What are the institutional and regulatory implications of this document?

REGULATORY LANDSCAPE: This document engages multiple overlapping frameworks including CCPA and CPPA enforcement (California data broker registration is confirmed for D&B, Inc., Eyeota Pte. Ltd., and NetWise Data, LLC), GDPR and the EU-U.S. Data Privacy Framework (2023), the Swiss-U.S. Data Privacy Framework (2023), the UK extension to the EU-U.S. DPF (2023), APEC CBPR, and ISO 27701 PIMS certification. The FTC is the primary U.S. enforcement authority for data broker practices and cross-border …

How does Dun & Bradstreet's D&B Privacy Policy affect users?

The policy establishes that D&B maintains professional and business data on individuals—including name, job title, employer, and contact information—derived from public sources and third-party data sources, and permits D&B to license this information to business customers. Individuals may submit data subject rights requests through the TrustArc portal at https://submit-irm.trustarc.eu/services/validation/ba81b98f-997d-4216-b4cc-d64cf261b082 to access, correct, or request deletion of records D&B…

How often is Dun & Bradstreet's D&B Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Dun & Bradstreet updates this document?

Yes. Monitor subscribers ($19/month) can add Dun & Bradstreet to their watchlist and receive same-day email alerts whenever this document or any other Dun & Bradstreet document changes.

CA-D-000722

D&B Privacy Policy

Dun & Bradstreet

Last change detected June 6, 2026 Privacy policy

SHA-256: d82a8e1f37eddf251fb… 4 versions captured 3 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Dun & Bradstreet ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

7 Total

0 High severity

5 Medium severity

2 Low severity

Summary

This document is Dun & Bradstreet's privacy policy describing its collection, processing, and sharing of business and professional data. D&B is registered as a data broker in California, Oregon, Vermont, and Texas, and the policy establishes procedures for data collection from public sources, business records, and third-party providers. The policy authorizes D&B to license professional contact information, business role data, and associated analytics to third parties, and establishes a data subject rights portal through which individuals may submit requests for access, correction, or deletion of their records.

Technical / Legal Breakdown

This document is D&B's 'Privacy, Data and AI Transparency Statement' landing page, governing the company's data processing disclosures for Dun & Bradstreet entities operating in the U.S. and globally, grounded in its stated values of accountability, transparency, and responsible data stewardship. The statement asserts that D&B processes data on 600M+ organizations worldwide, aggregates and generates data including scores, ratings, and analytics, and commits to respecting individual data subject rights through a TrustArc-hosted rights request portal. Notably, the document discloses that D&B, Inc., Eyeota Pte. Ltd., and NetWise Data, LLC are each registered as data brokers in multiple U.S. states including California, Oregon, Vermont, and Texas, which is operationally distinct from standard enterprise software or SaaS privacy disclosures and places D&B squarely within data broker regulatory regimes. The document engages GDPR, CCPA and its CPPA enforcement regime, the EU-U.S. Data Privacy Framework, Swiss-U.S. Data Privacy Framework, UK extension thereof, APEC CBPR, ISO 27701 (PIMS), and ISO 27001 (ISMS), with certifications including TRUSTe Responsible AI (2024) and Global CBPR (2025); compliance obligations under these frameworks vary significantly by jurisdiction and entity. Material compliance considerations include the multi-entity data broker registration structure across subsidiaries, the scope of AI system use disclosed on linked sub-pages, and the adequacy of data subject rights mechanisms for individuals who may not know their data is held by D&B.

Institutional Analysis

Institutional analysis available with Compliance

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.

Start Compliance free trial

3 important changes detected

4 versions captured · Last updated: June 2026

June 6, 2026

low

What changed Dun & Bradstreet removed 7 sentences from their privacy policy that previously explained cookie preferences, chat functionality, and links to their Cookie Policy. The removed language included options to accept all cookies, select required-only cookies, or manage choices, as well as instructions for enabling chat features. The policy no longer contains this introductory cookie disclosure or navigation guidance at the point where users would typically encounter privacy choices.

Why this matters The updated policy no longer includes the introductory explanation of how cookies are used on Dun & Bradstreet's website or instructions for managing cookie preferences through 'Agree and Proceed', 'Required Only', or 'Manage Choices' options. The language describing chat functionality and how to enable related cookies has also been removed. The policy now directs users to separate Cookie Policy documentation for detailed information, rather than providing initial guidance inline.

