LAST UPDATED December 9, 2020

Brave Browser Privacy Policy

Our company does not store any record of people’s browsing history. We don’t write any personal data to the blockchain. The only way a user’s data is stored by Brave is if the user has switched on Rewards or Sync.

Read this document to understand how the Brave Browser uses data.

To learn how we use data to operate our websites, forums, and communications, visit the Website Privacy Policy. To learn how we use data for publishers and creators visit the Publisher Privacy Policy on the Basic Attention Token website.

In this policy “we”, “us”, etc. refers to Brave Software Inc, while “Brave” refers to the browser.

Security & updates

Brave automatically checks with us for updates. This ensures that you always have access to the latest security fixes. We count the number and type of these requests when we receive them to produce aggregate statistics. No particular person’s information can be identified in the statistics we produce.

You can also update to the latest version here.

Sync

If you switch on Sync then your bookmarks (and soon passwords and other data) will be saved in an encrypted file on a cloud storage service, to which you will have the only decryption key. The data1 are entirely inaccessible to Brave and to the cloud storage provider. Learn how to switch on Sync here. (Note that only Brave version 0.59 and above have the Sync feature. You can update to the latest version here.)

Location

If you use Brave to visit a website that wants to determine your location, you will be asked whether you want it to be allowed to know where you are. If you click yes to this message, then the website will be sent an approximation of where you are based on your IP address. Your IP address will not be stored by Brave, but it may be stored by the website you have visited. See data processing detail.

Brave Rewards

If you switch on Brave Rewards you are assigned a “wallet” identifier by Uphold, our payments partner. We record this identifier on servers operated by Amazon and Heroku (a Salesforce company) in the United States. We take a range of technical and organisational measures to safeguard any personal data including the use of EU standard contractual clauses.

Brave uses your wallet identifier to determine when to send you a monthly gift of attention tokens (BAT). You can disable this in Preferences or Settings.

Tip: you can quickly access settings by copying brave://rewards into your address bar. Learn how Brave Rewards works here.

Each time Brave sends users a monthly gift of BAT it makes a record of their IP addresses that can be analysed to safeguard against fraud. Brave checks to see whether we are currently offering tokens to Brave users. This request includes the identifier of your unique Rewards wallet. See data processing detail.

Even with Brave Rewards enabled, we never collect your browsing history or similar information, and we can’t derive this information from your contributions to content creators and sites. Instead, we aggregate contributions among all Brave users, and we cannot trace contributions to individual users, or link any of your contributions together.

If you verify ownership of your Brave Rewards wallet with Uphold, direct contributions you make will be processed by Uphold as part of your Uphold account. When you make a direct contribution, Brave sends all the details of that transaction to Uphold so that they can execute the transaction. This is subject to Uphold’s privacy policy.

Ads

If you switch on Brave Rewards we automatically enable Brave Ads. This means you will receive ads in the form of notifications and in-browser sponsored content, and Basic Attention Tokens to reward you for viewing those ads. While the categories of ads that you see and when you see them are inferred from your browsing activity, the data are stored on your device and are inaccessible to us. We will receive anonymized confirmations for ads that you have viewed, but no data that identifies you or that can be linked to you as an individual leaves the Brave browser on your device. You can disable Ads by visiting Settings > Brave Rewards > Ads and turning off the Ads default.

In the cases where we collect high-level statistics relating to web activity data (e.g. what are the estimated amount of ads that can be served to different content categories that users encounter as they browse the web) we use proven privacy mechanisms like local differential privacy that guarantee that no information about individual users will ever be revealed to us. Read more about how we achieve this with Privacy Preserving Product Analytics and Private Advertising Analytics. To read more about Brave Ads and privacy have a look at our FAQ.

Brave News

Brave News is a private, ad-supported content news reader integrated into the Brave browser. It provides news content, Brave offers, display advertising, and promoted content. While news content is informed by your recent browsing activity, Brave News remains private and anonymous.

