness Journey with TrustArc’s Automated Solutions

MAP DATA FLOWS WITHIN YOUR ORGANIZATION
Automatically generate data flow maps and gain insight
into the types of data collected, shared, and processed to
reduce privacy risk and meet CCPA privacy requirements

MEET CCPA CONSENT REQUIREMENTS
Configure the consent approach to display a CCPA-specific
consent model that can be customized to show a “Do Not Sell
My Personal Information” link, based on the user’s location

IDENTIFY RISK WITHIN BUSINESS PROCESSES
Conduct CCPA privacy assessments to identify risk within
your business processes and third-party vendors. Chart out
a path to remediation to manage ongoing compliance

AUTOMATE OPT-OUT OF SALE AND
DATA SUBJECT REQUESTS
Leverage CCPA-specific workflows to simplify requests
fulfillment and deliver accurate responses to your data
subjects within the regulatory timeline of 45 days
How To Prepare For CPRA
On November 3 2020, the Golden State voted in favor of Proposition 24, thus expanding the state’s privacy legislation with a new set of rules. As of January 1 2023, the California Consumer Privacy Act (CCPA) will be succeeded by the California Privacy Rights Act (CPRA).
Under the CPRA, the expansions and new provisions include:
- The Right to Deletion included in the CCPA will be extended
- Businesses may not ‘punish’ a consumer for exercising their individual rights under the CPRA if further clarified
- Consumers will be able to get access to more data than just the data collected in the 12 months preceding their request
- The data breach requirements are extended
- New concept of sensitive personal information, that requires a higher level of data protection than regular personal information is introduced
- A Right of Correction that allows consumers to request the correction of inaccurate personal information is introduced
- The concept of purpose limitation into the law is introduced
- A new limitation relates to cross-context behavioral advertising and the use of so-called dark patterns is introduced
- A new enforcement agency in California, comparable to data protection supervisory authorities elsewhere in the world is introduced
TrustArc Professional Services Help You Reach
and Maintain Ongoing CCPA Compliance

CCPA Privacy Assessment
Assess your company’s CCPA compliance status, identify gaps, and develop an action plan to meet and manage ongoing compliance.

CCPA Program Development
Design, build, and implement processes and tools to address CCPA compliance requirements.