California Data Removal Guide (2026)
California residents have the strongest data deletion rights in the United States. The CCPA, amended by the CPRA, gives you a legally enforceable right to request deletion of your personal information from any business — including every data broker registered with the state.
At a glance
- Comprehensive state privacy law
- Yes — CCPA/CPRA
- Broker response deadline
- 45 days from verifiable request
- Enforcement
- California Privacy Protection Agency
- Residents
- 39M (approx.)
California Consumer Privacy Act (as amended by CPRA) (CCPA/CPRA)
The CCPA/CPRA gives California residents the right to know, the right to delete, the right to correct, and the right to opt out of the sale or sharing of personal information. Data brokers must respond to verifiable deletion requests within 45 days (extendable to 90 with notice). California is also the only US state that operates a public Data Broker Registry, maintained by the California Privacy Protection Agency — any business meeting the broker definition must register annually or face fines.
Your rights
- →Right to deletion (Cal. Civ. Code § 1798.105)
- →Right to opt out of sale or sharing (§ 1798.120)
- →Right to limit use of sensitive personal info (§ 1798.121)
- →Private right of action for security breaches (§ 1798.150)
- →Statutory damages: $100-$750 per consumer per incident
- →DELETE Act global deletion mechanism (effective 2026)
Where your data leaks from in California
Data brokers don\u2019t guess your address \u2014 they scrape specific public-record sources. The ones most relevant in California:
- California Data Broker Registry (CPPA) — over 500 registered brokers
- Los Angeles County Assessor public records
- California DMV abstracted records
- Vital records via California Department of Public Health
Ready to remove
Opt out of 200+ brokers for $2
OfflistMe drafts a legally compliant deletion email citing CCPA/CPRA for every broker. You send from your own inbox. No account, no ID upload.
Start for $2 \u2192If a broker ignores your request
If a broker does not respond within 45 days, file a complaint with the California Privacy Protection Agency. The enforcement authority can assess civil penalties and compel compliance.
File a complaint with California Privacy Protection Agency \u2197FAQ: California data removal
How long do data brokers have to respond to a CCPA deletion request?+
45 days from the date of a verifiable request. Brokers may extend once to 90 days with written notice explaining the delay. Silence past 45 days is itself a violation you can report to the California Privacy Protection Agency.
What is the California DELETE Act?+
SB 362, the California Delete Act, creates a single statewide mechanism (launching August 2026 per CPPA rulemaking) where one deletion request automatically propagates to every registered data broker. Until it is live, deletion still requires contacting each broker directly.
Can I sue a data broker for ignoring my CCPA request?+
Directly, only in the case of a security breach involving non-encrypted personal information (§ 1798.150). For ignored deletion requests, the remedy is a complaint to the CPPA, which can fine brokers $2,500 per violation or $7,500 per intentional violation.
Do I need to prove I am a California resident?+
Brokers may require a reasonable verification step (a utility bill address, zip code, or identifying data they already have on file) but they cannot demand a government ID scan for a simple deletion request. OfflistMe generates requests that satisfy standard verification without exposing sensitive identifiers.