DentroChat logo
Próbáld ki ingyen

duckduckgo.com privacy policy — score 82/100 (low risk)

Utolsó elemzés

A jelentés tartalma (összefoglaló, megállapítások, idézetek) angolul készült és nincs lokalizálva.

Új elemzés futtatása másik szabályzaton

Duck Duck Go, Inc. · duckduckgo.com

Jelentés részletei

low kockázat

DuckDuckGo lives up to its no-tracking promise for core search and browsing, but its growing optional features (Duck.ai, Sync & Backup) and the Microsoft ad partnership introduce data flows the policy doesn't fully explain, especially around AI training and international transfer safeguards.

DuckDuckGo's privacy policy is unusually strong for a major tech product: it explicitly disclaims tracking, does not save IP addresses or unique identifiers alongside searches/chats/browsing, and does not sell personal information. However, the policy has notable gaps. It does not address whether Duck.ai chat data is used for AI model training. It acknowledges cross-border data transfers but fails to specify legal safeguards such as Standard Contractual Clauses. The Microsoft advertising relationship means ad-click data flows to a third party under a contractual commitment rather than a technical guarantee. Optional features like Sync & Backup and Email Protection each collect personal data under separate sub-policies, creating a fragmented privacy landscape. User rights are referenced but not detailed within the main policy itself.

Utolsó elemzés
ForrásURL
Hossz16,826 karakter

Kategória szerinti értékelés

A szabályzat bontása a fő megfelelőségi területekre. Jó = erős, közepes = vegyes, gyenge = aggasztó.

Data Minimizationgood

Core services collect no persistent identifiers; optional features request only what is necessary and are clearly opt-in.

Transparencyfair

Plain language is excellent for core services, but critical details on Duck.ai data handling and international transfer safeguards are deferred to sub-policies or omitted entirely.

Third-party Sharingfair

Anonymous info shared with hosting/content providers; ad-click data flows to Microsoft under a contractual commitment; corporate SaaS vendors access voluntarily provided data — all described but with limited specificity on contracts.

International Transferspoor

The policy acknowledges global servers and a distributed team but provides no detail on transfer mechanisms (SCCs, adequacy decisions, or BCRs), only a vague commitment to 'follow applicable legal requirements.'

AI/Model Trainingpoor

The policy is silent on whether Duck.ai chats or other data are used to train AI models; no opt-in or opt-out mechanism is mentioned in this document.

User Rightsfair

Rights are acknowledged and a dedicated Privacy Rights page is referenced, but the specific rights (access, deletion, portability, objection) are not enumerated in this policy itself.

Fő megállapítások

Fontos záradékok, problémák vagy jó gyakorlatok (kritikusak először)

Kritikus

AI training data usage is completely unaddressed

The policy covers Duck.ai chats but never states whether chat content is used to train AI models (either DuckDuckGo's own or those of third-party AI providers like OpenAI and Anthropic). Given the June 2026 update specifically adding Duck.ai coverage, this is a critical omission.

Figyelmeztetés

Microsoft ad network receives ad-click data with only a contractual privacy commitment

Ad clicks are managed by Microsoft's ad network. The policy says 'Microsoft has committed to not associate your ad-click behavior with a user profile and to not store or share that information other than for accounting purposes.' This relies on Microsoft's contractual commitment rather than a technical anonymization guarantee, creating a trust dependency on a third party.

Figyelmeztetés

International transfer safeguards are unspecified

The policy acknowledges that data may be transferred across borders due to global servers and a distributed team, but only states 'we will follow applicable legal requirements' without identifying the legal mechanism (e.g., Standard Contractual Clauses, adequacy decisions). This is insufficient under GDPR Article 44 et seq.

Figyelmeztetés

Optional features create a fragmented privacy framework

Duck.ai, Email Protection, Sync & Backup, and the Subscription each have separate privacy policies. Users must consult multiple documents to understand the full picture, and the core 'we don't track you' promise does not apply to these features by definition.

Info

No-tracking commitment is technically enforced, not just a promise

The policy states IP addresses and unique identifiers are never logged to disk in association with searches, chats, or browsing. This is a strong technical guarantee, not merely a policy commitment, making it significantly more trustworthy than a typical privacy policy.

