UniConsent

CPRA California Privacy Rights Act Compliance and Consent Solution

California Privacy Rights Act (CPRA) vs CCPA, All about California Privacy Rights Act of 2020.

FeaturesGet Started

CPRA

What is CPRA? California Privacy Rights Act?

The California Privacy Rights Act (CPRA) is a state-wide data privacy bill passed into law in the General Election 2020. CPRA is expanding the existing CCPA, which is a stronger more GDPR like privacy law compared with CCPA.

CPRA expands the requirement for consent to cover more scenarios compared to CCPA. CPRA updated the opt-out right to specifically regulate personalized advertising and its use of personal information.

CPRA requires more controls and more function buttons compared with CCPA: "Do Not Share My Personal Information", "Limit the Use of My Sensitive Personal Information", "Correct My Information".

What is the enforcement date of the California Privacy Rights Act (CPRA)?

The California Privacy Rights Act (CPRA) passed on November 3, 2020.

The California Privacy Rights Act (CPRA) takes effect on January 1, 2023 and becomes fully enforceable on July 1, 2023, lookback period to January 1, 2022. You still have time to compliant with California Privacy Rights Act (CPRA).

The California Privacy Rights Act (CPRA) Summary and Consent

  • Consent needed for the selling or sharing personal information after a user has already opted out.
  • Consent needed when selling or sharing the personal information of minors.
  • Consent needed for secondary use, selling or sharing of sensitive personal information after a user has opted out
  • Consent needed for research exemptions
  • Consent needed to opt-in to a financial incentive

The California Privacy Rights Act (CPRA) Timeline

  • January 1, 2021: California Privacy Rights Act (CPRA) goes into law and the California Privacy Protection Agency (CPPA) is established.
  • July 1, 2021: process for formulating and adopting CPRA regulations begin.
  • January 1, 2022: PI collection becomes liable under the CPRA’s one-year lookback period.
  • July 1, 2022: deadline for final CPRA regulations to be adopted by the California Privacy Protection Agency.
  • January 1, 2023: CPRA enters into full force.
  • July 1, 2023: Enforcement of the CPRA begins under the California Privacy Protection Agency.

CPRA applies to The following Businesses

For-profit businesses that collect personal information from California residents determine the purposes in California and meet any of the following:

  • Has an annual gross revenue exceeding $25 million
  • Derives 50% or more of its annual revenues from selling or sharing consumers’ personal information
  • Buys, sells or shares the personal information of more than 100,000 consumers or households per year

CPRA Consumer Rights

  • Right to correction
  • Right to know about automated decision making
  • Right to opt-out of automated decision making
  • Right to limit the use of sensitive personal information (PI)
  • Right to delete
  • Rights of minors
  • Right to data portability

CPRA fines for non-compliance

Automatic $7,500 fine for a violation involving the personal information of minors.

CCPA vs CPRA

The California Consumer Privacy Act (CCPA) entered into effect on January 1, 2020; The California Privacy Rights Act (CPRA) is a replacement of CCPA to be a more GDPR like law and will begin enforcing the CPRA from July 1, 2023.

CPRA replaces the CCPA's Do Not Sell button with Do Not Sell Or Share My Personal Information, added share; added Limit The Use Of My Sensitive Personal Information.

UniConsent CMP has the built-in UI, integration and GDPR-like features for CPRA compliant.

What is the California Privacy Protection Agency (CPPA)?

California will have a data protection authority like GDPR's national DPA that supervise and enforce the EU’s data privacy laws.

Other US State Privacy Laws

  • CCPA: California Consumer Privacy Act, learn more at CCPA
  • CPRA: California Privacy Rights Act, learn more at CPRA
  • CPA: Colorado Privacy Act, learn more at CPA
  • VCDPA: Virginia Consumer Data Protection Act, learn more at VCDPA
  • UCPA: Utah Consumer Privacy Act, learn more at UCPA
  • COPPA: Children’s Online Privacy Protection Act, learn more at COPPA

Compare different US State Privacy Laws

How to compliant with the California Privacy Rights Act (CPRA)?

Use a consent management platform like UniConsent to offer consumers full control of data collection, opt-out features, manage the preferences communication for CPRA compliance together with GDPR.

