Skip to content

Do Not Sell My Personal Information Requirements

Paige Harris Jun 5, 2022 8:00:00 AM

Having control over your personal information online should be a given. However, many online users find it daunting to monitor where their data goes and how organizations who have collected their data online use it. The local government passed the California Consumer Privacy Act (CCPA) to respond to this menace facing Californians. 

The CCPA governs what organizations can and can’t do with the personal data they gather from Californians. One of this regulation's most crucial and unique sections is the “Do Not Sell My Personal Information” requirement. To access our terms and service generator, click here.


What is a “Do Not Sell My Personal Information” option?

This is part of the provision in the CCPA that requires organizations that meet specific requirements to allow residents of California to opt-out of sales that may require their personal information. 

There are some exceptions to this provision. For example, it isn’t viewed as “selling” if the sharing of personal data is under the consumer's instructions, if it’s part of an acquisition or merger, or if you are informing a third party that you have opted out of sharing information.


What are the requirements for “Do Not Sell My Personal Information?”

According to the CCPA, organizations doing business in California that meet the following requirements should ensure they comply with the act. 

The requirements include:

  • $25 million annual gross revenue–if your business generates a yearly income of at least $25 million, you must comply with CCPA.
  • Serve at least 50,000 residents of California–if your company receives, sells, shares, or purchases the personal data of at least 50,000 Californian residents and mobile devices for commercial reasons, you must comply with CCPA.
  • 50% of annual gross revenue is related to the sale of personal data. Therefore, if your business generates at least 50% or more of the gross yearly income from the sale of California residents’ data, you must abide by the CCPA’s regulations.


'What should I include in a “Do Not Sell My Personal Information” page?

Here are essential elements every “Do Not Sell My Personal Information” page must include:


1. The Ability to Opt-Out

The “Do Not Sell My Personal Information” should explain a consumer’s right to opt-out of the sale of their private data. While the CCPA doesn’t provide a line-by-line explanation that companies must use to give their consumers the right to opt-out, each answer must be clear and brief.

Essentially, you should also detail the type of information that you’re collecting from your customers, such as the postal information, name, email address, and any other private information.


2. An Opt-Out Contact Form

Your “Do Not Sell My Personal Information” must also contain a form where users can sign up to opt out of selling their personal data. In the opt-out form, ask for basic information.

Do Not Sell


3. Optional Opt-Out Methods

Besides the opt-out form, the California Consumer Privacy Act also requires most companies to give more than one method of submitting a request. Other opt-out methods you can implement include:

  • Forms submitted in person
  • Forms submitted via mail
  • Email address
  • Toll-free telephone number

You can choose which of these substitute methods to provide your consumers, which will largely depend on how you usually communicate with them and their preferred communication method. 

Final Thoughts

The “Do Not Sell My Personal Information” provision is under the CCPA, a strict privacy law that provides consumers with greater rights over their private information and forces businesses to be more honest about using such data. As such, it is critical to follow the rules of the CCPA if you will be doing business in California.

Additionally, if you’d like to check out topics like what cookies are used for in websites or if GDPR apply to EU citizens, we have the info you need!

Leave a Comment