CCPA and CPRAFree Resource

California Consumer Privacy Act Timeline and Decision Flow

Translate the California Consumer Privacy Act into an operating model for threshold analysis, notice design, consumer rights handling, do not sell or share controls, and vendor contract enforcement.

Built from the current California statute and CPPA regulations, including the rules effective January 1, 2026. This is implementation guidance, not legal advice.

Get a CCPA review
Publication details
Editorial metadata for this artifact
Author
Sorena AI
Published
Feb 21, 2026
Updated
Feb 21, 2026
What teams can decide faster
Whether the business is in scope
Test the 25 million dollars, 100,000 consumers or households, and 50 percent sale or sharing revenue thresholds.
What disclosures are required
Operationalize notice at collection, privacy policy, opt out notices, and financial incentive notices.
How to honor consumer choice
Run 45 day rights workflows, process GPC, and push opt out instructions to vendors.
By Sorena AIUpdated 2026No signup required
Quick scan
CCPA
Scope
Validate threshold and business-role applicability with evidence.
Consumer rights
Run know, delete, correct, and opt-out workflows at scale.
Contracts and disclosures
Align service provider contracts and privacy notices to legal requirements.
Open each subpage to execute requirements with advanced, role-specific guidance.
CPRA
Current regime
GPC
Signal support
DSAR
Rights ops
CPPA
Regulator
Scope-ready
Rights-ready
Enforcement-aware
CCPA Timeline

Key milestones for California privacy operations

Track statutory, regulatory, and enforcement developments that affect privacy program decisions and implementation timing.

Loading timeline...
CCPA Decision Flow

How to operationalize CCPA and CPRA obligations

Use the decision flow to sequence scope, rights, disclosures, sale and sharing controls, and contract updates with evidence outputs.

Loading decision map...

Topic guides

Deep dive pages for implementation planning, controls, reporting, and evidence.

1
CCPA Applicability Test | California Scope Test
Test whether a business is in scope under the current California threshold model.
Read Guide
2
CCPA Checklist | California Privacy Compliance Checklist
Track the California controls that must actually exist in policy, product, and vendor operations.
Read Guide
3
CCPA Compliance Program | California Operating Model
Build a California privacy programme that survives regulator questions and product change.
Read Guide
4
CCPA Consumer Rights Workflow | 45 Day Request Handling
Run California rights operations with clear timing, verification, and downstream instructions.
Read Guide
5
CCPA Deadlines and Compliance Calendar
Use the dates that actually shape California privacy work.
Read Guide
6
CCPA Enforcement and Penalties | CPPA and AG Exposure Guide
Understand how California enforcement usually starts and what evidence the agency will ask for.
Read Guide
7
CCPA FAQ | Practical California Privacy Answers
Answer the California privacy questions that usually stall implementation.
Read Guide
8
CCPA Penalties and Fines | California Exposure Summary
Know the penalty ranges, then work backward to the controls that reduce them.
Read Guide
9
CCPA Privacy Notices and Disclosures | California Notice Architecture
Design the California notice stack so each disclosure appears in the right place and says the right thing.
Read Guide
10
CCPA Privacy Policy Template | Required California Disclosures
Write a California privacy policy that actually matches the statute and regulations.
Read Guide
11
CCPA Requirements | California Control Requirements
Translate California law into control statements that can be implemented, tested, and audited.
Read Guide
12
CCPA Scope and Thresholds | California Business Threshold Guide
Use the real California threshold tests instead of rough privacy folklore.
Read Guide
13
CCPA Service Provider and Contractor Contracts
Draft California vendor contracts that work in practice, not only on paper.
Read Guide
14
CCPA vs CPRA | What the California Amendments Changed
Compare the original CCPA and the CPRA amendments using the deltas that change real implementation work.
Read Guide
15
CCPA vs GDPR | California and EU Privacy Comparison
Compare California CCPA obligations with the GDPR without assuming the two models are interchangeable.
Read Guide
16
Do Not Sell or Share Implementation | CCPA and GPC Guide
Implement California opt out controls that actually work across websites, apps, and partner pipelines.
Read Guide
Next step

Turn California Consumer Privacy Act Timeline and Decision Flow into a cited research workflow

California Consumer Privacy Act Timeline and Decision Flow should be the shared entry point for your team. Route execution into Research Copilot for live work and into SSOT when the artifact needs deeper research, evidence governance, or supporting analysis.

What this unlocks
  • Start from California Consumer Privacy Act Timeline and Decision Flow and route the work by entity, product, team, or control owner.
  • Use Research Copilot to answer scope, timing, and interpretation questions with cited outputs.
  • Use SSOT to keep documents, evidence, and control records in one governed system.
  • Move from artifact reading to accountable execution without rebuilding the guidance in separate files.
Recommended route
Open Research Copilot
Answer scope, timing, and interpretation questions with cited outputs for California Consumer Privacy Act Timeline and Decision Flow.
Supporting route
Open SSOT
Keep documents, evidence, and control records in one governed system from the same artifact.
Talk to Sorena
Talk through California Consumer Privacy Act Timeline and Decision Flow
Review your current process, evidence model, and next steps for California Consumer Privacy Act Timeline and Decision Flow.
Discuss your setup
California CCPA compliance artifact preview
Share it internally
Download the artifact exports to align legal, product, engineering, and commercial teams.