Quick Guide: 4 Steps to CCPA compliance

Regulation ¦ June 30th, 2020, 10:01 pm

In this post, we will walk you through the basic requirements and show how you can utilize Datawallet to become compliant today in 4 easy steps.

Setting up an effective compliance program can seem like an overwhelming task: Between the text of the California Consumer Privacy Act (CCPA, AB-375), multiple amendments and several iterations of the regulations of the Attorney General, it’s far from easy to understand what business leaders, CISOs, or compliance offers actually need to do to get their business ready for the CCPA.

1. Data governance, data inventory 

Start by looking at the data you collect and how you use it: Where does it come from, for which purposes is it collected, how is it stored and used across your organization, and who is it shared with? The compilation of a comprehensive data map is the perfect starting point for any effective compliance program. 

Example data map

Having trouble? Datawallet can help you map and explore your data. Data-mapping is a feature of our Consent Manager, and we’re happy to help you get started.

2. Receive and handle Data Subject Requests (DSR’s)

The CCPA gives consumers the right to request access and deletion of data, and to opt out of the sale of personal information. 

The Datawallet DSR manager makes this easy: Our elegant brandable web form allows consumers to submit their requests in a CCPA compliant manner, and we automatically generate a ticket in your task management software to guide you through the DSR-handling process. We automatically verify the identity-data of each requestor and we make sure you meet all the CCPA’s deadlines. 

Sign up now for Datawallet’s DSR manager. It’s free until the end of the year (no credit card required). Just follow the on screen instructions, or reach out to us if you need help with the setup.

3. The privacy policy

The next step is updating your privacy policy. To keep things simple, you can use our handy privacy policy template. Plug in the same information about your data-handling practices that you’ve compiled to set up your DSR Manager and your data map.

4. Preparing and displaying notices

The CCPA describes several notices to display to your customers:

  • The notice-at-collection, informing them of which data-categories are collected, for which purposes

  • A notice of your business’ financial incentive program, if available

  • The Do Not Sell My Personal Information link on every page where data is collected, if your business is selling information

We have templates for these notices as well, just reach out to us at and we’ll happily provide them to you for free.

Now you’ve taken the most important steps to become CCPA compliant. 

There are a few more items you should tackle internally, such as training staff, reviewing contracts, and more, as outlined in our comprehensive CCPA Preperation Guide. Datawallet can help with all the of those issues as well, just reach out to us.

Datawallet helps you get compliant with powerful out-of-the box tools in a matter of minutes. We’ve got you covered with our intuitive Data Subject Request (DSR) manager, our Consent Manager (CMP), and our data-mapping tool. If you want to jump right in, start your free trial of our easy-to-use compliance platform here (no credit card required)

Need something tailormade for your organization? Contact us at

Get the Data Digest in your inbox