While the CPRA deferred a majority of the CCPA’s employee-related substantive requirements until Jan. 1, 2023, employers are still required to provide employees with a notice at collection. As a result, since Jan. 1, 2020, a notice at collection, which must be provided “at or before the point at which” the collection of information occurs, was required to include the following information:
- A list of the categories of personal information that will be collected;
- The business or commercial purpose for which the information is being collected;
- Information on how to opt out of the sale of personal information (if information is being sold); and
- Information on how to find the company’s complete privacy notice.
After Jan. 1, 2023, the CPRA will expand the information required to be included in a notice of collection to include the following:
- Whether that information is “sold or shared”; and
- The “length of time” that the business intends to retain each category of personal information.
 Cal. Civ. Code 1798.145(m)(3).
 CCPA Reg. Section 999.301(l). See also CCPA 1798.100(b) (Oct. 2020).
 CCPA Reg. 999.305(b)(1)-(4).
 Cal. Civ. Code 1798.100(a)(1).
 Cal. Civ. Code 1798.100(a)(3).