Comply with California’s CPRA
The California Privacy Rights Act (CPRA) extends California's privacy protections and increases the technical complexities of compliance. With enforcement underway, leading companies are using Transcend to encode privacy directly into their tech stacks for seamless, yet robust compliance.
NEW TO CPRA?
What businesses need to know
California’s CPRA amends the CCPA—expanding consumer rights, adding the sensitive personal information data designation, removing the 30 day cure period, and more.
Effective Jan 1, 2023
The CPRA went into effect January 1, 2023 and, after a surprise reversal of a 2023 delay, enforcement is currently underway. For more details on CPRA compliance, check out our full guide.
Expanded consumer rights
The CPRA expands the privacy requirements businesses must fulfill, including targeted advertising opt outs (Do Not Share) and the right to limit sensitive personal information. Companies seeking to honor privacy rights under CPRA's scope need a solution that can flex and scale with as regulation shifts.
CPPA enforcement
The CPRA creates a new agency, the California Privacy Protection Agency (CPPA), responsible for creating and enforcing California’s data protection privacy laws. Consistent with the current CPPA, the California Attorney General still retains enforcement powers.
DO NOT SELL OR SHARE
Honor browser privacy signals and opt-out requests.
The CPRA requires companies to provide their users the ability to opt out of the selling or sharing of their personal data–including data shared with most ad networks for targeted, or cross-context behavioral, advertising.
Transcend is the only platform that manages this end-to-end – from governing both client-side and backend data flows to enforcing end user preferences across ad platforms.
EXPANDED DSAR RIGHTS
Engineered to fit your unique needs.
The CPRA expands individual rights to include job applicants, contractors, employees and minors. As these data subject rights broaden, the data systems, legal holds, and other nuances your business needs to consider will inevitably increase.
Depend on Transcend to handle it all. We've engineered Privacy Requests with flexibility, so you can overcome the privacy hurdles of today and the needs of tomorrow with peace of mind. Read our docs on how to support employee data rights.
const privacyRequest = await transcend.get(`/data-subject-request/${id}`); if (privacyRequest.type === 'ERASURE') { await deleteUserById(privacyRequest.coreIdentifier); }
Submit a request programmatically to Transcend to be processed. Or, use Transcend's no-code Privacy Center to receive requests.
DATA GOVERNANCE REQUIREMENTS
See personal data, wherever it lives
From requirements in data minimization to new purpose and data retention limitations, CPRA codifies data governance concepts, all requiring granular metadata about how and why data is used and stored, as well as the ability to modify that data. With CPRA, Data Mapping is no longer a nice to have, it is foundational to comprehensive compliance.
COMPLIANCE WITHOUT COMPLEXITY
Engineered to enable efficient operations and seamless compliance.
Consent
California requires businesses to recognize and honor all opt-out requests, including those from privacy signals like GPC. Transcend goes beyond basic compliance and ensures user opt outs are propagated downstream by automatically appending platform-specific flags like Facebook’s LDU and Google’s RDP.
More resources
Blog: 9 Step CPRA Compliance Checklist
An overview of best practices for building a nimble, future-proof privacy program with steps companies should take today to start preparing for CPRA enforcement.
What Sephora's $1.2M Settlement Means for CPRA Compliance
Get quick insights and learn why honoring browser privacy signals, like Global Privacy Control (GPC), is crucial for compliance
Webinar: Preparing for CPRA
Transcend CEO, Ben Brook, and Transcend Head of Privacy, Brandon Wiebe discuss key ways CPRA differs from CCP and how to Achieve CPRA compliance by January 1, 2023
Implementation Guide: Opt Out Requirements
How to use Transcend to comply with California’s “Do Not Sell or Share My Personal Data” opt-out requirements.
CCPA vs CPRA: California's privacy laws explained
The CPRA amends the CCPA–modifying its scope, expanding consumer rights, and adding additional regulations around commercial data collection and processing.
The Complete Guide to CPRA Compliance
The California Privacy Rights Act is a trailblazing privacy bill that expanded data privacy requirements for all businesses operating or serving customers in the California.