CCPA & Sec-GPC
CCPA & Sec-GPC. CCPA (California Consumer Privacy Act) gives California residents the right to opt out of the sale or sharing of their personal information. Sec-GPC (Global Privacy Control) is a browser-level signal that automatically communicates that opt-out request to every site the visitor opens.
Definition
Most sites bolt on a "Do Not Sell My Info" link to satisfy CCPA. Sec-GPC is the more rigorous answer: when the browser sends the Sec-GPC: 1 header, the site treats the visitor as having opted out — no popup, no manual click, no dark pattern. Sites that respect Sec-GPC automatically clear the highest CCPA compliance bar.
Where this matters for window-film visualizers
A visualizer captures a customer photo + contact details. That data flows to the shop as a lead. Under CCPA, California visitors have the right to opt out of that data being shared. A visualizer that respects Sec-GPC (plus an explicit opt-out toggle + DNT header) is automatically compliant for that segment of visitors.
How it shows up to the user
A user with Sec-GPC enabled (Brave by default, Firefox via a setting) sees: no analytics tracking, no lead-capture form pre-fill from cookies, an explicit notice that their opt-out signal was respected. No popup required.
DNT (Do Not Track) is the older sibling
DNT was the 2010-era predecessor to Sec-GPC. Most sites ignore DNT — Sec-GPC has stronger CCPA enforcement teeth in California. A modern privacy posture respects both.
See also
- Window film visualizer — Window film visualizer
Roffik's take
Embeddable AI window film and vinyl wrap visualizer with auto-detection — customers upload a photo, pick a film, see a photo-real preview, and become a captured lead, all in seconds. Learn more about Vizme.