Display advertising and promoted content is delivered to all browsers within a given country that have turned on and enabled Brave News. If you also enable Brave Ads, advertising will be presented based on your interests, as inferred from your browsing behaviour.

When you turn on Brave News, a number of content sources are automatically defaulted to “on” for every browser. You can view, enable, or disable defaults for these content sources. To do so:

  1. Open Brave News.
  2. Click “Settings.”
  3. Select “All Sources” or select individual categories of content (e.g. “Top News” or “Entertainment”), and choose which sources you would prefer to see.

You can also add your own RSS sources.

No personal data, behaviour activity or browsing history ever leaves the Brave browser on your device. Your Brave News sessions are not logged or saved by Brave.

To protect your privacy, content for the Brave News feed is collected securely by your device through a private and encrypted proxy method. The proxy removes and does not retain IP addresses before passing the encrypted request to the private content server, which then sends the encrypted reply back to the browser via the proxy. The feed is temporarily stored on your device, and it is replaced upon starting or refreshing your Brave News session.

Please note: The RSS feed content you add is collected directly from the feed source and not proxied by Brave. The Brave browser fetches it without ever hitting Brave servers, and Brave never knows anything about your chosen RSS feeds.

Brave Talk

Brave Talk is a private video and/or audio conference tool. What you say or type in the service is not logged or saved. Who you talk to, when, and how, is private to you. See data processing detail.

Please note that Brave uses the 8x8 communications platform, and software (API) capabilities of 8x8 (based on the Jitsi Open Source video conferencing software) to help deliver Brave Talk. 8x8 provides a service on behalf of Brave, and we remain responsible for Brave Talk.

What information does Brave Talk process?

We process the minimum information necessary to provide the Brave Talk service. This includes:

While communications are encrypted between the Brave browser and Brave Talk servers via transport layer encryption, they are not encrypted on the server during a call, unless you enable Video Bridge Encryption (VBE). Additional security options are available to you in the settings menu once you initiate a call. These include:

Please note that if you upgrade to the Brave Talk Premium plan, Brave will require an email address to initially create a premium account, and subsequently to manage your access to the account using anonymous credentials. We use the third-party payment provider Stripe to process payments for premium subscriptions. Stripe will process your email address, name, and payment card data for the purpose of managing your subscription payments only. Brave does not receive nor have access to your payment method details supplied to Stripe, and we cannot associate an account email address or payment details with your communications on Brave Talk.

To avoid scams: For the avoidance of phishing attacks, note that we at Brave will never contact Brave Browser users in a Brave Talk call.

Brave Firewall + VPN on iOS

Users of Brave on iOS can switch on Brave Firewall + VPN. This is operated on Brave’s behalf by Guardian. See data processing detail.

Web Discovery Project

The Web Discovery Project is intended to make Brave Search more relevant and useful for everyone. If you opt in, you’ll contribute some anonymous data about searches and web page visits made within the Brave Browser (including pages arrived at via some, but not all, other search engines). This data helps build the Brave Search independent index, and ensure we show relevant results to your search queries.

Collection is done in a privacy preserving fashion. By default, the Web Discovery Project discards search queries that are too long or suspicious looking (e.g. those that include phone numbers). It also discards odd URLs (e.g. those containing hashes), URLs of pages with a no-index flag, and pages that are not public or require any sort of authentication.

The system is designed so that no data received can be linked back to individuals or their devices. For a URL to be sent it needs to be visited independently by a large number of people. All data received is unlinkable, making it impossible to build profiles or sessions of Web Discovery Project contributors.

Note that the Web Discovery Project is currently only available on Brave Nightly, and should be treated “as-is.” It will be migrated to Brave Release once the integration is fully stabilized.

Read a full description of the Web Discovery Project methodology.

How we improve Brave

Crash reports

When Brave crashes, it creates a report that can be sent to us to help us fix whatever caused the problem. This report contains technical information about your computer system which is typically distinctive. We use a service called Backtrace.io to store them. You can choose whether to send us these reports. Even if you have chosen to send reports in the past, you can turn off future reports in settings.

