CCPA Compliance

CCPA compliance software for eCommerce.

The easiest and fastest way to launch a CCPA Do Not Sell My Information Page for your eCommerce store.

What is CCPA and the right to opt-out?

Under the California Consumer Privacy Act (CCPA), effective January 1, 2020, California residents have the right to request access or deletion of their personal information collected by a business.

By law, business owners have to give customers access to their personally identifiable information within thirty days of receiving a request for disclosure.

How it Works

CCPA compliance in easy 3 steps.

Create a "Do Not Sell" CCPA Page

Generate a CCPA Do Not Sell My Data page in minutes! The page template includes a legal notice and built-in customer data request form so customers can easily opt-out.

Easily Manage CCPA Data Requests

Over time your business collects sensitive personal consumer data. With Enzuzo, your customers can easily make CCPA requests to access their data, have their personal data deleted, or request their data not be sold by your business.

CCPA Compliance in Minutes

Never miss a CCPA request with Enzuzo's automated DSAR workflow and streamlined privacy dashboard to verify and complete data subject access requests on time.

Create Free Account

Avoid expensive CCPA privacy fines with our easy compliance solution.

Never miss a CCPA data request

Make it easy for customers to request their data with a simple data request form that lives within your Do Not Sell My Information page or your Enzuzo Privacy Policy.

CCPA request compliance in one place

CCPA data requests must be completed within 30 days, and failing to do so can result in expensive fines. With Enzuzo, you can track every CCPA request, streamlined in one easy privacy dashboard.

Protect your California customer data.

Grow customer trust and loyalty

Giving your customers total control over their personal information helps increase brand trust and transparency, while minimizing privacy risk. When they trust you, they come back.

Make sure customer data stays deleted

Enzuzo helps you streamline your data deletion management process across various tools, ensuring that when you delete consumer data, it stays deleted.

Customers Love Us

Join 1000+ brands minimizing CCPA risk.

"Before, I was worried about how I would effectively deal with customers' inquiries and privacy requests. Now, I feel at ease, because Enzuzo is taking care of this for my business."

Stacey Keller

Founder, Ponyback Hats

The best 'Do Not Sell My Info' page examples.

Looking for inspiration for your Do Not Sell My Information CCPA page? We've collected the best privacy examples on the internet.

screencapture-enzuzo-notion-site-f498bd5eb40345a3b86afba625da2319-2021-11-24-12_47_05 1 (1)

Common Questions

CCPA Compliance FAQs

What are CCPA regulations?

The California Consumer Privacy Act (CCPA) is a leading privacy law brought in to offer additional rights and protections for California residents. It gives them greater control over how their personal data is collected, processed, and shared by businesses.

A data subject (or someone making the request on their behalf) doesn’t need to be a customer of your eCommerce store for their request to be valid. They may be a current or ex-employee, corporate partner or sponsor, supplier, contractor, or anyone else that believes you may hold personal data on them.

What are the consumers' rights covered by the CCPA?

There are 5 different "rights" within the California Consumer Privacy Act in which you must abide by if you are collecting personal information of customers' who reside in California.

Right to notice
Right to disclosure
Right to opt-out
Right to fair treatment
Right to request deletion

Learn more about each of these rights in our Simple Guide to CCPA.

Do I need a Do Not Sell My Information page for my website?

If you sell to customers who live in California than it's a great idea to create and launch a Do Not Sell My Info or California Privacy Rights page for your website. Alternatively you can list more information about CCPA in your privacy policy if you don't want to have a standalone page.

The most important thing, is that you have an easy way for customers to submit data subject access requests so you can comply with the Right to Disclosure, the Right to Opt-Out and the Right to Request Deletion.

What is the penalty for noncompliance with the CCPA?

The Attorney General has the opportunity to impose injunctions and civil penalties on businesses for noncompliance and CCPA violations.

This penalty is set at $2,500 for each violation, which can rise towards $7,500 per violation if it was considered to be intentional. These penalties are applied per violation. This means if your violation refers to hundreds or thousands of individuals, the penalty can rise steeply.

What is a Data Subject Access Request (DSAR)?

The phrase “data subject access request” might sound complicated and technical, but when you strip it back a DSAR is simply a request from someone that you hold personal data on. They’re known as the data subject, and often want to access their data, hence the term data subject access request.

How do you get a CCPA compliance certificate?

The California Consumer Privacy Act (CCPA) was passed by the California State Legislature and signed into law by the Governor of California, Jerry Brown, on June 28, 2018. This act was meant to amend part 4 of Division 3 of the California Civil Code. The act stipulates that California residents have a right to know what personal data is being collected about them and how it’s being used.

Therefore, organizations are mandated to respond to personal data requests submitted to them by consumers. This law applies to all businesses in California, including for-profit entities that collect consumers personal information. But for your organization to qualify for CCPA compliance, it has to meet the following criteria:

Annual gross revenue of over $25 million
Ability to buy, receive, or sell personal data of over 50,000 consumers or households
More than half of its annual revenue is earned from selling personal consumer data

You also need to check if your organization is covered under the privacy act so that you can prepare for its compliance. To check for CCPA compliance, follow these steps:

Understand your responsibility to the act
Map your consumer data
Update your privacy disclosures
Come up with a homepage privacy link
Figure out the best way to handle consumer personal data requests
Identify and implement the necessary system changes
Train your employees
Strengthen your data security

How can CCPA software help your business?

Under the CCPA, your business is supposed to routinely implement new data privacy systems and policies to ensure the personal data of every consumer is fully protected. This act also extends the meaning of personal information to include data elements that weren’t previously considered personal data under any law in the United States. Failure to comply with this act results in hefty fines and the risk of being prosecuted by the consumer for violation of their privacy.

One of the best solutions to this problem is the use of data privacy compliance software. This program helps you with CCPA privacy compliance by enabling you to perform important functions like risk management reporting, compliance privacy audit, analytics privacy compliance, and other critical tasks related to data privacy compliance. Here are the main benefits of CCPA software for your business:

Provides you with a compliance framework with the necessary tools and controls to get started
Allows you to rapidly collect evidence to show your efforts toward compliance
Enables you to work with the productivity tools and solutions you already have
Allows you to re-use evidence across various compliance frameworks and controls
Gives you the ability to plan control to various regulatory standards, and reduces the time for compliance with all regulations that affect your business
Pinpoints & prioritizes your important operations to ensure timely compliance

Is the CCPA the same as the GDPR?

While both the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) are meant to guarantee people privacy of their personal information and ensure there is compliance, the two have several unique differences. For instance, the CCPA is meant to protect consumers (natural people who reside in California), while the GDPR focuses on data subjects (any person residing in the European Union who is identifiable, both directly and indirectly). Nevertheless, the two regulations are considered global solutions to data privacy, albeit under somewhat different circumstances.

Also, the CCPA regulates businesses that collect personal information from customers for purposes of selling it, while the GDPR focuses on information controllers and organizations which process data on behalf of controllers in the EU to ensure there's compliance. The GDPR applies to non-EU data processing organizations that process the personal data of EU residents when selling a product or service.

Privacy 101

More about CCPA.

Privacy Laws

The complete CCPA compliance solution.

Easily manage CCPA compliance for you business—in minutes.

Get Started