Skip to main content
All CollectionsPolicies
How To Update Your Privacy Policy to Comply With Colorado’s Privacy Law (CPA)
How To Update Your Privacy Policy to Comply With Colorado’s Privacy Law (CPA)
Updated over 2 months ago

In this support article, we’ll show you how to update your Termly privacy policy to comply with the data privacy law in Colorado, called the Colorado Privacy Act (CPA).

To read the law in full, you can check out the official legal text of the CPA.

Termly makes updates to the policy generators to reflect changes in data privacy laws that may impact our users. When an update occurs, we send Termly users an email with information about the changes. It is your responsibility to implement the appropriate updates as needed in your Termly Dashboard.


1.1 Who must comply?

The Colorado Privacy Act (CPA) requirements are applicable to controllers who conduct their business in Colorado or sell products — or services — to residents of Colorado and meet one or more of the following thresholds:

  • Processes or controls the personal data of more than 100,000 consumers annually

  • Derives revenue or receives discounts from the sale of personal data and controls or processes data of at least 25,000 consumers

1.2 Updating your Termly privacy policy to comply with Colorado’s CPA or Connecticut’s CTDPA

If you want your policy to be compliant with the CPA, log into your Termly Dashboard and follow these steps in the generator.

Note: These steps are similar to the ones you would take to update your privacy policy to comply with Connecticut’s data privacy law, the CTDPA.

Step 1

First, select Yes for the question, “Do you have users in the United States?”

See an example in the screenshot below.

Step 2

Next, specify if you have disclosed or sold/shared personal information to third parties if you have not already done so.

See a sample of this question in the screenshot below.

Step 3

Then select which US state privacy law you want your policy to cover, including the CPA.

See an example of this question in the screenshot below.

Step 4

Now you should complete the questions in the US Considerations section if you have not already done so.

Step 5

Next, provide an email address for appeals, in case your user wishes to appeal your business’s decision regarding a privacy request.

Note that this question is required to comply with several U.S. state data privacy laws, including the CPA, the CTDPA, and the VCDPA.

See an example of this question in the screenshot below.

Step 6

Finally, click PUBLISH to update your policy.

Looking for more help? Reach out to our customer support team.

Did this answer your question?