Privacy Policy
(CCPA and CPRA Compliant)


This privacy policy form is an external, customer-facing data privacy policy intended for entities covered by the disclosure and transparency requirements of the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA). This template includes practical guidance, drafting notes, and alternate clauses. The purpose of the privacy policy is to provide consumers with a comprehensive description of a business's personal information practices, to inform consumers about their rights with regard to their personal information, and to provide any information necessary for them to exercise those rights. Cal. Code Regs. tit. 11, § 7011(a). Privacy policies can vary depending on unique factors (e.g., the nature of the data collected, industry-specific regulatory obligations, and protections for certain types of consumers), and should be tailored to account for your organization's specific business objectives and intended audience. Before drafting...