D&B, along with two of its subsidiaries, is officially registered as a data broker in multiple U.S. states, meaning these companies are legally recognized as businesses that collect and sell personal information about people, often without a direct relationship with those individuals.
This analysis describes what Dun & Bradstreet's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Data broker registration confirms that these entities may collect, aggregate, and license personal and professional information, and that state-specific rights and opt-out mechanisms apply, including under California's CPPA and Vermont's data broker law.
If you are a professional or business contact, your name, job title, employer, and contact details may be held and sold by D&B, Eyeota, or NetWise Data under data broker licensing arrangements. California and Vermont residents have specific statutory rights to opt out of or request deletion of data held by registered data brokers.
Cross-platform context
See how other platforms handle Multi-Entity Data Broker Registration and similar clauses.
Compare across platforms →Monitoring
Dun & Bradstreet has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Dun & Bradstreet, Inc. is registered as a data broker in the U.S. States of California, Oregon, and Vermont. Further, Dun & Bradstreet, Inc., the entity maintaining this website, is a data broker under Texas law. To conduct business in Texas, a data broker must register with the Texas Secretary of State (Texas SOS). Information about data broker registrations is available on the Texas SOS website. Eyeota Pte. Ltd is registered as a data broker in the U.S. State of California. NetWise Data, LLC is registered as a data broker in the U.S. States of California and Vermont.— Excerpt from Dun & Bradstreet's D&B Privacy Policy
REGULATORY LANDSCAPE: The explicit data broker registrations engage the California Consumer Privacy Act (CCPA) as amended by CPRA, enforced by the California Privacy Protection Agency (CPPA); Vermont's data broker statute (9 V.S.A. Chapter 62); Oregon's Consumer Privacy Act and data broker registration requirements; and Texas data broker registration requirements under the Texas Business & Commerce Code. The FTC retains authority over unfair or deceptive data practices at the federal level and enforces compliance with the EU-U.S. Data Privacy Framework for registered entities. GOVERNANCE EXPOSURE: High. The disclosure of three distinct legal entities (D&B Inc., Eyeota Pte. Ltd., NetWise Data LLC) each with separate state registration footprints creates significant compliance surface area. Each entity may be subject to distinct opt-out and deletion obligations under state law, and the scope of data shared between entities may require assessment under intercompany data transfer and affiliate sharing rules. JURISDICTION FLAGS: California creates the highest exposure given CPPA's active rulemaking and enforcement posture, including data broker deletion request mechanisms under the Delete Act (SB 362, effective 2026). Vermont and Oregon registrations also trigger opt-out obligations. Texas registration requires annual renewal with the Texas SOS. Non-U.S. operations of Eyeota Pte. Ltd. may engage GDPR and PDPA (Singapore) obligations not addressed in this document. CONTRACT AND VENDOR IMPLICATIONS: Organizations licensing data from any of these three entities should confirm which entity is the contractual counterparty and whether that entity's data broker registration scope aligns with the data fields being licensed. Procurement teams should assess whether data processing agreements with D&B, Eyeota, or NetWise address downstream use restrictions consistent with state data broker laws. COMPLIANCE CONSIDERATIONS: Compliance teams should map data flows between D&B Inc., Eyeota, and NetWise to determine whether intercompany transfers require separate data processing agreements. Teams operating in California should monitor CPPA's data broker deletion registry implementation timeline and assess readiness for deletion request fulfillment obligations under SB 362.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Data broker registration confirms that these entities may collect, aggregate, and license personal and professional information, and that state-specific rights and opt-out mechanisms apply, including under California's CPPA and Vermont's data broker law.
If you are a professional or business contact, your name, job title, employer, and contact details may be held and sold by D&B, Eyeota, or NetWise Data under data broker licensing arrangements. California and Vermont residents have specific statutory rights to opt out of or request deletion of data held by registered data brokers.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Dun & Bradstreet.