Comply With Global Privacy Regulations

General Data Protection Regulation (GDPR)

Achieve seamless compliance with the General Data Protection Regulation (GDPR) – the cornerstone of data privacy in the European Union. Safeguard user data and build trust with our comprehensive GDPR compliance solutions.

California Consumer Privacy Act (CCPA)

Navigate the intricate landscape of the California Consumer Privacy Act (CCPA) effortlessly. Our CCPA compliance tools ensure that you adhere to the rigorous data protection standards required for California residents.

U.S. State Privacy Laws

Stay ahead of evolving privacy regulations in the United States. Our platform supports a range of state-specific laws, including CCPA, CPRA, CPA, VCDPA, UCPA, and COPPA, ensuring you remain compliant across all jurisdictions.

California Privacy Rights Act (CPRA)

Embrace the future of data privacy with the California Privacy Rights Act (CPRA). As a pioneering state-level legislation, CPRA empowers businesses to enhance their data protection practices and prioritize consumer privacy.

Colorado Privacy Act (CPA)

Prepare for the Colorado Privacy Act (CPA) with UniConsent CMP. Our solutions help you meet the stringent requirements of this forward-thinking state-level privacy law, ensuring the highest level of data security and compliance.

Virginia Consumer Data Protection Act (VCDPA)

Comply confidently with the Virginia Consumer Data Protection Act (VCDPA). UniConsent CMP provides the tools and expertise to ensure your organization aligns with VCDPA's robust data privacy framework, bolstering trust among Virginia residents.

Utah Consumer Privacy Act (UCPA)

Protect user data effectively with the Utah Consumer Privacy Act (UCPA). UniConsent CMP offers solutions that facilitate compliance with this emerging privacy law, ensuring your business is well-prepared for data privacy challenges in Utah.

Connecticut Data Protection Act (CTDPA)

Guard user information and uphold their privacy rights under the Connecticut Data Protection Act (CTDPA). UniConsent CMP's suite of compliance tools empowers you to navigate this state-level law seamlessly and responsibly.

Children’s Online Privacy Protection Act (COPPA)

Prioritize children's privacy with UniConsent CMP's COPPA compliance solutions. Complying with the Children’s Online Privacy Protection Act (COPPA) is simplified, allowing you to provide a safe online environment for young users.

General Data Protection in Thailand (PDPA)

Adhere to the Personal Data Protection Act 2019 (PDPA) in Thailand with UniConsent CMP. Our expertise in PDPA compliance ensures that your organization can operate confidently and securely in the Thai market while respecting user data privacy.

The General Data Protection Law in Brazil (LGPD)

UniConsent CMP facilitates compliance with Brazil's General Data Protection Law (LGPD). Our solutions empower businesses to meet LGPD's stringent requirements, safeguarding the personal data of individuals in Brazil.

China Personal Information Protection Law (PIPL)

Prepare for the China Personal Information Protection Law (PIPL) with UniConsent CMP. As data protection regulations evolve in China, our platform ensures your organization is well-equipped to handle personal information responsibly and securely.

Protection of Personal Information Act in South Africa (POPIA)

The Summary of Protection of Personal Information Act, POPI Act, POPIA, South African Privacy Law.

India’s Personal Data Protection (PDP)

The Personal Data Protection bill for India could require changes to your data management and is not directly solved with GDPR compliance.

Turkey Personal Data Protection Law (KVKK)

The Summary of Turkey’s Personal Data Protection Law: KVKK.

UK General Data Protection Regulation (UK GDPR)

Achieve seamless compliance with the General Data Protection Regulation (GDPR) – the cornerstone of data privacy in the UK. Safeguard user data and build trust with our comprehensive GDPR compliance solutions.

IAB registered consent manager for GDPRIAB TCF V2 registered consent manager for GDPRIAB TCF Canada registered consent managerGoogle-certified CMPGoogle-certified CMP
Trusted by 5000+ of global publishers and marketers
  • sej
  • football365
  • sharethrough
  • districtm
  • pf1
  • tower cast

Get started to make your website and application compliant for EU GDPR, US CPRA, CA PIPEDA etc

Sign up