At Bright Data, data privacy is at the core of everything we do. As a global leader in data services, we are committed to protecting the personal information entrusted to us by our users. We deliver clean, compliant, and ethically sourced data while maintaining strict privacy standards. Operating on an international scale, we continuously adapt to evolving privacy regulations such as the European Union’s General Data Protection Regulation (GDPR) and California's Consumer Privacy Act (CCPA).
This Privacy Policy outlines how we collect, use, share, and protect personal data. It applies both to users of our services and individuals whose personal data we may process during the course of our business operations. If you are a California resident, a specific section addressing your rights under the CCPA is included at the end of this document.
1. Who We Are
Bright Data (“we,” “our,” or “us”) operates the website brightdata.com, the Bright Data Software, the Bright Data SDK, and all associated services, features, and content (collectively referred to as the “Services”). This Privacy Policy is designed to inform users about our data practices and help you make an informed decision about using our Services.
By accessing our Services or providing information to us, you agree to the terms outlined in this Privacy Policy and consent to the collection, use, and processing of your data as described herein.
2. Information We Collect
We may collect the following types of data from users:
Non-Personal Information:
This includes anonymous data that does not identify you, such as browser type, pages visited, time spent on pages, and usage timestamps.
Personal Information:
This refers to identifiable data such as:
Full name and email address
IP address
Billing and payment details
Government-issued identification (e.g., ID, passport)
Office or home address
Social media account data (if login is done via third-party platforms)
Audio or video recordings (for compliance or support)
We may also access your social network information (e.g., name, address, email, friends list, and profile photo) when you use third-party sign-in options.
Publicly Available Data:
We may collect basic public information such as name, email, and job title from publicly available online sources.
If we ever link anonymous data to identifiable data, we will treat the combination as personal data.
3. Legal Basis for Processing
We process personal data:
To fulfill our contractual obligations to users
To comply with legal requirements
To serve our legitimate business interests, where such interests do not override your rights
4. How We Use Personal Data
The information we collect may be used for the following purposes:
Account registration and user authentication
Providing customer support
Sending updates, service notifications, or marketing communications
Performing statistical and analytical research to enhance our Services
Complying with internal policies and legal regulations
5. Sharing of Information
We do not sell or rent your personal data. We may share certain categories of data with:
Trusted third-party service providers for storage, analytics, or technical support
Subsidiaries or affiliated companies to assist with service delivery
Law enforcement or legal entities when required by law or for fraud prevention
Other users, but not your IP address directly, unless made visible through technical use (e.g., proxy services)
6. Data Transfers Outside the EEA
Bright Data is based in Israel. If your data is transferred outside the European Economic Area (EEA), it will only be done under conditions that ensure an adequate level of data protection, such as contractual safeguards or approved legal mechanisms.
7. Data Security
We implement industry-standard security measures to prevent unauthorized access, misuse, or data leakage. Our team follows strict confidentiality guidelines. Although no system can guarantee absolute security, we are proactive in monitoring and mitigating risks. If you suspect a security issue, please notify us immediately for prompt investigation.
8. Your Rights and Choices
You have the right to:
Access and review your personal data
Receive a copy of your personal data in a portable format
Correct inaccurate data
Request deletion of your data
Object to data processing
Restrict certain processing activities
Please note that some of these rights may be limited by legal or operational requirements. To exercise any of your rights, contact us at: [email protected].
9. Data Retention
We retain your personal data only as long as necessary to provide our Services, meet legal obligations, resolve disputes, and enforce agreements. Retention durations are determined by the nature of the data and applicable requirements.
We reserve the right to update or correct data when needed, including the removal of outdated or incomplete information.
10. External Disclosures and Limitations
Our Privacy Policy applies only to Bright Data. If you share personal information on other websites or with third parties, those entities may have different privacy practices. Always review the terms and privacy statements of external sites.
11. Change of Ownership
If Bright Data undergoes a merger, acquisition, or sale, we may transfer all collected data, including User and Public Data, to the acquiring entity. In cases of insolvency or bankruptcy, data transfer may also occur under legal or court directives.
12. Updates to This Policy
We may revise this Privacy Policy periodically. Updates will be reflected in the “Last Updated” date. Your continued use of our Services after any modifications implies acceptance of the updated policy.
13. Contact Information
If you have concerns regarding your privacy or suspect a violation of this policy, please reach out to us at: [email protected]. Our appointed Privacy Officer will promptly investigate.
For GDPR-related matters, you may also contact our appointed representatives:
EU Representative:
European Data Protection Office (EDPO), Avenue Huart Hamoir 71, 1030 Brussels, Belgium
UK Representative:
EDPO UK Ltd, 8 Northumberland Avenue, London WC2N 5BY, United Kingdom
Privacy Notice for California Residents (CCPA)
Under the California Consumer Privacy Act (CCPA), California residents have additional rights regarding their personal information.
Categories of Personal Information Collected:
Identifiers (name, IP, email, device identifiers)
Customer records (address, telephone number, payment data)
Commercial information (user feedback)
Internet activity (website usage data)
Geolocation (device-based location)
Employment-related data (job history)
Sources of Collection:
Direct interactions with our Services
Publicly available sources
Operating systems and devices
Disclosure Practices: In the past 12 months, we disclosed data to:
Cloud storage providers
Analytics partners
Affiliated companies
Sale of Personal Data: We may have sold identifiers to third parties for commercial purposes within the last 12 months.