Intelation Logo

Intelation

California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)

Intelation empowers organizations to comply with California’s consumer data privacy laws.

The California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) are landmark data privacy laws in the U.S., designed to grant California residents greater control over their personal information. These regulations strengthen consumer rights, improve transparency, and hold businesses accountable for how they collect, use, and share personal information.

The CCPA, effective January 1, 2020, grants California residents specific rights over their personal data and requires transparency from businesses. The CPRA, effective January 1, 2023, often called “CCPA 2.0,” expands consumer rights, establishes the California Privacy Protection Agency (CPPA) for enforcement, and increases business accountability.

Who Must Comply & Why?

These laws were created to:

  • Give California residents greater control over their data.
  • Increase transparency in data collection and sharing.
  • Hold businesses accountable for misuse of personal data.
  • Serve as a state-level model for U.S. data privacy, similar to GDPR.
1

Applicability

Any for-profit business must comply with CCPA/CPRA if it meets any of the following, even if it is not based in California:

  • Annual gross revenue of over $25 million.
  • Buys, sells, or shares the personal information of 100,000+ California residents or households.
  • Derives 50% or more of annual revenue from selling or sharing personal information.
2

Liabilities for Non-Compliance

Organizations that fail to comply face:

  • Civil penalties: up to $2,500 per violation or $7,500 per intentional violation.
  • Enforcement by the California Privacy Protection Agency (CPPA).
  • Risk of lawsuits and high legal costs from data breaches.

Consumer Rights Under CCPA/CPRA

Consumers have the right to know what personal information is collected, how it’s used, and with whom it’s shared.

Consumers can request the deletion of their personal data and ask for inaccurate personal information to be corrected.

Consumers have the right to stop the sale or sharing of their personal information and to restrict the use of sensitive personal data (e.g., health, financial, biometric information).

Businesses cannot provide unequal service or pricing to consumers who exercise their privacy rights.

Intelation’s Compliance Solutions

We simplify compliance with automation, transparency, and real-time monitoring.

Consumer Rights Request Automation

Automate access, deletion, correction, and opt-out requests.

Do Not Sell / Share Signal Processing

Honor consumer preferences with Global Privacy Control (GPC).

Data Mapping & Classification

Identify, categorize, and track data flows across regions.

Dynamic Privacy Policy Management

Automatically update and manage policies by jurisdiction.

Compliance Dashboard

Monitor, audit, and report compliance in real-time.

Cookie Preferences

Select which types of cookies you allow us to use:

These cookies are essential for the website to function and cannot be switched off. They are usually only set in response to actions like setting your privacy preferences, logging in, or filling out forms.

  • userConsent: Stores the user’s cookie preferences.

These cookies help us understand how visitors interact with the website by collecting and reporting information anonymously.

  • _ga*: Registers a unique ID to generate statistical data on how the user uses the site.

These cookies are used to track visitors across websites to display ads that are relevant and engaging for the individual user.

  • bcookie: Browser Identifier cookie used for diagnostic purposes for LinkedIn