Info

Anonymous experiments use browser storage without full transparency

The policy mentions 'anonymous experiments to test different designs' that use browser storage, but does not specify what data is stored, how anonymity is ensured, or how users can identify or opt out of these experiments.

Összefoglaló a felhasználónak

DuckDuckGo's core search and browsing are genuinely private and don't create profiles about you, but if you use optional features like Duck.ai or Sync & Backup, you're trusting separate policies and third-party AI providers with your data.

Megfelelőségi helyzet

Largely compliant with GDPR principles, especially data minimization and purpose limitation for core services. Gaps exist around transparency on international transfer mechanisms and AI training data usage for Duck.ai.

EU-s átvitelek

The policy acknowledges cross-border transfers (distributed team, global servers) but states only that it 'will follow applicable legal requirements' without specifying whether it relies on adequacy decisions, Standard Contractual Clauses, or Binding Corporate Rules. This is insufficiently specific under GDPR Chapter V.

Észlelt jelek

A szövegben azonosított konkrét adatok és gyakorlatok

Gyűjtött adatok
IP addressBrowser typeLanguageScreen sizeOperating systemPreferencesClick timingEmail address
Adatkezelési célok
Content deliverySecurity and bot preventionFraud and abuse protectionAnonymous product improvement experimentsSearch index improvement via anonymous trendsNewsletter deliveryCustomer supportAdvertising via Microsoft ad network
Harmadik felekkel való megosztás
Microsoft Advertising (ad-click data)Hosting and content providers (anonymous browser/device info)Corporate SaaS providers (email, project management, customer support)Survey processing vendors
Nemzetközi átvitelek
Global server infrastructure with regional routingDistributed team members accessing servers worldwideCustomer support vendors distributed globallyVPN users may connect to non-regional servers

Bizonyító részletek

Közvetlen idézetek a szabályzatból e megállapítások alátámasztására

We don't save your IP address alongside your searches, Duck.ai chats, or visits to our websites, and we never log IP addresses to disk that could be tied back to you.

Ad clicks are managed by Microsoft's ad network and Microsoft has committed to not associate your ad-click behavior with a user profile and to not store or share that information other than for accounting purposes.

In such scenarios, if any cross-border transfers are necessary, we will follow applicable legal requirements.

We have never sold any personal information. Period.

Hiányzó vagy nem egyértelmű

  • AI model training usage and opt-out mechanism
  • Specific international transfer legal mechanisms (SCCs, adequacy, BCRs)
  • Data retention periods for optional feature data
  • Details of Microsoft ad data processing agreement
  • Cookie and local storage inventory
  • DPIA or legitimate interest assessments
  • Subprocessor list for optional features

Felteendő kérdések

  • Is Duck.ai chat content shared with third-party AI providers (e.g., OpenAI, Anthropic), and if so, do those providers use it for model training?
  • What specific legal mechanism does DuckDuckGo rely on for international data transfers — Standard Contractual Clauses, adequacy decisions, or something else?
  • What data exactly is stored in browser storage during 'anonymous experiments,' and how can users opt out?
  • Under what legal basis does DuckDuckGo process IP addresses and device information for security purposes — legitimate interest or consent?
  • What are the specific retention periods for data collected through optional features like Email Protection and Sync & Backup?
  • Does the Microsoft advertising agreement include audit rights for DuckDuckGo to verify compliance with the no-profiling commitment?
Ezt az elemzést AI generálja, és nem minősül jogi tanácsadásnak. Megfelelőségi döntésekhez mindig kérj képzett jogász véleményét.

Elemzés megosztása

Bárki, aki rendelkezik ezzel a linkkel, megtekintheti a fenti eredményt.

A DentroChat készítette

100%-ban európai AI chat mindenkinek

Csevegj AI-val, dolgozz fájlokkal, generálj képeket és keress a weben. Az adatok Európában maradnak.

EU-ban üzemeltetett infrastruktúraSzöveg, fájlok, képek és webes keresésGyors, Gondolkodó és Kreatív módokAdatvédelem alapbólEgyetlen adat sem hagyja el Európát
Próbáld ki ingyen →