Privacy Laws 2025: Prepare for the 8 Laws Going into Effect
Businesses in the US will be subject to a lot more scrutiny from...
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Complying with the California Privacy Rights Act (CPRA) can be a major challenge. Let Osano be your CPRA compliance solution with capabilities for managing opt-out requests, processing universal preference signals like the Global Privacy Control, automation for consumer and employee subject rights requests, and more.
Not enough time to slog through pages of legalese? Check out our primer to the CPRA below.
The California Consumer Protection Act (CCPA) was essentially the first iteration of the CPRA. The CCPA was enacted into law in 2018 and became effective in 2020, but privacy advocates immediately felt it wasn't strong enough.
This led to the creation of the CPRA, which went into effect January 1, 2023, and strengthened the CCPA. Nowadays, people often use the terms CCPA and CPRA interchangeably. Here are some of the new changes introduced by the CPRA.
If you do business in California, the odds are you’re subject to the CPRA. Specifically, the CPRA applies if you do business in California, collect the personal data of Californians or have it collected for you, and fit one or more of these criteria:
The CPRA may very well be one of the strictest laws in the U.S. when it comes to data privacy. Here are just a few of its requirements.
Unlike other U.S. privacy laws, two different authorities can enforce the CPRA: the California Attorney General and the California Privacy Protection Agency (CPPA). When the CPRA was enacted into law, it also created the CPPA, whose sole job is to enforce the CPRA. If you’re found to violate the law, either authority could penalize you. Additionally, individual citizens can sue under the CPRA if their personal account access information is exposed in a data breach.
When California citizens visit your website, you need to provide the appropriate disclosures and data collection consent options. Osano detects the geolocation of California visitors and automatically displays the relevant banner to them. If visitors opt out, Osano blocks the relevant data trackers on your website, keeping you in compliance.
When a data subject makes a request under the CPRA, you have to meet that request within 45 days. Responding to DSARs takes time away from more strategic initiatives, and 45 days can go by pretty quick if you experience a high volume of requests. Osano streamlines the subject rights request process, automates common request types, and enables a faster, more accurate workflow.
If you’ve ever had to depend on manual spreadsheets or the limited capacity of your organization’s data analysts, you know that mapping your organization’s personal data stores is a time-consuming, reactive task.
Osano Data Mapping provides a privacy-focused data mapping solution that dramatically accelerates the mapping process and reduces errors through automation.
If you do business in California, then the CPRA requires you to establish the right contractual provisions with your third parties, service providers, and contractors. Osano Vendor Risk Management can help you identify vendors who can live up to those contractual standards and give your customers’ data the protection it deserves.
Discover actionable tips straight from our team of legal and privacy experts through our blogs, webinars, eBooks, guides, and more.
Learn why organizations that invest in data privacy gain a return of up to $2.70 for every dollar spent.
Download NowLattice uses Osano to eliminate operational complexity, align marketing and compliance teams, and fulfill its promise of being a privacy-first organization.
Read NowDownload our checklist to learn what your first steps should be, regardless of which law applies to your organization.
Download NowSimplify CPRA compliance with Osano. Let us show you exactly how easy meeting your CPRA obligations can be.