Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » CCPA » CCPA Privacy Notice

CCPA Privacy Notice

CCPA (California Consumer Privacy Act) Privacy Notice is a ‘notice at collection’ provided to customers about the types of Personal Information (PI) collected by the business along with the reason for collecting it.

The CCPA privacy notice serves as the primary mechanism through which businesses communicate their data collection practices. It empowers consumers to make informed decisions about their personal data and exercise their rights under the CCPA.

To make it more transparent, businesses should include information on the time period during which the PI was collected.

In the notice, businesses must have a section that informs customers belonging to the state of California of their rights.

An example of the personal information categories in a CCPA Privacy Notice:

Category	Collected	Disclosed	Sold/Shared	Sources of Personal Information
A. Unique Identifiers Examples: Full name, home address, phone number, device IDs, IP address, national ID number.	Yes	Yes	No	Data Brokers, Public Records
B. Financial and Account Information Examples: Account numbers, payment card details, transaction history, credit scores	Yes	Yes	No	Financial Institutions, Service Providers
C. Demographic Data Examples: Age range, gender, marital status, education level, household income.	Yes	No	No	Survey Responses, Service Providers
D. Transactional Data Examples: Purchase records, service subscriptions, product preferences, spending habits	Yes	Yes	No	E-commerce Platforms, Retailers
E. Health and Wellness Information Examples: Medical history, exercise routines, dietary preferences, health monitoring data	No	N/A	N/A	N/A
F. Digital Activity Information Examples: Online activity logs, cookies, interaction data with digital content, login history	Yes	Yes	No	Website Analytics, App Usage Data
G. Location Data Examples: Real-time location, historical location data, travel patterns	Yes	Yes	No	Mobile Apps, GPS Services

Additional reading

Blogs

Incident Management Policy – Download Free Template

Security incidents are inevitable. That doesn’t mean businesses can’t minimize the impact of these incidents soundly. Companies must be ready to respond effectively to cyber incidents to restore critical business functions. The best way to be fully prepared for incidents is by having a detailed incident management policy ready for reference. What exactly is this…

Blogs

SOX Controls: A Practical Guide

SOX compliance is rarely viewed as inspiring, but it should be. The Sarbanes-Oxley Act, now more than 20 years old, has been reduced to a set of rules to follow. In reality, it’s a proven framework for building durable financial systems and long-term credibility. SOX is fundamentally about trust: the kind that guides investor decisions…

Cyber Security Risk Assessments: How to Protect Your Business

Digital assets and data are the lifeblood of every organization today. But as with everything precious, they’re constantly at risk of being unlawfully accessed, tampered with, stolen, or transmitted. Such malicious actions can not only cause irreparable harm and damage to the organization but can severely hamper future business prospects. Cyber risk assessments are periodical…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales