# CCPA: The California Consumer Privacy Act

> This article explains how CCPA and CPRA concepts can affect Mailrith customers, what Subscriber data may count as personal information, how Mailrith can help with access or deletion requests, and where to review Mailrith's DPA.

- Human page: https://mailrith.com/docs/ccpa-the-california-consumer-privacy-act
- Markdown page: https://mailrith.com/docs/ccpa-the-california-consumer-privacy-act.md
- Category: Privacy And Compliance
- Reading time: 7 min read
- Last updated: 2026-06-13
- Related keywords: CCPA: The California Consumer Privacy Act, CCPA: The California Consumer Privacy Act documentation, Privacy And Compliance, Privacy And Compliance documentation, Mailrith documentation, Mailrith help, Intro, What It Means, Personal Information Under The CCPA, Covered Businesses, Access Or Deletion Requests, Contract Requirement, Business Purpose, Sale Of Personal Information, GDPR FAQ, Subscribers, Subscriber Imports, Exports, and Bulk Actions

## AI Agent Notes
- Use this article as step-by-step Mailrith product guidance, not as legal, financial, or deliverability advice unless the article says so.
- Preserve exact Mailrith UI labels from the steps when explaining a workflow.
- Prefer Mailrith's product term Subscribers when referring to people on an email list.

## What this guide covers
What Mailrith customers need to know about California privacy rights, CCPA requests, DPA review, business purposes, and Subscriber data.

## Sections
- Intro
- What It Means
- Personal Information Under The CCPA
- Covered Businesses
- Access Or Deletion Requests
- Contract Requirement
- Business Purpose
- Sale Of Personal Information

## Intro

Mailrith works to support individual privacy rights and gives customers tools that can help with Subscriber data access, exports, unsubscribe handling, deletion workflows, and privacy requests.

This article is product help, not legal advice. The CCPA, as amended by the CPRA, may apply differently depending on your business, your data practices, and your relationship with California residents. Ask your attorney if you have legal questions.

## What It Means

The CCPA gives certain California residents rights over their personal information. These rights may include the right to know, access, delete, correct, or opt out of certain uses of personal information.

For Mailrith customers, this means you should understand:

- What Subscriber data you collect.
- Why you collect it.
- Where it is stored.
- Which providers receive it.
- How you respond to access or deletion requests.
- Whether your connected tools have separate privacy steps.

Mailrith can help with data stored in Mailrith. Customer-connected providers may need separate review or deletion outside Mailrith.

## What Is Considered Personal Information Under The CCPA?

Personal information under the CCPA can include information that identifies, relates to, describes, or could reasonably be linked to a person or household.

For Subscribers, this may include:

- Email address.
- Name.
- Location details.
- Tags.
- Segments.
- Form or landing page activity.
- Email engagement data.
- Custom fields.
- Consent records.
- Subscription status.

Do not store sensitive information in Mailrith that Mailrith is not designed to handle, including health records, payment card numbers, government identity numbers, passwords, children's data, or similarly sensitive information.

## What Businesses Are Subject To The CCPA?

The CCPA applies to certain businesses that meet legal thresholds and handle personal information from California residents.

Mailrith does not decide whether the CCPA applies to your business. Review your data practices with your attorney.

You may want to consider:

- Whether you collect data from California residents.
- How much personal information your business handles.
- Whether you share data with service providers or other third parties.
- Whether your business meets CCPA or CPRA thresholds.
- Whether your Privacy Policy explains your practices.

## Will Mailrith Help Customers Who Receive Access Or Deletion Requests Under The CCPA?

Yes. Mailrith provides support paths for privacy requests involving data in Mailrith.

Before asking Mailrith for help, verify the request through your own privacy process. Then check whether the Subscriber's data also exists in customer-connected providers such as SMTP providers, email delivery APIs, webhooks, Zaps, CRMs, AI providers, or internal systems.

For Mailrith support, email **support@mailrith.com** and include:

- Workspace name.
- Subscriber email address.
- Request type.
- Verification status.
- Due date.

Mailrith can help with data in Mailrith. You are responsible for reviewing and handling data in the other systems you choose to use.

## Will Mailrith Help Customers Meet The CCPA Contract Requirement?

Mailrith provides a [DPA](https://mailrith.com/dpa.md). You can also review Mailrith's [Terms of Service](https://mailrith.com/terms-of-service.md) and [Privacy Policy](https://mailrith.com/privacy-policy.md).

If you need specific contract language or need to confirm whether the DPA meets your CCPA or CPRA requirements, ask your attorney.

Mailrith does not provide legal advice and does not determine whether your contracts satisfy your obligations.

## What Is A Business Purpose Under The CCPA?

A business purpose is a reason a business uses personal information to operate or provide services.

In a Mailrith context, business purposes may include:

- Managing Subscribers.
- Sending emails through customer-owned delivery providers.
- Handling unsubscribes.
- Supporting Segments and Tags.
- Providing exports.
- Supporting privacy requests.
- Connecting to customer-connected integrations.

Your own business purposes may be broader than your use of Mailrith. Document your purposes in your own records and Privacy Policy.

## Does Mailrith Sell Personal Information Under The CCPA?

Mailrith does not sell Subscriber Personal Data.

Mailrith sends through customer-owned delivery providers and customer-connected integrations. You should review the privacy terms and data use practices of each provider you connect to Mailrith, including SMTP providers, email delivery APIs, webhooks, Zaps, CRMs, AI providers, and internal systems.

Ask your attorney if you need help deciding whether your own data sharing is considered a sale, sharing, or another regulated disclosure under the CCPA or CPRA.

## Related Guides
- [GDPR FAQ](https://mailrith.com/docs/gdpr-faq.md): This FAQ explains how Mailrith's GDPR consent tools work, how double opt-in relates to consent, when to ask existing Subscribers for consent, how to store proof, and how to handle Subscriber privacy requests.
- [Subscribers](https://mailrith.com/docs/subscribers.md): The Subscribers page is the main workspace for your Subscriber list. Use it to search Subscribers, filter Subscribers by status, run bulk actions, import and export CSV files, and review source-specific Subscriber history.
- [Subscriber Imports, Exports, and Bulk Actions](https://mailrith.com/docs/subscriber-imports-exports.md): Imports, exports, and bulk actions help you move and update large subscriber groups without editing each subscriber record manually. This guide explains how to prepare clean CSV files, map fields, monitor background import jobs, and avoid accidental broad changes.
