Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » CCPA » CCPA Privacy Notice

CCPA Privacy Notice

CCPA (California Consumer Privacy Act) Privacy Notice is a ‘notice at collection’ provided to customers about the types of Personal Information (PI) collected by the business along with the reason for collecting it. 

The CCPA privacy notice serves as the primary mechanism through which businesses communicate their data collection practices. It empowers consumers to make informed decisions about their personal data and exercise their rights under the CCPA. 

To make it more transparent, businesses should include information on the time period during which the PI was collected. 

In the notice, businesses must have a section that informs customers belonging to the state of California of their rights. 

An example of the personal information categories in a CCPA Privacy Notice:

CategoryCollectedDisclosedSold/SharedSources of Personal Information
A. Unique Identifiers

Examples: Full name, home address, phone number, device IDs, IP address, national ID number.		YesYesNoData Brokers, Public Records
B. Financial and Account Information

Examples: Account numbers, payment card details, transaction history, credit scores		YesYesNoFinancial Institutions, Service Providers
C. Demographic Data

Examples: Age range, gender, marital status, education level, household income.		YesNoNoSurvey Responses, Service Providers
D. Transactional Data

Examples: Purchase records, service subscriptions, product preferences, spending habits		YesYesNoE-commerce Platforms, Retailers
E. Health and Wellness Information

Examples: Medical history, exercise routines, dietary preferences, health monitoring data		NoN/AN/AN/A
F. Digital Activity Information

Examples: Online activity logs, cookies, interaction data with digital content, login history		YesYesNoWebsite Analytics, App Usage Data
G. Location Data

Examples: Real-time location, historical location data, travel patterns		YesYesNoMobile Apps, GPS Services

Additional reading

Cloud Compliance Overview: How To Achieve it ?

Cloud computing undoubtedly provides agility and flexibility to businesses. But with all the benefits it affords, it also introduces inherent security risks. Each cloud infrastructure type has its inherent vulnerabilities and this makes it essential to ensure that the provider upholds the highest standards of security and meets regulatory requirements. Without understanding these risks and…

Drata Pricing With Product Features

TL;DR Drata is a compliance automation platform supporting SOC 2, ISO 27001, HIPAA, GDPR, and more, with automated evidence collection and continuous control monitoring. Pricing typically starts at $7,500–$15,000/year for startups and scales to $30,000–$100,000+ annually depending on company size, frameworks, integrations, and add-ons. Core plans (Essential, Foundation, Advanced) vary by risk management depth, third-party risk features, API access,…

Top 10 Privacy Management Software in 2026 (Compared)

TL;DR Key capabilities of Privacy Management Software include data mapping, DSAR automation, consent management, privacy assessments, regulatory intelligence, vendor oversight, executive reporting, and workflow-driven accountability. Tools covered: Sprinto, Securiti, DataGrail, Transcend, OneTrust, TrustArc, Collibra, PrivacyEngine, and Didomi. Define your primary objective, align the platform with your operating model, assess integration depth and scalability, and choose…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales