Amasty California Consumer Privacy Act Magento 2 Extension

- E-Commerce, Magento 2

In 2018, the California state had passed a law that provided California residents with the right to be informed on how their data is collected and distributed by organizations and businesses. The California Consumer Privacy Act (CCPA) came into force on January 1, 2020, making all merchants whose online business covers the California region responsible for complying with the new requirements. The regulations are related to collecting, managing, and disclosing the personal information of website visitors who come from California.

The Amasty California Consumer Privacy Act extension allows Magento 2 merchants to make necessary adjustments in their privacy policy to comply with the CCPA legislation. By leveraging the module’s features, you can transparently process customers’ details and ensure their personal data safety. Below, we describe the functionality of the CCPA Magento 2 extension in more detail.

Download / Buy Amasty California Consumer Privacy Act Magento 2 Extension

The Amasty California Consumer Privacy Act Magento 2 extension provides online merchants with a complete set of tools to make their stores compliant with the new regulations. By installing the Magento 2 module, you will ensure customers in the safe processing of their personal data and avoid penalties for violating the legislation.


  • Configuration of privacy settings targeted at California residents;
  • Ability to create multiple consent checkboxes;
  • Display of custom checkboxes on various pages;
  • Customer access to the collected info;
  • Cookie usage control;
  • Ability to reject the usage of personal data by a customer;
  • Option to download personal customer information;
  • Anonymization of customer data;
  • Ability to send requests for removing personal details from the customer account;
  • Automatic creation of deletion requests for abandoned accounts.

The Magento 2 privacy extension allows store owners to implement the features required to comply with the CCPA rules in their privacy policy. This way, you can configure appropriate messages and documents intended only for California residents without changing privacy settings for other US customers.  

To ensure your store visitors in transparent handling of their personal data, you can allow customers to view which information is being collected. The Magento 2 CCPA module also allows informing customers how their details are processed and whether they are sold to third parties.

The CCPA Magento 2 extension enables website visitors to control cookie usage. When landed on your website, a customer can see a list of cookie categories used by the store and decide which types of cookies he or she will accept. Besides, online shoppers get the ability to decline the usage of collected personal details. By allowing customers to take control of selling their data for marketing purposes, you will operate your online business in line with the CCPA regulations. The relevant option is added to the cookie policy and only requires a user to click the appropriate button in the cookie settings.

Moreover, you can enable the option that will let customers download their data collected by your store for the 12-month period. The download of private account information will be possible only with a unique password kept by a customer so that you can ensure your clients of safe access to their data. As a store admin, you can view and manage all download requests in the Magento backend.

Furthermore, the California Consumer Privacy Act Magento 2 extension allows anonymizing customer data by converting it into a sequence of random symbols. Besides, the module grants users a right to delete their personal info. Customers can ask store managers to remove their accounts. After processing the request, user data can be deleted permanently.


First, let’s see the privacy policy settings of the Magento 2 California Consumer Privacy Act module. All existing policy documents are gathered on a grid under Customers → CCPA → Privacy Policy. The grid includes the following columns:

  • ID;
  • Date Created;
  • Version Number;
  • Last Edited;
  • Last Edited By;
  • Comment;
  • Status (Disabled, Enabled, or Draft);
  • Action (Edit).

You can apply filters to look for particular documents and change the sorting of the grid columns. It is also possible to delete selected policy documents in bulk.

When editing an existing document or creating a new privacy policy, first, create a meaningful title that will be displayed to admins and type it in the Comment field. You should also specify the policy version, select its status, and create the content of the document using the WYSIWYG editor.

Now, let’s navigate to Customers → CCPA → Consent Checkboxes to get a deeper insight into the Magento 2 CCPA extension functionality. Here, you can view all checkboxes added to the forms related to the privacy policy on your website. The grid shows the following details for each consent checkbox:

  • ID,
  • name,
  • code,
  • status (enabled or disabled),
  • whether it is required or not,
  • whether it is hidden after a user gives the consent,
  • whether it is included in the log,
  • location (Registration, Checkout, Contact Us, or Newsletter Subscription).

