Disclaimer & Methodology

We believe privacy should be transparent. That starts with being transparent about how we work, what we can and can't do, and how companies can take control of their profile.

Why PrivacyFetch Exists

PrivacyFetch was built to make corporate data practices visible and comparable. Privacy policies are long, complex, and written in legal language that most people don't read. We believe everyone — consumers, businesses, and developers — deserves a clear, structured view of how companies handle personal data.

Our goal is transparency, not judgment. We don't aim to harm any company's reputation. We aim to surface factual information from public sources so people can make informed decisions about the services they use.

What We Analyze

Every piece of data on PrivacyFetch comes from publicly available sources:

  • Privacy policies, terms of service, and cookie policies — the documents companies publish on their websites for anyone to read.
  • Website behavior — trackers, cookies, and third-party scripts that run when you visit a company's website. This is observable by any visitor.
  • Public breach records — publicly reported data breaches from established breach notification databases.

We do not access private systems, internal documents, or non-public data. We analyze exactly what any user would see when visiting a company's website and reading their policies.

AI Limitations

A significant part of our analysis is powered by AI (large language models). While AI enables us to process thousands of policies at scale, it has real limitations:

  • AI can misinterpret language. Legal text is often ambiguous by design. A model may read a clause differently than a human lawyer would.
  • AI can miss context. If a privacy practice is described across multiple documents or requires domain-specific knowledge, the model may not connect the dots.
  • AI can produce false positives or negatives. A company might be flagged for something it doesn't actually do, or a genuine concern might not be detected.
  • Policy language changes. Our analysis is a point-in-time snapshot. If a company updates their policy after our last crawl, our data may be outdated.

We work hard to minimize these errors through multi-pass extraction, evidence-based scoring (every signal is backed by a direct quote from the policy), and continuous improvement of our models. But no automated system is perfect.

Not Legal Advice

PrivacyFetch scores and analyses are informational only. They are not a legal compliance assessment, a certification, or a substitute for professional legal advice.

A high score does not mean a company is fully compliant with any specific regulation (GDPR, CCPA, or otherwise). A low score does not mean a company is violating the law. Privacy compliance depends on many factors that cannot be assessed from public documents alone.

If you need to evaluate regulatory compliance, consult a qualified legal professional.

For Companies

If your company is listed on PrivacyFetch, we want you to know: we're here to help, not to harm. We understand that privacy practices are complex and evolving, and that a single score can't capture every nuance.

Here's what you can do:

  • Claim your profile. Verify ownership of your company's domain and get access to a dashboard where you can monitor your score, review the signals we detected, and understand what's driving your assessment.
  • Submit corrections. If our analysis got something wrong — a misclassified signal, an outdated URL, or an incorrect data point — you can submit a correction request directly from your dashboard. Our team reviews every submission.
  • Update your policy URLs. If we're analyzing the wrong document or missing a policy altogether, you can set the correct URLs and request a re-crawl.
  • Request a re-analysis. After you've updated your policies, you can trigger a fresh analysis to see how your changes affect your score.
  • Manage your vendors. Review the subprocessors we detected, confirm or reject them, and add any we missed.

We believe companies that care about privacy should have the tools to demonstrate it. That's why we built the claiming and correction system — so you're never stuck with an assessment you can't respond to.

Independence

PrivacyFetch operates independently. Our scores are not influenced by commercial relationships, advertising agreements, or payments from the companies we analyze.

Companies can claim their profile and use our dashboard tools, but these features do not affect their score. Scores are calculated algorithmically from the same set of public signals for every company, regardless of whether they have a paid subscription, a free account, or no account at all.

Continuous Improvement

We're committed to improving the accuracy and coverage of our analysis over time. This includes:

  • Refining our AI extraction models to reduce false positives and negatives.
  • Adding new signal types as privacy practices evolve.
  • Expanding our company directory to cover more of the services people use daily.
  • Incorporating feedback from companies who claim their profiles and report inaccuracies.

If you notice something that doesn't look right — whether you're a user, a researcher, or a company representative — please let us know at support@privacyfetch.com. We take every report seriously.

Contact

For questions about our methodology, to report an error, or to discuss your company's profile:

  • Email: support@privacyfetch.com
  • Company claims: Visit any company profile and click "Claim this company"
  • Corrections: Log in to your dashboard and use the Corrections tab