State privacy overview

California Data Privacy: A Plain-Language Overview

Informational summary · California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA)
General information — not legal advice. This overview is provided for general educational purposes only and may not reflect the most recent changes in the law. It is not legal advice and does not create any attorney–client relationship. Verify current requirements with the state's official resources and consult qualified counsel before acting.

California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA)

Status: Fully in effect as of 2023 and enforced by the California Privacy Protection Agency (CPPA).

California has a comprehensive data privacy law that grants residents significant control over their personal information. It requires businesses to be transparent about data collection and provides consumers with the right to access, delete, and correct their data.

Rights residents generally have

Who it generally applies to

Generally applies to for-profit businesses that operate in California and meet one of the following: have annual gross revenue over $25 million, buy/sell/share personal information of 100,000+ consumers, or derive 50%+ of revenue from selling personal information.

What this means for B2B outreach

In California, the law generally applies to personal information regarding individuals in a business context. However, business contact information—such as a job title and business email address used solely for business purposes—often does not count as personal information under the CCPA if it is not used for a personal reason.

Authoritative source: California Privacy Protection Agency (CPPA) and California Department of Justice. Always confirm current requirements there.

Marketing that respects privacy by design

We run permission-based, compliance-minded campaigns with real opt-out handling.

Talk to us

← All state privacy overviews