Start Free Trial
Home/Regulations/CCPA / CPRA (Retail) — Regulatory Reference
Regulatory Reference
Retail State high

CCPA / CPRA (Retail) — Regulatory Reference

Consumer data rights, opt-out of data sale — enforced at retrieval before data enters agent context.

Key Provisions
  • Same statutory framework as financial-services/ccpa-state-privacy.md
  • Retail-specific: marketing personalization, product recommendation models
  • Sale and sharing definitions cover cross-context behavioral advertising
How AutoPIL Enforces It
  • Opt-out state propagated to AI personalization and recommendation agents
  • Audit chain supports Right-to-Know responses
  • Sensitive personal information category enforced as sensitivity ceiling
Policy EngineSensitivity LabelsAudit LogCatalogAgent Registry
AutoPIL Policy IDs
RET-CCPA-OPT-001Personalization Opt-Out Enforcement
RET-CCPA-SPI-001Sensitive Personal Information Boundary
Official Sources
https://oag.ca.gov/privacy/ccpahttps://cppa.ca.gov/regulations/

This page is a working reference and not a substitute for qualified legal review. Verify against official sources before use in compliance artifacts.

AutoPIL Governance Platform

Enforce this regulation today

AutoPIL intercepts every AI agent data access call, enforces your policy, and writes a tamper-evident audit record — before sensitive data enters the agent context window.

Start Free Trial View All Industries