Who Must Comply with the Colorado Privacy Act (“CPA”)?
The law applies to entities, including nonprofits, that conduct business in Colorado or deliver commercial products or services targeted to residents of Colorado AND either:
1. Process the personal data of more than 100,000 consumers in any calendar year; or
2. Derives revenue or receives discounts on goods or services in exchange for the sale of personal data and processes or controls the personal data of 25,000 or more consumers.
The law also applies to service providers, contractors, and vendors that manage, maintain, or provide services relating to the data on behalf of these companies.
Stay Ahead of the Curve! Explore our comprehensive CLIClaw Colorado Privacy Compliance Library for in-depth resources and insights.
These materials were obtained directly from the State Government public websites and are posted here for your review and reference only. No Claim to Original State Government Works. This may not be the most recent version. The State may have more current information. We make no guarantees or warranties about the accuracy or completeness of this information, or the information linked to. Please check the linked sources directly.