| Consumer Ref | Type | Received | Confirm Receipt By | Complete Action By | Days Left | Action |
|---|
Privacy professionals and legal operations teams use this response log builder to carefully manage CCPA/CPRA DSAR deadlines and avoid compliance violations. Track the 15-business-day window for acknowledging requests and the strict 45-day clock for final fulfillment. Stay organized with automatic overdue flags and logging features, ensuring California consumers receive their data rights on time while maintaining a defensible audit trail.
Businesses must confirm receipt of a consumer's request to know, delete, or correct within 10 business days, though some specific opt-out requests require action within 15 business days. The primary fulfillment deadline is 45 calendar days.
A business can extend the response time by up to an additional 45 days if necessary due to the complexity or number of requests. The consumer must be provided with notice of the extension and the reasons for the delay within the original 45-day window.
Yes, the 45-day deadline for fulfilling a DSAR is based on calendar days, which includes weekends and holidays. If the deadline falls on a weekend or holiday, it is highly recommended to respond prior to that date.
Failing to respond within the statutory timeframes can result in enforcement action by the California Privacy Protection Agency (CPPA) or the Attorney General, potentially leading to significant fines of up to $7,500 per intentional violation.