OneTrust Certified Privacy Professional Practice Exam 2026 - Free Privacy Professional Practice Questions and Study Guide

The California Consumer Privacy Act (CCPA) mandates that businesses must disclose required information to consumers within a certain timeframe after receiving a verifiable consumer request. This timeframe is explicitly set at 45 days. This requirement ensures that consumers have timely access to their data and understand how their personal information is being used or shared by businesses.

Businesses also have the option to extend this period by an additional 45 days, provided they inform the consumer of the delay and the reason for it within the initial 45-day window. This flexibility is important for businesses that may require more time due to the volume or complexity of the request, but the initial 45-day period remains the standard within which the disclosure must be made.

Therefore, adherence to this 45-day disclosure requirement is crucial for compliance with the CCPA and reflects the law's emphasis on transparency and consumer rights regarding personal data.