What it is: The California Consumer Privacy Act, expanded by the California Privacy Rights Act in 2023.

Key difference from GDPR: CCPA is opt-out, not opt-in. Cookies and tracking can run by default, but Californians have the right to say, "Stop selling/sharing my data.”

What CCPA requires:

1. A “Do Not Sell or Share My Personal Information” link, visible on your homepage and footer.
2. A clear way to exercise that right (a button or a form).
3. Recognition of the Global Privacy Control (GPC) browser signal, when a visitor’s browser sends GPC, you must treat it as an opt-out automatically.

ConsentBit handles this when you:

• Enable CCPA mode in Settings → Compliance → CCPA
• Use geo-targeting to show the opt-out banner only to California visitors (or all US visitors, if you prefer)
• Leave Honor GPC signal turned on (it’s on by default)

‍