View full change record →

June 4, 2026

low

What changed Dun & Bradstreet's privacy policy was updated on June 4, 2026 to add new language requiring users to enable Chat Cookies before using chat functionality. The updated policy now states: 'Enabling and using chat functionality requires accepting Chat Cookies. You can do so by clicking Enable Chat Cookies below or by managing your cookie preferences.' Previously, this requirement was not explicitly stated. The change establishes a cookie consent gate for chat access.

Why this matters The updated policy establishes a cookie consent requirement for chat functionality. Users must either click 'Enable Chat Cookies' or manage cookie preferences to use Dun & Bradstreet's chat feature. This reflects a standard consent gate for non-essential cookies and aligns with common privacy practice. You can control chat cookie settings by clicking 'Enable Chat Cookies' or accessing cookie preference controls.

View full change record →

May 13, 2026 low

Dun & Bradstreet removed the phrase 'Let Our Unparalleled Data Power Your AI Workflows Learn More' from their D&B Privacy Policy on May 13, 2026. This was a single-sentence removal …

View change record →

Recent Provision Changes Jun 6, 2026

7 provisions unchanged.

View full change record →

Medium — 5 provisions

Multi-Entity Data Broker Registration Compare →

D&B, along with two of its subsidiaries, is officially registered as a data broker in multiple U.S. states, meaning these companies are legally recognized as businesses that collect and sell personal information about people, often without a direct relationship with those individuals.

Added May 10, 2026 Standard Seen across 284 platforms
Individual Data Subject Rights Portal Compare →

D&B provides a web-based portal where individuals can submit requests to access, correct, or delete their personal data held by D&B entities, covering both personal and professional data.

Added May 10, 2026 Standard Seen across 284 platforms
AI Systems Use and TRUSTe Responsible AI Certification Compare →

D&B uses AI systems to generate scores, ratings, and analytics about businesses and individuals, and has obtained a third-party certification (TRUSTe Responsible AI) attesting to responsible AI practices as of 2024.

Added May 10, 2026 Standard Seen across 284 platforms
Cross-Border Data Transfer Framework Certifications Compare →

D&B has obtained certifications under multiple international data transfer frameworks, including the current EU-U.S. Data Privacy Framework, meaning personal data can flow from the EU, UK, and Switzerland to D&B's U.S. operations under these recognized legal mechanisms.

Added May 10, 2026 Standard Seen across 284 platforms
Data Processing Scope and D&B Data Cloud Compare →

D&B processes a wide range of data types including personal data about individuals in their professional capacity, covering businesses, economic activity, sustainability, and legal events, at a scale of over 600 million organizations globally.

Added May 10, 2026 Standard Seen across 284 platforms

Low — 2 provisions

ISO 27701 and ISO 27001 Certification Commitment Compare →

D&B has had its privacy and information security management systems independently audited against ISO 27701 and ISO 27001 standards in applicable markets, providing third-party assurance of its data governance controls.

Added May 10, 2026 Standard Seen across 284 platforms
Contact and Complaint Escalation Rights Compare →

Individuals can contact D&B's compliance team by email or via a helpline, and retain the right to escalate complaints directly to their local data protection authority if they are unsatisfied with D&B's response.

Added May 7, 2026 Standard Seen across 284 platforms

Monitoring

Dun & Bradstreet has updated this document before.

Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →

Compliance Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Compliance free trial

Cross-platform context

See how other platforms handle AI Systems Use and TRUSTe AI Certification and similar clauses.

Compare across platforms →

Archival ProvenanceSource & Archival Record

Last Captured June 6, 2026 11:12 UTC

Capture Method Automated scheduled archival capture

Document ID CA-D-000722

Version ID CA-V-003512

Source URL https://www.dnb.com/utility-pages/privacy-policy.html

Wayback Machine View external archival references →

SHA-256 d82a8e1f37eddf251fb6028704e815d4cca10e587404a1358d277b92dddc74d2

✓ Snapshot stored ✓ Text extracted ✓ Change verified ✓ Hash verified

D&B Privacy Policy

June 6, 2026

June 4, 2026

Recent Provision Changes Jun 6, 2026

Monitor governance changes across the platforms you rely on.