By submitting any personal information on D&B's website, you are consenting to that information being transferred to other countries for processing as part of D&B's normal business operations.
This analysis describes what Dun & Bradstreet's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
For EU and UK users, international data transfers are subject to strict legal requirements under GDPR, and a general website consent embedded in terms of use may not constitute a sufficient legal basis for such transfers under applicable law.
Interpretive note: Whether this consent mechanism satisfies GDPR Chapter V transfer requirements depends on supervisory authority interpretation and whether D&B relies on additional safeguards documented in its Privacy Policy; the document does not specify those safeguards.
The updated Terms of Use no longer include explicit language describing cookie preferences, consent options (Agree and Proceed, Required Only, Manage Choices), or chat functionality data collection requirements. Previously, the document stated that users could manage cookies or enable chat functionality through specific settings. This removal means users navigating the website will not find these disclosures in the Terms of Use itself, though cookie and chat functionality may continue to operate according to the Cookie Policy, which remains referenced separately.
View change record →Personal information you provide on D&B's site may be transferred internationally, and by using the site you are treated as having consented to this; EU and UK residents in particular should be aware that their data protection rights may provide additional protections beyond what these terms describe.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
We use information to enhance the quality, reliability, and/or accuracy of our AI Features by creating, developing, training, testing, improving, and maintaining AI and ML models run by Strava or our service providers. We use aggregated, de-identified data for this purpose. We also use personal info...
Your personal information may be transferred to, stored, and processed in the United States or other countries outside of your country of residence, which may have data protection laws that are different from those in your country.
Monitoring
Dun & Bradstreet has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"You acknowledge and agree that by providing Dun & Bradstreet with any personal or proprietary information through the Dun & Bradstreet Site, you consent to the lawful transmission of such personal or proprietary information over international borders as necessary for processing in accordance with Dun & Bradstreet's standard business practices and the Dun & Bradstreet Privacy Policy.— Excerpt from Dun & Bradstreet's D&B Terms of Use
REGULATORY LANDSCAPE: This provision directly engages GDPR Chapter V (Articles 44-49), which restricts international transfers of personal data from the EU/EEA to third countries absent an adequacy decision, appropriate safeguards such as Standard Contractual Clauses, or a valid derogation. Consent under GDPR Article 49(1)(a) as a transfer derogation is subject to strict conditions including that it be freely given, specific, informed, and unambiguous; embedding transfer consent in website terms of use may not satisfy these requirements under guidance from the European Data Protection Board. The UK GDPR imposes equivalent restrictions through the UK International Data Transfer Agreement framework, and the ICO is the relevant enforcement authority for UK transfers. GOVERNANCE EXPOSURE: High for EU and UK operations. The consent mechanism used here, which is a general acknowledgment embedded in terms of use, is likely insufficient as a standalone GDPR transfer mechanism under current supervisory authority guidance. D&B would need to demonstrate reliance on an appropriate safeguard such as Standard Contractual Clauses or Binding Corporate Rules for routine processing, with consent serving only as a supplementary or fallback basis in limited circumstances. JURISDICTION FLAGS: EU and EEA users face the highest exposure, as GDPR Chapter V transfer restrictions apply. UK users are subject to equivalent requirements under UK GDPR. California residents may have rights under CCPA regarding the sharing of personal information with entities in other jurisdictions, though CCPA does not impose transfer-specific restrictions comparable to GDPR. CONTRACT AND VENDOR IMPLICATIONS: Enterprise customers operating in the EU or UK should assess whether their use of D&B's website, separate from formal product agreements, triggers independent data transfer obligations that require documentation of appropriate safeguards. Data processing agreements or transfer impact assessments may be required for B2B relationships where employee personal data is involved. COMPLIANCE CONSIDERATIONS: Legal teams should evaluate whether D&B's Privacy Policy, referenced in this clause, provides the additional safeguard documentation required under GDPR and UK GDPR for international transfers, and whether the website consent mechanism should be supplemented by a more specific transfer disclosure or mechanism at the point of data collection.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
For EU and UK users, international data transfers are subject to strict legal requirements under GDPR, and a general website consent embedded in terms of use may not constitute a sufficient legal basis for such transfers under applicable law.
Personal information you provide on D&B's site may be transferred internationally, and by using the site you are treated as having consented to this; EU and UK residents in particular should be aware that their data protection rights may provide additional protections beyond what these terms describe.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Dun & Bradstreet.