DCA Privacy Policy

The California Department of Consumer Affairs is committed to the free flow of information that can help consumers make good marketplace decisions. The Department is also committed to promoting and protecting the privacy rights of individuals, as enumerated in Article 1 of the California Constitution, the Information Practices Act of 1977, and other state and federal statutes.

It is the policy of the Department of Consumer Affairs and its constituent agencies to limit the collection and safeguard the privacy of personal information collected or maintained by the Department or by any of its constituent agencies. The Department's information management practices are consistent with the Information Practices Act (Civil Code Section 1798 et seq.), the Public Records Act (Government Code Section 7920 et seq.), Government Code Sections 11015.5 and 11019.9, and with other applicable laws pertaining to information privacy.

The Department follows these principles in collecting and managing personal information:

  • We collect personal information on individuals only as allowed by law. We limit the collection of personal information to what is relevant and necessary to accomplish a lawful purpose of the Department. For example, we need to know someone's address, telephone number and social security number, among other things, to properly identify the person before issuing a professional license. Personal information, as defined in the Information Practices Act, is information that identifies or describes an individual including, name, social security number, physical description, home address, home telephone number, education, financial matters, and medical or employment history. Collected personal information will not be disclosed, made available, or otherwise used for purposes other than those specified in this policy, except with the consent of the subject of the data, or as authorized by law or regulation. We will not distribute or sell any electronically collected personal information (as defined in Government Code Sections 11015.5) about users to any third party without the user's written consent, or as otherwise permitted by law.
  • We do not collect home, business or e-mail addresses, or account information from persons who simply browse our Internet Web sites. The information that we automatically collect includes your domain name or Internet Protocol address, the type of browser and operating system you used, date and time you visited the site, Web pages you visited, and any forms you downloaded. Upon visiting our website, a small piece of information called a cookie can be sent to your computer. The main purpose of a cookie is to identify and customize webpages for you. DCA uses Google Analytics tracking cookies for statistical purposes to determine how useful our information is to you. You can choose not to have your data used by Google Analytics by downloading their opt-out browser add-on. Selecting to opt out will not interfere with your ability to use our website. On our website, a cookie will be placed on your computer that automatically records the following information:
  • Date and time of visit to the DCA website
  • Name and version of your web browser used to access the DCA website
  • Computer Internet Protocol address
  • Web pages requested
  • Referring website or social media platform
  • Forms or documents that you downloaded

    You can prevent cookies from being placed on your computer by accessing your browser's preferences menu and deleting existing cookies. There also are commercial programs available to help you manage cookies. Before taking such steps, you should be aware that some websites may not work properly if you choose to block the placement of cookies on your computer. You will need to decide whether enabling cookies outweighs privacy concerns.

    We collect personal information about you through our Web site only if you provide it to us voluntarily through e-mail, registration forms, surveys, or other similar means.
  • We tell people who provide personal information to the Department the purpose for which the information is collected. We tell persons who are asked to provide personal information about the general uses that we will make of that information. We do this at the time of collection. With each request for personal information, we provide information on the authority under which the request is made, the principal uses we make of the information and the possible disclosures we are obligated to make to other government agencies and to the public.
  • We tell people who provide personal information about their opportunity to review that information. The Department allows individuals who provide personal information to review the information and contest its accuracy or completeness. Individuals have the right to have any electronically collected personal information (as defined in Government Code Sections 11015.5) deleted without reuse or distribution. To request deletion of your personal data, please contact the Privacy Office at the contact information provided below.
  • We use personal information only for the specified purposes, or purposes consistent with those purposes, unless we get the consent of the subject of the information, or unless otherwise permitted or required by law or regulation. The Public Records Act exists to ensure that government is open, and that the public has a right to have access to appropriate records and information possessed by state government. At the same time, there are exceptions in both state and federal law to the public's right to access public records. These exceptions serve various needs including maintaining the privacy of individuals. In the event of a conflict between this Policy and the Public Records Act, the Information Practices Act or other law governing the disclosure of records, the applicable law will control. Electronically collected personal information (as defined in Government Code sections 11015.5), is exempt from requests made under the Public Records Act.
  • We use information security safeguards. We take reasonable precautions to protect the personal information on individuals collected or maintained by the Department against loss, unauthorized access, and illegal use or disclosure. On our Web sites, we protect the security your personal information during transmission by using Secure Sockets Layer (SSL) software, which encrypts the information you type in. Personal information is stored in secure locations. Our staff is trained on procedures for the release of information, and access to personal information is limited to those staff whose work requires it. Confidential information is destroyed according to the Department's records retention schedule. The Department conducts periodic audits to ensure that proper information management policies and procedures are being followed.

    By providing your mobile number, you consent to receive SMS messages from the DCA regarding services that may be of interest. Message frequency may vary. Reply STOP to opt out at any time. Message and data rates may apply. We do not share mobile information with third parties for their marketing purposes.

We will provide additional explanations of our privacy policy if requested.

Send inquiries about your personal information collected by DCA, or request correction or deletion of electronically collected personal information, to the DCA Privacy Office, at 1625 N. Market Blvd. Sacramento, CA 95834 via USPS or via contact form here or via phone at 916-574-8270.

  • Policy Effective Date: 7/27/2025
  • Policy Last Reviewed: 6/25/2025
  • Policy Last Revised: 6/25/2025