Free Consultations: 843-665-1717

1303 West Evans Street Florence, SC 29501

Contact

Category

Understanding Your Consumer Rights Under the CCPA in South Carolina

On Behalf of Hays Cauley, P.C. l
Understanding Your Consumer Rights Under the CCPA in South Carolina

The California Consumer Privacy Act protects personal data for residents across all states, including South Carolina. Many people don’t realize they have powerful consumer rights under CCPA regardless of where they live.

We at Hays Cauley, P.C. see clients who face privacy violations daily. This guide breaks down your CCPA protections and shows you exactly how to use them.

Who Does CCPA Actually Protect in South Carolina

The CCPA covers a much broader range of personal information than most South Carolina residents realize. This law protects 11 categories of data that include identifiers like your Social Security number, commercial information such as purchase records, internet activity, geolocation data, and biometric information. Audio and visual records fall under protection, along with professional information and inferences that companies draw about your preferences. The law defines personal information as any data that identifies, relates to, describes, or links to you or your household.

A hub and spoke chart showing 11 categories of data protected by CCPA, including identifiers, commercial information, internet activity, geolocation data, biometric information, and more.

Business Requirements That Trigger CCPA Coverage

CCPA applies to businesses that meet specific thresholds and affect South Carolina consumers daily. Companies with annual gross revenues that exceed $25 million must comply, as must businesses that handle personal information of 50,000 or more consumers annually. The third category includes companies that derive 50% or more of their revenue from the sale of personal information. Major retailers, social media platforms, data brokers, and financial institutions that operate nationwide fall under these requirements. Location doesn’t matter – if a California-based company processes your data or a South Carolina business meets the thresholds, CCPA protections apply to your interactions.

Your Protection Rights Regardless of State Residence

South Carolina consumers gain the same CCPA rights as California residents when they deal with covered businesses. You can request detailed reports about what personal information companies collect, how they use it, and which third parties receive your data. The law grants you deletion rights for most personal information and the ability to opt out of data sales (without identity verification required). Companies cannot discriminate against you for the exercise of these rights by denial of services, different price charges, or provision of lower quality service. These protections extend to any interaction with CCPA-covered businesses, whether online purchases, app usage, or service subscriptions.

An ordered list chart outlining the three fundamental consumer rights under CCPA: right to know, right to delete, and right to opt out of data sales.

Now that you understand which businesses must follow CCPA rules and how the law protects your data, let’s examine the specific rights you can exercise under this legislation.

What Can You Actually Demand From Companies

The CCPA grants you three fundamental rights that companies cannot ignore, and South Carolina consumers must understand exactly how to use these powers. Your right to know allows you to request two types of reports: a basic summary that shows categories of personal information collected and their purposes, or a detailed report that contains specific data pieces, sources, and third-party recipients. Companies must provide the basic report within 45 days and cannot charge fees for up to two requests per year.

Access to Your Complete Data Profile

The detailed report requires identity verification but reveals exactly what information businesses hold about you. This includes purchase histories, web activity patterns, and data shared with advertisers. Companies must disclose the categories and sources of personal information they collect from consumers in their updated privacy policies. The law defines personal information broadly to encompass data that identifies, relates to, and can be linked with a specific consumer or household.

Complete Removal of Your Personal Information

Your deletion rights under CCPA are stronger than most people realize, though businesses will try to find exceptions. Companies must delete your personal information from their records and instruct service providers to do the same when you submit a verified request. Businesses can only refuse deletion for specific reasons (like transaction completion, fraud detection, or legal compliance). The law requires companies to respond within 45 days, and they cannot charge fees for deletion requests.

Immediate Protection From Data Sales

The opt-out right is your most powerful tool because it requires no identity verification and companies must honor it immediately. Businesses that sell personal information must provide a clear “Do Not Sell My Personal Information” link on their homepage. They cannot make you create accounts or provide additional information to opt out. Once you opt out, companies must wait 12 months before they ask if you want to opt back in (the law defines sale broadly to include data broker arrangements and advertising partnerships).

Now that you know your specific rights under CCPA, the next step involves understanding the practical process of how to exercise these rights effectively.

How Do You Submit CCPA Requests That Actually Work

Most companies design their CCPA request systems to frustrate consumers into abandonment, but the law requires them to accept requests through multiple channels. You can submit requests via toll-free phone numbers, designated email addresses, online forms, or postal mail. Companies must maintain these methods and respond within 10 business days to confirm receipt. The law requires businesses to provide at least two methods for request submission, and they cannot force you to use only one specific channel.

Companies Hide Request Forms But Must Make Them Accessible

Many businesses bury their CCPA request forms deep in their websites, but they must make these accessible from their main privacy policy page. The law mandates that businesses maintain specific methods for consumers to submit requests to know, requests to delete, and requests to opt-out. Companies cannot create barriers that prevent you from exercising your rights. If you cannot locate the request form easily, this constitutes a potential CCPA violation.

Identity Verification Requirements Vary by Request Type

Opt-out requests need zero identity verification – companies must honor them immediately without additional information requests. Right-to-know and deletion requests require reasonable verification that matches the information sensitivity involved. For basic category reports, businesses typically ask for your name, email address, and confirmation that you are the person making the request.

Detailed reports and deletion requests need stronger verification like government ID numbers, account information, or security question answers. Companies cannot demand excessive documentation that creates barriers to rights exercise. If they request more information than necessary, you can challenge this as a CCPA requirements violation.

Strict Response Deadlines Companies Must Follow

Businesses have 45 calendar days to respond to your requests, with a possible 45-day extension if they notify you within the initial period. Companies must respond to consumer requests within 10 business days to confirm receipt and within 45 calendar days to provide the requested information or deletion. The California Attorney General can impose penalties up to $2,500 for violations and $7,500 for intentional violations when businesses fail to meet these deadlines.

An ordered list compact chart showing key CCPA response deadlines for businesses, including confirmation of receipt, provision of information, and potential extensions. - consumer rights under ccpa

Companies must maintain records of consumer requests and responses for at least 24 months. If businesses reject your request, they must provide written explanations with specific legal justifications (generic denials violate CCPA compliance requirements).

Final Thoughts

The CCPA provides South Carolina residents with powerful consumer rights under CCPA that companies cannot ignore. You can access detailed reports about your personal information, demand complete deletion of your data, and immediately stop businesses from selling your information to third parties. These protections apply whenever you interact with covered businesses, regardless of where those companies are located.

Companies that violate CCPA face penalties up to $7,500 per intentional violation, but many still try to avoid compliance through confusing processes or delayed responses. When businesses refuse valid requests, provide incomplete information, or fail to meet legal deadlines, you may need professional legal assistance. We at Hays Cauley, P.C. help consumers navigate privacy violations and hold companies accountable for CCPA non-compliance through our consumer protection law firm.

Your privacy rights mean nothing without enforcement. Document all interactions with companies, save confirmation emails for your requests, and track response times carefully. Companies count on consumer inaction, but CCPA gives you the tools to fight back when they mishandle your personal information.

Recent Blogs

View All
  • By  
  •   |  

Identity Theft Legal Help: Finding The Right South Carolina Attorney

  • By  
  •   |  

SC FCRA attorney: Finding the Right Legal Support

  • By  
  •   |  

Credit Dispute Lawyer SC: When to Call a Specialist

  • By  
  •   |  

Understanding Credit reporting rights SC: A Practical Guide for SC Residents