CPA Compliance


Get ready for Colorado Privacy Act (CPA)

Understand how the CPA will impact your business and digital activities, and how Didomi can help solve key challenges.

  Request a demo

OUR Strengths

Built for multi-regulations

Designed with a multi-regulation framework at its core, ensuring adaptability and resilience in the ever-evolving landscape of data privacy laws. 

Dedicated support

You'll work with a highly specialized privacy tech team, from implementation to ongoing assistance with regulation changes and framework updates. 

Purpose-built to solve key challenges

From powerful branding and customization options, to the most advanced analytics available, our CMP is specifically designed to help you leverage consent as part of your wider business strategy.

Client=Societe Generale, Color=Blue Client=Volvo, Color=Blue Client=Orange, Color=Blue Client=Gameloft, Color=Blue Client=Rakuten, Color=Blue Client=Michelin, Color=Blue Client=Harrods, Color=Blue

What to expect

July 2023: CPA enforcement begins


Colorado consumers have new rights:

  • Opt-out of data sale/use in targeted ads and significant profiling
  • Access personal data held by companies
  • Correct inaccuracies in personal data
  • Request deletion of personal data
  • Transfer data to a different company
  Request a demo

As a business, you have new obligations:

  • Provide a clear privacy notice
  • Notify users about data sales and opt-out options
  • Collect only necessary data
  • Secure personal data against unauthorized access
  • Get explicit consent for sensitive data
  • Detail data collection, use, rights, and third-party sharing in the notice
  • Comply with universal opt-out requirements
  • Promptly handle data access, correction, deletion, and portability requests
  • Conduct data protection assessments for risky processing activities
  Request a demo

Financial and reputational risks for a business:

  • Civil penalties up to $2,000 per violation, max $500,000 for related issues
  • 60-day cure period for breaches until Jan 1, 2025
  • Immediate action possible without cure period after this date
  • Risk of reputation damage and customer loss. 40% of consumers would switch brands after a negative privacy experience*


* source: Google/IPSOS

  Request a demo

Learn more about CPA

Type=Blog, Regulation=CPA
Blog article
Visit our blog and see what should you do to comply with CPA
Learn more read more link arrow
Privacy requests whitepaper
DSAR whitepaper
Why DSAR management is important for CPA
Learn more read more link arrow
US webinar series
Latest webinars
Access our latest webinars on CPA and other hot privacy topics
Learn more read more link arrow

Didomi helps you manage requirements for CPA and privacy laws worldwide.

desktop tablet-2


Consent management

Ensure user choices and transparency in all countries and devices.

Create privacy notices that reflect your brand while easily managing your site vendors and purposes. 

Generate proofs of consent in a few clicks, from a single source of truth.

Measure and optimize consent rates with advanced Analytics.

Detect, apply and respect Global Privacy Control (GPC).



Streamlined fulfilment of Privacy Requests

No more manual handling of requests.

Intuitive processes that reassure website users and ease the burden on your own team.

Monitoring of key metrics to optimize your DSAR flow and improve spend per request and turnaround time.



Onboarding all new data privacy regulations

Our platform is built to onboard all privacy regulations and allow you granular consent management.

What is the digital impact of CPA?



Impact on analytics

Businesses must ensure that only "adequate, relevant, and reasonably necessary" data is collected, potentially limiting the depth of insights.

If users opt-out of data collection, this could lead to gaps in data, making it harder to derive comprehensive insights.

Important: server-side tracking is not exempt. If users opt-out, you’ll need to calculate performance with data modelling.

  Request a demo


Impact on media performance

As a business, your ability to run remarketing audiences depends on users agreeing to your CPA privacy notices and staying opted in to processing their personal data.

If users opt out, you cannot track conversions, resulting in lower in-platform performance and fewer data points for AI optimization.

If you are a site publisher, you won't be able to maximize advertising revenue if users opt out.



Impact on user experience

Mapping out the customer journey is much harder if users opt-out of CPA notice

Gaining user trust is the key, ensuring their choices are respected and giving them simple and transparent ways to access their data at all times. 

Clear language, reliable technology and attractive interfaces help to avoid bounce (i.e., when users leave a website due to confusing or off-putting privacy notices).

  Request a demo

Questions about the impact of CPA on your business, agency or consulting firm?

Our expert Joshua Revan will be happy to help.