Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » CCPA » CCPA Data Subject Rights

CCPA Data Subject Rights

The California Consumer Privacy Act establishes a set of fundamental rights for the residents of California, known as data subjects concerning their personal information. These rights empower consumers with greater control over their data and increase transparency in how businesses handle their personal information. 

The key Data Subject Rights under the CCPA are:

Right to know: Consumers have the right to request that businesses disclose the categories and specific pieces of personal information collected about them, the sources of that information, the purpose for collecting or selling the information, and the categories of third parties with whom the information is shared. 

Right to delete: Consumers can request the deletion of their personal information collected by businesses, subject to certain exceptions such as completing transactions, detecting security incidents, or complying with legal obligations. 

Right to opt-out: Consumers have the right to direct businesses not to sell their personal information to third parties. Businesses must provide a clear and conspicuous “Do Not Sell My Personal Information” link on their website homepage to facilitate this right.

Right to non-discrimination: Businesses are prohibited from discriminating against consumers who exercise their CCPA rights. This includes denying goods or services, charging different prices, or providing a different quality of goods or services.

Right to access: Consumers can request access to their personal information free of charge, delivered by mail or electronically in a readily usable format that allows the consumer to transmit this information to another entity without hindrance.

Right to correct: Consumers have the right to correct inaccurate personal information that a business has about them.

Right to limit use:  Consumers have the right to limit the use and disclosure of sensitive personal information collected about them.

These Data Subject rights form the core of the CCPA’s consumer protection and aims to promote transparency, control, and accountability in the handling of personal information by businesses.

Additional reading

Third party risk management
Blogs Risk Management

Third-Party Risk Management: Mitigating External Risks

No CTO in their right mind trusts their vendors and contractors completely. Irrespective of their relationship, vendors will need to fulfill a due diligence baseline to qualify as a good fit and a safe choice. But what separates your company from being a secure one from a vulnerable one is the depth of your due…
SOC 2 Criteria Mapping to ISO 27001
Blogs ISO 27001 SOC 2

SOC 2 Criteria Mapping to ISO 27001 + Free Template

SOC 2 and ISO 27001 are both crucial compliance certifications that organizations go for in their compliance journey to enhance security and accelerate growth. Getting compliant with either of these compliances can be time taking and strenuous on your teams. Now imagine getting compliant for both. Are we looking at doubled expenses, resource utilization, opportunity…
cyber liability insurance
Blogs Cybersecurity

Cyber Liability Insurance: Meaning, Importance, Cost, Benefits

Technological developments have caused an increase in the number of cyber-attacks and security incidents today, and such incidents have become a severe threat to functionality, operations, and financial stability.  The sophisticated tactics of cyber threat actors across industries drive organizations to seek robust cyber insurance solutions. This has caused experts to believe that the cyber…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales