The California Consumer Privacy Act (CCPA), amended by the CPRA, gives California residents rights over their personal information. It applies to businesses that meet certain revenue or data-processing thresholds.
Key CCPA Requirements
1. Do Not Sell My Personal Information - consumers can opt out of the sale of their personal information
2. Right to know - consumers can request what personal information is collected
3. Right to delete - consumers can request deletion of their personal information
4. Non-discrimination - businesses cannot discriminate against consumers who exercise their rights
How LegalBanner Helps
Opt-out mechanism: LegalBanner's consent banner can be configured to show a "Do Not Sell or Share My Personal Information" link
Consent categories: Marketing cookies (which may involve data sharing with ad networks) are blocked until the user opts in
Consent logging: All opt-in and opt-out decisions are recorded for compliance evidence
Policy generator: Generate a CCPA-compliant Privacy Policy that includes required disclosures
CCPA vs GDPR
| Aspect | GDPR | CCPA |
|--------|------|------|
| Default | Opt-in (consent required before cookies) | Opt-out (cookies allowed unless user opts out) |
| Scope | EU residents | California residents |
| Fines | Up to 20M euros / 4% revenue | $2,500 per violation, $7,500 intentional |
| Right to delete | Yes | Yes |
| Data portability | Yes | Yes |
Configuration
LegalBanner detects the visitor's jurisdiction and adjusts behavior:
EU visitors: opt-in mode (all non-essential cookies blocked by default)
California visitors: opt-out mode (cookies are allowed, with a clear opt-out mechanism)