---
title: "CCPA Deadlines and Compliance Calendar"
canonical_url: "https://www.sorena.io/artifacts/us/ccpa/deadlines-and-compliance-calendar"
source_url: "https://www.sorena.io/artifacts/us/california-consumer-privacy-act/deadlines-and-compliance-calendar"
author: "Sorena AI"
description: "Use the dates that actually shape California privacy work."
published_at: "2026-02-21"
updated_at: "2026-02-21"
keywords:
  - "CCPA deadlines"
  - "CCPA calendar"
  - "CPRA timeline"
  - "California privacy timeline"
  - "CCPA"
  - "Deadlines and Compliance Calendar"
  - "California privacy"
---
**[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform

[Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io)

---

# CCPA Deadlines and Compliance Calendar

Use the dates that actually shape California privacy work.

*Calendar* *CCPA*

## California CCPA Deadlines and Compliance Calendar

Grounded in the California statute, CPPA regulations, and current California enforcement themes.

California privacy programmes need both legal milestone dates and recurring operational deadlines. One without the other does not keep the programme current.

## Core California milestones

The original CCPA took effect on January 1, 2020. The CPRA amendments became operative on January 1, 2023 and CPPA enforcement began on July 1, 2023. The current rule set was updated again with regulations effective January 1, 2026.

- January 1, 2020: original CCPA commencement
- January 1, 2023: CPRA amendments operative
- July 1, 2023: CPPA administrative enforcement begins
- January 1, 2026: current updated regulations take effect

*Recommended next step*

*Placement: after the timeline or milestone section*

## Turn California CCPA Deadlines and Compliance Calendar into an operational assessment

Assessment Autopilot can take California CCPA Deadlines and Compliance Calendar from planning deadlines, owners, and milestones from this page to a reusable workflow inside Sorena. Teams working on California CCPA can keep owners, evidence, and next steps aligned without copying this guide into separate documents.

- [Open Assessment Autopilot for California CCPA Deadlines and Compliance Calendar](/solutions/assessment.md): Start from California CCPA Deadlines and Compliance Calendar and turn the guidance into owned tasks, evidence requests, and review checkpoints.
- [Talk through California CCPA](/contact.md): Review your current process, evidence gaps, and next steps for California CCPA Deadlines and Compliance Calendar.

## Recurring operational deadlines

Most California pressure comes from rights timing and programme maintenance rather than from commencement anniversaries.

- 45 days to respond to most consumer requests, with one 45 day extension where justified
- Keep consumer request records and related process evidence for at least 24 months
- Review privacy policy and notice at collection content after material data map changes
- Retest GPC and do not sell or share flows after adtech or vendor changes

## Planning for newer obligations

If the business is likely to fall into newer California cybersecurity audit or risk assessment rules, add forward looking dates now rather than waiting for the threshold year to pass.

- Track whether risk assessment or cybersecurity audit triggers will apply in 2026 or 2027
- Watch the April 1 reporting cycle for the first newer California submissions where applicable
- Plan annual January data broker registration if the business qualifies as a data broker
- Tie board level privacy review to the yearly regulatory update cycle

## Primary sources

- [CPPA regulations](https://cppa.ca.gov/regulations/?ref=sorena.io) - Official California regulations hub.
- [California privacy statute effective January 1, 2026](https://cppa.ca.gov/regulations/pdf/ccpa_statute_2026.pdf?ref=sorena.io) - Current statutory text as reflected in CPPA materials.
- [CPPA FAQ](https://cppa.ca.gov/faq.html?ref=sorena.io) - Official California FAQ.
- [CPPA CCPA updates](https://cppa.ca.gov/ccpa_updates.html?ref=sorena.io) - Rulemaking and effective date updates.

## Related Topic Guides

- [CCPA Applicability Test | California Scope Test](/artifacts/us/california-consumer-privacy-act/applicability-test.md): Test whether a business is in scope under the current California threshold model.
- [CCPA Checklist | California Privacy Compliance Checklist](/artifacts/us/california-consumer-privacy-act/checklist.md): Track the California controls that must actually exist in policy, product, and vendor operations.
- [CCPA Compliance Program | California Operating Model](/artifacts/us/california-consumer-privacy-act/compliance.md): Build a California privacy programme that survives regulator questions and product change.
- [CCPA Consumer Rights Workflow | 45 Day Request Handling](/artifacts/us/california-consumer-privacy-act/consumer-rights-workflow.md): Run California rights operations with clear timing, verification, and downstream instructions.
- [CCPA Enforcement and Penalties | CPPA and AG Exposure Guide](/artifacts/us/california-consumer-privacy-act/enforcement-and-penalties.md): Understand how California enforcement usually starts and what evidence the agency will ask for.
- [CCPA FAQ | Practical California Privacy Answers](/artifacts/us/california-consumer-privacy-act/faq.md): Answer the California privacy questions that usually stall implementation.
- [CCPA Penalties and Fines | California Exposure Summary](/artifacts/us/california-consumer-privacy-act/penalties-and-fines.md): Know the penalty ranges, then work backward to the controls that reduce them.
- [CCPA Privacy Notices and Disclosures | California Notice Architecture](/artifacts/us/california-consumer-privacy-act/privacy-notices-and-disclosures.md): Design the California notice stack so each disclosure appears in the right place and says the right thing.
- [CCPA Privacy Policy Template | Required California Disclosures](/artifacts/us/california-consumer-privacy-act/ccpa-privacy-policy-template.md): Write a California privacy policy that actually matches the statute and regulations.
- [CCPA Requirements | California Control Requirements](/artifacts/us/california-consumer-privacy-act/requirements.md): Translate California law into control statements that can be implemented, tested, and audited.
- [CCPA Scope and Thresholds | California Business Threshold Guide](/artifacts/us/california-consumer-privacy-act/scope-and-thresholds.md): Use the real California threshold tests instead of rough privacy folklore.
- [CCPA Service Provider and Contractor Contracts](/artifacts/us/california-consumer-privacy-act/service-provider-contractor-contracts.md): Draft California vendor contracts that work in practice, not only on paper.
- [CCPA vs CPRA | What Actually Changed in California Privacy](/artifacts/us/california-consumer-privacy-act/ccpa-vs-cpra.md): A practical CCPA vs CPRA delta guide grounded in the current California statute, CPPA regulations, and official agency guidance.
- [CCPA vs GDPR | California and EU Privacy Comparison](/artifacts/us/california-consumer-privacy-act/ccpa-vs-gdpr.md): Compare California CCPA obligations with the GDPR without assuming the two models are interchangeable.
- [Do Not Sell or Share Implementation | CCPA and GPC Guide](/artifacts/us/california-consumer-privacy-act/do-not-sell-share-implementation.md): Implement California opt out controls that actually work across websites, apps, and partner pipelines.


---

[Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us)

(c) 2026 Sorena AB (559573-7338). All rights reserved.

Source: https://www.sorena.io/artifacts/us/california-consumer-privacy-act/deadlines-and-compliance-calendar