How to be CPRA compliant?

Here are the key steps to make sure your business is compliant with CPRA:

  1. Determine if your business meets the requirements of CPRA.
  2. Create an inventory of what type of data you collect, including sensitive personal information (if any).
  3. Provide a “Do Not Share or Sell Personal Information” link on your website.
  4. Respect opt-out and global privacy controls (GPC) signals activated by users through browser settings.
  5. Provide a ‘Limit the use of my sensitive personal information” link on your website where you collect such information.
  6. Avoid using “dark patterns” to manipulate individuals into sharing their personal information.
  7. Update your privacy policy and explain all your data collection practices and the rights individuals have under CPRA.
  8. Respect user rights and provide means to exercise them.