Now that you’ve provided any applicable Do Not Sell My Info disclosure and linked consumers to your full privacy policy, let’s look at the requirements for that policy. 

Your policy should explain what information you collect and why. That disclosure is a basic feature of privacy policies, so if you have a policy, it likely already covers the what and the why. Planning for CCPA compliance is a good time to read your privacy policy to make sure it’s up to date. Talk to your product teams, marketers and other data stakeholders and make sure your privacy policy covers all of their sources and uses of data.