Privacy Preserving Product Analytics

The Browser sends us anonymous reports to alert us to product problems and necessary improvements. None of the information it reports harms your privacy. The report only describes general use of the Browser, such as a general range of how many extensions are installed, a general range of how many tabs are open, and whether features like Shields, Rewards, and Ads are switched on. See the full list of questions here. These reports are stripped of metadata, and aggregated with measurements reported by many other instances of Brave. The data are not personal, and cannot be combined to identify you. You can deactivate Privacy-Preserving Product Analytics in Settings.

Your feedback

If you write feedback for Brave, we will use this to improve the product. See data processing detail.

Nightly, Dev, and Beta browser versions

Nightly, Dev, and Beta versions of the Brave Browser are experimental previews of new Brave Browser versions. They allow us to test new features so that we can find and fix errors before releasing a new version of the Brave Browser. These test versions of the Browser may automatically send crash reports to Brave so that we can identify and fix problems. A crash report can contain personal information. See data processing details.

How to switch this feature off. You can switch off “Automatically send usage statistics and crash reports to Brave Software” in settings.

Tip: you can quickly access settings by copying brave://settings into your address bar.

These incomplete versions of Brave represent unfinished and untested work on future versions of Brave, and their incomplete behaviour may not be adequately described by this policy. More information about the safety & reliability of pre-release versions of Brave can be found in our development documentation.

Location

Purpose of processingCategories of personal data processedLegal basis of processingDuration of storage
To estimate the user’s physical location at the request of a website and with the confirmation of the user. IP address, and information about nearby WiFi access points (MAC address, signal strength, and SSID). Legitimate interest. No storage.

Brave Rewards

Purpose of processingCategories of personal data processedLegal basis of processingDuration of storage
To make and verify (including anti-fraud) Basic Attention Token contributions. IP address at time of claiming a monthly grant of BAT tokens, and Wallet ID (this ID is not tied to what you browse or do because your browsing is kept anonymous by Brave) Necessary for the performance of a contract between us (and necessary for us to provide the requested service) The duration of the user’s account, plus 4 years in order to comply with US Internal Revenue Service requirements.

Brave News

Purpose of processingCategories of personal data processedLegal basis of processingDuration of storage
To collect content from the server in order to display it for the user. IP addresses. Legitimate interest. The data are used in order to deliver the service, and the risk of the processing of the data is minimal. The duration of the request and response

Brave Talk

Purpose of processingCategories of personal data processedLegal basis of processingDuration of storage
To facilitate communications via Brave Talk. IP address, meeting URL, chat content, audio and video, recordings of meetings. Legitimate interest. The processing is necessary to provide the requested service. Duration of the call, except for recordings of meetings that are temporarily stored for 24 hours.
To create a Brave Premium account and manage account access. Email address

Legitimate interest.

The data is necessary to establish an account and manage account access.

Until an account is deleted.

Brave Firewall + VPN on iOS

Purpose of processingCategories of personal data processedLegal basis of processingDuration of storage
To verify that the user is a subscriber. Digital receipt from Apple. Necessary for the performance of the contract (to deliver the service) agreed between both the user and Brave. None.
To send an alert to the user when a firewall rule is triggered (a server-side buffer is required when the app is not loaded for some time). Pseudonymous user ID, details of the blocked tracker/firewall rule triggered. Necessary for the performance of the contract (to deliver the service) agreed between both the user and Brave. 3 days.
To create private connections. IP address. Necessary for the performance of the contract (to deliver the service) agreed between both the user and Brave. None.
To provide customer support. Personal data that a user may include in the text they write when communicating with Guardian for customer support. Necessary for the performance of the contract (to deliver the service) agreed between both the user and Brave. Indefinite (Guardian).

