top of page

CCPA in Salesforce

What is CCPA?

The California Consumer Privacy Act (CCPA) regulates data privacy obligations for organizations which do business in the State of California and came into effect on January 1st, 2020. 

Who does it apply to?

Any enterprise, regardless of location, which collects or processes personal data of California residents are subject to CCPA regulations if they meet one of the following criteria:


  • Revenue above $25 million
  • Make 50% or more of revenue from the selling of consumers personal information
  • Receives, buys or sells 50’000 or more consumers or household's personal information

Does it have a Salesforce impact?

Salesforce serves as a system of engagement and customer interaction for businesses. This makes it a significant data store of Personally Identifiable Information (PII) such as
  • Lead, Contact, User
  • Person Account, Household
  • Case, Opportunity, Quote, Order etc. 
In addition, custom and managed package objects also store PII and often require CCPA compliance.
Data privacy challenges for Salesforce customers are common across industries and company size, and require capabilities to standardize, streamline and automate.

What do I need to consider for my Salesforce Org?

​There are three main business considerations for CCPA:

  • Disclosures
  • Consumer requests
  • Opt-outs


CCPA outlines three basic rights for consumers; The Right To Knowledge, Right To Be Forgotten, and The Right To Control who has access to their personal information.
bottom of page