California Delete Act · SB 362 · DROP
California data broker compliance.
Handled correctly.
Durable suppression, audit-grade deletion evidence, and on-time reporting for registered California data brokers. The Delete Act cycle, run on your premises, with no plaintext customer data handed to a new vendor.
The obligation
What the Delete Act requires of a registered broker.
Every 45 days, without exception
Pull the current deletion list from DROP each cycle. The platform serves the full opted-in universe once, then deltas only.
Erase the match, and instruct your processors
Delete non-exempt data for every matched consumer, and direct service providers and contractors to do the same. The instruction has to be on the record.
Keep them deleted, into the future
Retain every deletion list and re-match all of them each cycle, so a person who reappears through a new feed is caught and removed again.
Submit determinations, and hold the evidence
Report a status for each request, on time. From 2028, an independent auditor reviews the record, so the proof you keep today is what stands then.
Exposure for non-compliance: $200 per request, per day.
What we operate
The durable part of compliance. The part that has to survive an audit.
The cycle itself is specified work. The value is what remains after it: a record that holds, and evidence a third party can verify without taking your word for it.
Evidence that can be verified, not asserted
Every determination is recorded and hash-chained, so any edit to an old entry breaks the chain. The chain head is anchored to a neutral outside authority that cannot be backdated, and the verifier reports the grade of that proof every time — so what you hand an auditor in 2028 means the same thing to them as it does to you. See how the evidence works.
Suppression that becomes your system of record
DROP serves the full deletion universe only once. Lethe holds it, re-applies it every cycle, and flags reappearances by source, so you can fix the feed that keeps leaking instead of re-deleting forever.
Every statutory clock, tracked
Retrieval cadence, processing window, perpetual re-sweep, registration renewal, and audit date. Each one tracked, so no cycle is missed by oversight.
Your data never leaves your control
Your records are normalized and hashed on your own premises — only the hashes ever leave, and Lethe matches hashes against hashes, never plaintext. In the on-premise tier, nothing leaves your network at all. Read the data-handling model.
The cycle
Six steps, run the same way every time.
Retrieve
Pull the current deletion list from DROP each cycle, on cadence.
Match
Standardize and hash your records to spec; resolve exact matches.
Delete
Produce the worklist to erase, with processor-direction recorded.
Suppress
Add matches to the durable record; re-apply and flag reappearances.
Report
Submit a status for each request in the right format, before the window closes.
Prove
Anchor the cycle's record externally and assemble the audit package.
Our position
Compliance is not a technology problem. It is a trust problem. We operate the space between the regulation and its correct execution, on the record, and without drama.
If the cycle is on your desk, start by seeing where you stand.
A readiness assessment maps your scope, your exposure, and your gaps in about a week. Documented, and yours to keep.