What is considered Personal Information under the California Consumer Privacy Act (CCPA)

In 2018, when GDPR (General Data Protection Regulation) was introduced, we were given a specific definition of what Personal Information meant. You can find our article on that here. While CCPA uses much of the same information in its definition, it also adds more to the list.

Personal Information under CCPA can be summarized in the following 11 categories:

  1. Identifiers
    • examples: real name, alias, postal address, email address, etc.
  2. Select Information in Customer Records
    • examples: bank account number, credit card number, debit card number, etc.
  3. Legally Protected Characteristics
  4. Commercial Purchasing Information
  5. Biometric Information
  6. Internet or Network Activity
    • examples: browsing history,  search history, etc.
  7. Geolocation
  8. Information Typically Detected by the Senses
    • examples: audio, electronic, visual, etc.
  9. Employment Information
  10. Education Information
  11. Inferences from Above Used to Profile

Under CCPA, Personal information basically is anything that identifies, relates to, describes, is capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household.

Information that is lawfully made publicly available from federal, state, or local government records is excluded from this definition.


Have more questions? Submit a request


Article is closed for comments.
Powered by Zendesk