Compliant with GDPR, CCPA, COPPA, LGPD, PECR, PDPA, PIPEDA, and more.
The Delete Request and Opt-out Platform (DROP) is a unified system that allows individuals to exercise their privacy rights efficiently. It enables users to request deletion of personal data, opt out of data sharing, or stop certain uses of their information. DROP simplifies privacy management by providing a single channel for submitting, verifying, and tracking requests, reducing the need to contact multiple companies individually. The platform officially launched on January 1, 2026, at privacy.ca.gov, providing a standardized process for managing privacy requests.
When a user submits a request through DROP, the platform first verifies the user’s identity and confirms the type of request, whether it is data deletion, opting out of sale or sharing, or restricting certain uses such as profiling. Once submitted, businesses are legally required to respond within 45 days, with a possible extension of another 45 days if the business informs the user. DROP relays the request securely to the relevant business and tracks progress. Users can receive status updates at each stage, and all interactions are timestamped for transparency and audit purposes.
DROP is designed for California residents who wish to exercise their privacy rights under state law. Eligible users can submit requests to delete personal data, opt out of the sale or sharing of personal information, or restrict certain uses such as profiling. Businesses participating in DROP receive verified submissions and are responsible for fulfilling the requests in accordance with California privacy regulations. While DROP facilitates the process and tracks request status, it does not store or manage users’ underlying personal data.
With the growing complexity of data privacy regulations, DROP provides a practical solution for managing user rights efficiently. It enhances transparency, ensures verifiable request handling, and reduces friction for both users and businesses. The platform aligns with regulations such as CCPA and GDPR, offering a legally compatible framework for deletion and opt-out requests.
