CPRA requires businesses to conduct privacy risk assessments before processing activities that present a significant risk to consumer privacy, including selling personal information, processing Sensitive Personal Information, and using Automated Decision-Making Technology. The assessment must weigh the benefits of the processing against privacy risks and document safeguards implemented to mitigate those risks.
Keep Exploring
References