LAST UPDATED: FEB 11, 2019

Brave Browser Privacy Policy

Brave is a private browser

The Brave browser is designed to not know who you are, or what sites you visit. 

Our company does not store any record of people’s browsing history. We don’t write any personal data to the blockchain. The only way a user’s data is stored by Brave is if the user has switched on Rewards or Sync.

Read this document to understand how the Brave Browser uses data.

To learn how we use data to operate our websites, forums, and communications, visit the Website Privacy Policy. To learn how we use data for publishers and creators visit the Publisher Privacy Policy on the Basic Attention Token website.

In this policy “we”, “us”, etc. refers to Brave Software Inc, while “Brave” refers to the browser.

Security & updates

Brave automatically checks with us for updates. This ensures that you always have access to the latest security fixes. We count the number and type of these requests when we receive them to produce aggregate statistics. No particular person’s information can be identified in the statistics we produce.

You can also update to the latest version here.

Sync

If you switch on Sync then your bookmarks and passwords will be saved in an encrypted file on a cloud storage service, to which you will have the only decryption key. The data1 are entirely inaccessible to Brave and to the cloud storage provider. Learn how to switch on Sync here.
(Note that only Brave version 0.59 and above have the Sync feature. You can update to the latest version here.)

Brave Rewards

If you switch on Brave Rewards you are assigned a “wallet” identifier by Uphold, our payments partner. We record this identifier on servers operated by Amazon and Heroku (a Salesforce company) in the United States. These services are operated in the United States, and are certified under the EU-US Privacy Shield agreement, which provides safeguards intended to be equivalent to those provided in the EU.

Brave uses your wallet identifier to determine when to send you a monthly gift of attention tokens (BAT). You can disable this in Preferences or Settings.

Tip: you can quickly access settings by copying brave://rewards into your address bar. Learn how Brave Rewards works here.

Each time Brave sends users a monthly gift of BAT it makes a record of their IP addresses that can be analysed to safeguard against fraud. Brave checks to see whether we are currently offering tokens to Brave users. This request includes the identifier of your unique Rewards wallet. See data processing detail.

Even with Brave Rewards enabled, we never collect your browsing history or similar information, and we can’t derive this information from your contributions to content creators and sites. Instead, we aggregate contributions among all Brave users, and we cannot trace contributions to individual users, or link any of your contributions together.

If you verify ownership of your Brave Rewards wallet with Uphold, direct contributions you make will be processed by Uphold as part of your Uphold account. When you make a direct contribution, Brave sends all the details of that transaction to Uphold so that they can execute the transaction. This is subject to Uphold’s privacy policy.

Ads

If you switch on Brave Rewards and switch on ads (in Rewards settings) you will see ad notifications, and will receive BAT to reward you for viewing these ads. While the ads you see are based on your interests, which are inferred from your browsing, Brave Ads is private and anonymous. The data are stored on your device, and are entirely inaccessible to us. No personal data or browsing history ever leaves the Brave browser on your device.

Crash reports

When Brave crashes, it creates a report that can be sent to us to help us fix whatever caused the problem. This report contains technical information about your computer system which is typically distinctive. You can choose whether to send us these reports. Even if you have chosen to send reports in the past, you can turn off future reports in settings.

Privacy Preserving Product Analytics

The Browser sends us anonymous reports to alert us to product problems and necessary improvements. None of the information it reports harms your privacy. The report only describes general use of the Browser, such as a general range of how many extensions are installed, a general range of how many tabs are open, and whether features like Shields, Rewards, and Ads are switched on. See the full list of questions here. These reports are stripped of metadata, and aggregated with measurements reported by many other instances of Brave. The data are not personal, and cannot be combined to identify you. You can deactivate Privacy-Preserving Product Analytics in Settings.

Nightly, Dev, and Beta browser versions

Nightly, Dev, and Beta versions of the Brave Browser are experimental previews of new Brave Browser versions. They allow us to test new features so that we can find and fix errors before releasing a new version of the Brave Browser. These test versions of the Browser may automatically send crash reports to Brave so that we can identify and fix problems. A crash report can contain personal information. See data processing details.

How to switch this feature off.
You can switch off “Automatically send usage statistics and crash reports to Brave Software” in settings.

Tip: you can quickly access settings by copying brave://settings into your address bar.

These incomplete versions of Brave represent unfinished and untested work on future versions of Brave, and their incomplete behavior may not be adequately described by this policy. More information about the safety & reliability of pre-release versions of Brave can be found in our development documentation.

 

Detail of personal data processing

Brave Rewards
Purpose of processing Categories of personal data processed Legal basis of processing Duration of storage
To make and verify (including anti-fraud) Basic Attention Token contributions IP address at time of claiming a monthly grant of BAT tokens, and Wallet ID (this ID is not tied to what you browse or do because your browsing is kept anonymous by Brave). Necessary for the performance of a contract between us (and necessary for us to provide the requested service). The duration of the user’s account, plus 4 years in order to comply with US Internal Revenue Service requirements.
Browser testing and research (Nightly, Dev, and Beta versions only)
Purpose of processing Categories of personal data processed Legal basis of processing Duration of storage
To fix problems in the Brave Browser by acting on issues highlighted by crash reports from Beta and Dev versions of the Browser

Device model, iOS version, language, timezone, CPU architecture, carrier, connection status.
Optional: Crash log (crash logs will also be sent if you opted-in when activating iOS)
Optional: Comments and screenshots you share if you send feedback through TestFlight.

Our interest in testing the product and fixing problems. The data are used in a way that does not negatively affect your rights or interests. Apple retains the data for one year. Brave may retain some crash reports indefinitely, if useful for testing.

 

Help with privacy settings in Brave

You can find guides on how to change privacy settings in Brave in the Help Center..

Contacting Brave about your privacy

We are always interested in hearing and responding to questions and concerns at twitter.com/brave and at github.com/brave. More in-depth conversations can be had at community.brave.com.

You can contact our data protection officer, Dr Johnny Ryan, and the rest of our privacy team at privacy@brave.com. We are represented in Europe by Brave Software Europe Ltd.

You can ask to know what information we have about you, update incorrect information, delete it, object to our use of it, or get a copy of it. If you’re in the European Union, you also have the right to complain to your local data protection authority (though everyone should have this right).

We’ll update this policy whenever we make material changes to our practices, and we’ll announce it to let you know. We hope you’ll find any changes agreeable, but if you’re not comfortable with changes to the info we collect or how we use it, we understand your choice to stop using Brave. 


 

Notes 

  1. Data are personal if the data can single a person out (on their own or in combination with other data), without an unlikely degree of effort or expense or technological development. The GDPR definition of “personal data” includes any data that can indirectly contribute to singling out an individual, including unique IDs codes, certain types of IP addresses, and encrypted data that one can decrypt without disproportionate effort. But data that are entirely impossible to access are not personal.