California Data Removal Services
Exercise your California Consumer Privacy Act (CCPA) rights. GhostMyData helps California residents remove their personal information from data brokers.
Your CCPA Rights
California Consumer Privacy Act (2018) gives you important rights over your personal data
Right to Know
Request disclosure of what personal information businesses have collected about you
Right to Delete
Request deletion of personal information collected about you
Right to Opt-Out
Opt out of the sale or sharing of your personal information
Right to Non-Discrimination
Companies cannot discriminate against you for exercising your privacy rights
Top Data Brokers Targeting California Residents
These data brokers collect and sell information about California residents
Spokeo
Removal: 24-72 hours
WhitePages
Removal: 48-72 hours
BeenVerified
Removal: 24-48 hours
Intelius
Removal: 72 hours
Radaris
Removal: 7-30 days
MyLife
Removal: 7-14 days
How GhostMyData Helps California Residents
Automated CCPA Requests
We submit legally compliant CCPA deletion requests to data brokers on your behalf.
45-Day Compliance Tracking
We track the 45-day response deadline and follow up on non-compliant brokers.
Compliance Documentation
Get detailed reports of all removal requests for your records or legal purposes.
Understanding California Privacy Law
Overview
California leads the nation in consumer data privacy protection. The California Consumer Privacy Act (CCPA), signed into law in 2018 and amended by the California Privacy Rights Act (CPRA) in 2020, provides the most comprehensive set of data privacy rights available to any US consumer. With over 39 million residents, California's law has effectively set the floor for privacy protection nationwide — many companies apply CCPA protections to all US customers rather than maintaining separate compliance systems. The CCPA specifically targets data brokers, requiring them to register with the California Attorney General's office and respond to deletion requests within 45 calendar days. As of 2026, over 500 data brokers are registered in California, making it the most transparent state for identifying companies that buy and sell personal information.
How the CCPA Works
The CCPA grants California residents four fundamental rights: the right to know what personal information businesses collect, the right to delete that information, the right to opt out of sales or sharing, and the right against discrimination for exercising these rights. The CPRA amendment added the right to correct inaccurate information and created the California Privacy Protection Agency (CPPA), the first dedicated state privacy enforcement body in the US. Under CCPA, 'personal information' is defined broadly — it includes names, addresses, phone numbers, email addresses, Social Security numbers, browsing history, geolocation data, biometric information, employment history, and more. The law also introduced the concept of 'sensitive personal information,' which includes government IDs, financial account details, precise geolocation, racial or ethnic origin, and the contents of private communications. Businesses must provide at least two methods for consumers to submit requests, and cannot require account creation to process a deletion request.
Data Broker Landscape in California
California is ground zero for the data broker industry. The state's Data Broker Registry, established by the California Delete Act (SB 362, signed October 2023), requires data brokers to register annually, pay fees, and soon comply with a one-stop deletion mechanism called the DELETE portal. The California AG has identified over 500 registered data brokers, from people search sites like Spokeo and BeenVerified to enterprise data aggregators like Acxiom, Oracle Data Cloud, and Epsilon. These brokers collect information from public records (property deeds, voter registrations, court filings), commercial sources (loyalty programs, purchase histories), and online activity (social media profiles, browsing behavior). A single California resident's data profile may exist across 50-100 different brokers simultaneously, with each broker selling access for $1 to $50 per lookup. The DELETE portal, once fully operational, will allow California residents to submit a single deletion request that reaches all registered brokers — but until then, services like GhostMyData automate this process across the entire broker ecosystem.
Exercising Your Rights
To exercise your CCPA rights manually, you must submit a verifiable consumer request to each data broker individually. Most brokers accept requests via email, web forms, or toll-free phone numbers. The business must verify your identity before processing the request — typically through email verification or matching personal details. You can authorize an agent (like GhostMyData) to act on your behalf by providing written permission. Businesses have 45 days to respond, extendable by another 45 days with notice. For data brokers specifically, California's Delete Act will streamline this process through the centralized DELETE portal, but the portal's full rollout has faced delays. In the meantime, you can submit requests directly to each broker or use GhostMyData to automate the process. GhostMyData sends CCPA-compliant deletion requests to 41 enterprise data brokers and automates opt-out form submissions to 8 people search sites, covering the broadest range of broker types available from any single service.
Enforcement & Penalties
The California Attorney General's office has been active in enforcing the CCPA since it took effect in 2020. Notable enforcement actions include a $1.2 million settlement with Sephora in 2022 for failing to honor Global Privacy Control opt-out signals and selling consumer data without proper disclosures. The AG has also issued notices of noncompliance to numerous data brokers for failing to register as required. The CPPA has taken over primary enforcement and has signaled its intent to pursue data brokers that don't comply with deletion requests within the 45-day window. In 2024, the CPPA opened investigations into several large data brokers for alleged violations of the CCPA's opt-out requirements. For consumers, this active enforcement environment means your deletion requests carry legal weight — data brokers face real penalties (up to $7,500 per intentional violation) for ignoring them.
California Privacy FAQ
What is the CCPA?
The California Consumer Privacy Act (CCPA) is a state law that gives California residents greater control over their personal information. It requires businesses to disclose data collection practices and allows consumers to request deletion of their data.
Who is covered by the CCPA?
CCPA applies to California residents and businesses that collect personal information and meet certain thresholds (annual revenue over $25M, data on 100,000+ consumers, or 50%+ revenue from selling data).
How long do companies have to respond to CCPA requests?
Businesses must respond to CCPA requests within 45 days. They can extend this by an additional 45 days if necessary, but must notify you of the extension.
Can I sue a company for CCPA violations?
Consumers can sue for data breaches resulting from a company's failure to maintain reasonable security. For other violations, you can file a complaint with the California Attorney General.
Does CCPA apply to data brokers?
Yes, data brokers are specifically covered under CCPA. California also requires data brokers to register with the state, making it easier to identify and submit removal requests.
How does GhostMyData help with CCPA compliance?
GhostMyData automates CCPA deletion requests to data brokers on your behalf, tracks responses, follows up on delayed requests, and provides documentation of your removal efforts.
Data Removal in Other States
Protect Your California Privacy Rights
Don't let data brokers profit from your personal information. Exercise your CCPA rights with GhostMyData.