Brave IPFS Public Gateway

Purpose of processingCategories of personal data processedLegal basis of processingDuration of storage
To allow access to IPFS content when the user cannot access it via a local IPFS node IP address Legitimate interest. The user requested the service, and the risk of the processing of the data is minimal. Indefinite. (Protocol Labs)

Your feedback

Purpose of processingCategories of personal data processedLegal basis of processingDuration of storage
To use feedback sent by users to improve the product. Personal data that a user may include in the text they write when sending feedback through an app store or any other means. Legitimate interest. The user intends for the data to be used for this purpose, and the risk of the processing of the data is minimal. 2 years.

Browser testing and research (Nightly, Dev, and Beta versions only)

Purpose of processingCategories of personal data processedLegal basis of processingDuration of storage
To fix problems in the Brave Browser by acting on issues highlighted by crash reports from Beta and Dev versions of the Browser Device model, iOS version, language, timezone, CPU architecture, carrier, connection status. Optional: Crash log (crash logs will also be sent if you opted-in when activating iOS) Optional: Comments and screenshots you share if you send feedback through TestFlight. Our interest in testing the product and fixing problems. The data are used in a way that does not negatively affect your rights or interests. Apple retains the data for one year. Brave may retain some crash reports indefinitely, if useful for testing.

Help with privacy settings in Brave

You can find guides on how to change privacy settings in Brave in the Help Center..

Contacting Brave about your privacy

We are always interested in hearing and responding to questions and concerns at twitter.com/brave and at github.com/brave. More in-depth conversations can be had at community.brave.com.

We are represented in Europe by Brave Software Europe Ltd (based in the UK). You can contact our data protection officer and the rest of our privacy team at privacy@brave.com. However, from the 1st January 2021, given the UK’s exit from the EU, Brave has appointed an EU nominated representative and which you may contact if you would prefer not to contact Brave directly:

Brave EU Nominated Representative
Care of Castlebridge
Unit 7, 12 Mountjoy Square,
Dublin 1
Ireland

brave@gdprnomrep.eu

You can ask to know what information we have about you, update incorrect information, delete it, object to our use of it, or get a copy of it. If you’re in the European Union, you also have the right to complain to your local data protection authority (though everyone should have this right).

We’ll update this policy whenever we make material changes to our practices, and we’ll announce it to let you know. We hope you’ll find any changes agreeable, but if you’re not comfortable with changes to the info we collect or how we use it, we understand your choice to stop using Brave. 



  1. Data are personal if the data can single a person out (on their own or in combination with other data), without an unlikely degree of effort or expense or technological development. The GDPR definition of “personal data” includes any data that can indirectly contribute to singling out an individual, including unique IDs codes, certain types of IP addresses, and encrypted data that one can decrypt without disproportionate effort. But data that are entirely impossible to access are not personal. ↩︎

Download Brave Nightly

Select what kind of chip your Mac comes with

Intel Chip icon Intel Chip

Most common

Apple Chip icon Apple Chip

Nov 2020 and later

How to find my chip

  1. At the top left, Open the Apple menu.

  2. Select “About This Mac”.

  3. In the “Overview” tab, look for “Processor” or “Chip”.

  4. Check if it says “Intel” or “Apple”.

Download Brave Beta

Select what kind of chip your Mac comes with

Intel Chip icon Intel Chip

Most common

Apple Chip icon Apple Chip

Nov 2020 and later

How to find my chip

  1. At the top left, Open the Apple menu.

  2. Select “About This Mac”.

  3. In the “Overview” tab, look for “Processor” or “Chip”.

  4. Check if it says “Intel” or “Apple”.

Download Brave

Select what kind of chip your Mac comes with

Intel Chip icon Intel Chip

Most common

Apple Chip icon Apple Chip

Nov 2020 and later

How to find my chip

  1. At the top left, Open the Apple menu.

  2. Select “About This Mac”.

  3. In the “Overview” tab, look for “Processor” or “Chip”.

  4. Check if it says “Intel” or “Apple”.

Brave Search beta is live! Private, independent, and user-first. The real alternative to Google.