You can edit each checkbox individually and apply mass action to delete selected checkboxes. To create a new checkbox, press the “New Checkbox” button.

When adding a new consent checkbox, you need to specify its name and code, set its status as enabled or disabled, and decide whether it will be marked as mandatory for making an action. Next, you can enable logging of the appropriate consents submitted by customers and make it hidden on the frontend if a user already gave their consent. Then, set the position and location of the checkbox and specify a text displayed to customers. Note that you can insert a link to the privacy policy in the checkbox content using an appropriate variable. You can select a link type from the following options: Privacy policy or CMS page. Besides, you can choose particular countries to define which of your website visitors will see the configured checkbox.

You can track all consents submitted by customers and check their details on a separate grid under Customers → CCPA → Consent Log. The available mass actions here allow sending consent requests to selected customers via email. 

Another grid in the backend of the CCPA Magento 2 module collects privacy policy-related actions, including delete requests. You can view all requests for account deletion, as well as approved requests on a grid under Customers → CCPA → Action Log

To manage the delete requests, go to Customers → CCPA → Delete Requests. The appropriate grid shows the name and email of a customer who sent the deletion request, the date and time when it was performed, the initiator of the request (the customer or automatically), and the number of completed and pending orders of the customer. Store managers can approve or deny selected requests in bulk.

It is also necessary to mention that the Amasty CCPA module extends the Customers grid by adding the “Don’t Sell My Personal Information” column.

As for the general settings of the Amasty CCPA Magento 2 extension, it is divided into 4 tabs: General, Customer’s Account Privacy Settings, Personal Data Deletion, and Email Notifications.

The General settings tab lets you enable/disable the extension’s functionality on the frontend and make the “Don’t Sell My Personal Information” option in the Privacy Settings tab of the customer account visible only to users from California. Here, you can also activate the log’s automatic cleaning and specify the number of days after which the logged records should be removed.

Amasty CCPA Magento 2 Module

Next, you can allow customers to download their personal details, opt-out from selling their data, and send requests for deleting the account. 

The Personal Data Deletion tab is divided into 2 sections: Automatic Personal Data Deletion and Prevent Data Deletion of Recent Orders. In the first section, you can enable the feature that will automatically delete accounts of customers who didn’t make any orders for a specified period.

Another section in the same tab lets you specify the number of days, which will be considered the period of recent orders, and disable customers’ data deletion in the corresponding order-related documents. Here, you can also define statuses of orders for which personal data anonymization and deletion will not be allowed.

In Email Notifications, you can enable email alerts sent to admins on the creation of a new delete request. Here, you should also select an email sender and template and specify the notification recipients’ email addresses.

In this tab, you also enable/disable notifications sent to customers on their requests’ approval and denial. For each type of notification, you should choose email senders and templates and specify email addresses for sending replies.

Now, let’s see how the CCPA Magento 2 extension functions from a frontend user perspective.


As we have above, it is possible to create multiple checkboxes and add them to forms that require acceptance of privacy policy. Below, you can see how the registration page with custom checkboxes looks:

If a website visitor presses on the “privacy policy” link next to the checkbox, they will be able to instantly view the text of the document in a pop-up window and accept it with one click.

Furthermore, the Magento 2 CCPA module adds a new section to the customer account area – Privacy Settings. The section allows your clients to download a copy of the collected user info in a CSV format, opt-out from selling their data to third parties, and submit requests for deleting their accounts.

Final Words

The Amasty California Consumer Privacy Act extension provides online merchants with the necessary settings for adjusting their privacy policy according to the CCPA law. By implementing the Magento 2 module’s features, you can follow the latest regulations without the risk of violating local legal requirements. By ensuring a transparent procedure of collecting and handling consumer data, you will build trust to your business and create a positive impression from shopping on your website. 

The CCPA extension for Magento 2 can be purchased for $149. Follow the link below to get more details about the module:

Download / Buy Amasty California Consumer Privacy Act Magento 2 Extension