Privacy Policy

Last update: October 1st 2025

Introduction
USA SPECIFIC NOTICE
CONSENT TO DATA TRANSFERS
DATA SECURITY
ADDITIONAL TERMS REGARDING THE USE OF THE INBOX FEATURE
THIRD PARTY WEBSITES
CHANGES TO THIS PRIVACY POLICY
DEFINITIONS

Introduction

The protection of your privacy and your personal data is a priority for Brevo and all of the entities within the group (“Brevo” or “we” or “our” or “us”). The terms with capital letters that are not defined in this Policy shall have the meaning assigned to them in the Brevo Terms of Service.

Brevo only collects, uses, retains, and shares Personal Data as is adequate and relevant to the specific, express purposes described below or as reasonably necessary and proportionate to (i) provide the Services or for (ii) other purposes that we disclose to you. We work to ensure that our privacy practices are compatible with the context of how we collected your Personal Data in the first place.

The types of Personal Data we collect and how it is used depends on how you interact with us, such as a Website visitor, a Brevo customer using the Services or representative of a customer or as a Customer’s contact or recipient. Therefore, this privacy policy (the “Policy”) applies to:

All users and representatives of Brevo’s Customers (the “Customers”);
The contacts (recipients of electronic communications, contacts of sales opportunities, registered clients etc.) uploaded on the Software by Brevo’s Customers and/or collected via the Software by Brevo’s Customers (the “Contacts”) when their data are not processed by Brevo on behalf of its Customers;
All visitors of Brevo’s website (“Website Users”), i.e. https://fr.Brevo.com (the “Website”).

(together also referred to as “you” or “your”).

This Policy aims to inform you in a clear and comprehensive manner of the processing of your personal data carried out in accordance with the privacy laws that apply to us, including the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the “GDPR”) and any applicable domestic privacy legislations.

This Policy may be updated at any time as a result of, among others, legal, technical or commercial changes. In such cases, Brevo will take appropriate measures to inform you of such changes, where they are significant. We recommend that you refer to this Policy regularly to ensure that you are aware of the latest version. Brevo Customers may use the information contained in this Policy to provide necessary information to the Contacts. You accept this Privacy Policy and consent to Brevo’s collection, use, and disclosure of your information as described below by accepting this Privacy Policy where given the opportunity or by using or accessing our Services in any manner. If you do not agree with this Privacy Policy, do not use our Services.

To know more about the concepts of “personal data”, “data subjects”, “controller”, processor”, “processing”, “purpose”, “GDPR” and more, please read the section “Definitions” at the end of this Policy.

WHO IS THE DATA CONTROLLER FOR THE PROCESSING OF YOUR PERSONAL DATA?

The entity of the Brevo group acting as a data controller for the processing of your personal data (i.e., determining the purposes and means of the processing of your personal data) for the processing described in Section 3 of this Policy is the Brevo entity with which you have a contract and in case you have subscribed to a paying plan, the company which is invoicing your organization. Depending on your location, the data controller may be Sendinblue France (SAS), Sendinblue North-America (Inc.) or Sendinblue Germany (GmbH).

The parent company of the Brevo group Sendinblue,a French société par actions simplifiée, whose registered office is located at 17 rue Salneuve, 75017 Paris, France, registered in the Paris Trade and Companies Register under number 498 019 298. Sendinblue is doing business as Brevo.

WHAT IS THE SCOPE OF THIS POLICY?

If you are a Contact, please note that Brevo is acting as data controller only for the specific purposes described in the Section 3 of this Policy. For all other processing that involve your personal data (storage of content, sending of emails, creation of statistics on behalf of Customers, etc.), Brevo does not act as a data controller meaning that it has no influence and does not decide on such processing of your personal data (please be reminded in this regard that Brevo does not send electronic communications on its own behalf but only on behalf and under the instructions of its Customers, except where detailed in Section 3) and, therefore, this Policy may not apply. Brevo will act for these other processing as a data processor and our Customers are acting as data controllers and are the sole entities that can ensure the proper exercise of your rights described in Section 8 (11 for the US) of this Policy (deletion, access, limitation etc.). To learn more about how our Customers process your personal data as data controllers and how you can exercise your rights with them, please see their own privacy policy. If you want to know about how we process personal data as a data processor, please refer to our Data Processing Agreement.

Brevo proposes optional specific apps/features through its Software (WhatsApp Messages, Facebook Ad, Google Fonts & Google ReCAPTCHA, Cloudflare Turnstile, OpenAI…) the list of which can be found in our Terms and Conditions. These apps/features are provided by third-party providers that Brevo does not control and towards which it does not provide any specific warranty. Therefore, for processing carried out for the provision and in the context of such apps/features, Brevo is not liable and the third-party providers act in accordance with the qualification that their policies / terms and conditions provide. If you wish to use those features, we strongly recommend you to read to the relevant privacy policy of each third-party provider to know more about the processing of your personal data.

If you have any questions, please do not hesitate to contact us through the contact details indicated in Section 9 of this Policy (11 for the US). We will do our best to help you and answer any question you may have.

FOR WHAT PURPOSES IS YOUR PERSONAL DATA COLLECTED AND PROCESSED?

Brevo collects and processes personal data that is relevant, adequate, not excessive and strictly necessary for the purposes pursued.

You will find below a table listing the relevant information related to the processing of personal data, where Brevo acts as a data controller, and in particular:

The different purposes of the processing operations;
The categories of personal data collected;
The legal basis on which we rely to carry out the processing;
How long we keep your personal data.

In addition to the purposes specified here above, Brevo may use your Personal Data to:

Monitor your compliance with any of your agreements with us;
Protect your privacy and enforce this Privacy Policy;
If we believe it is necessary, to identify, contact, or bring legal action against persons or entities who may be causing injury to you, to us, or to others;
Comply with a law, regulation, legal process, or court order;
Fulfill any other purpose to which you consent.

SOURCE OF COLLECTION

We collect Personal Data from the following sources and use that information as described below:

Directly from you when you contact us or place an order. If you contact us via the Site or by email, phone, or other means to request information or support, we will collect your name, contact information, and employment-related information as needed to respond to your inquiry. If you place an order with us, we will use a PCI-compliant payment processor to collect and process your payment information. You may opt-in to save your payment information for future orders, but this is not required. We collect this information with your consent, and we use it to respond to your inquiries, communicate with you about your order status, or for the purposes stated at the time of collection.
Directly from you when you create a Customer account. If you create a Customer account, we will collect your name, email address, company name, and require you to choose a password to login. We collect this information with your consent, and we use it to provide the Services, identify and administer your account, and communicate with you about the Services. You have the right to opt-out of communications from us, but you cannot opt out of communications that we send you regarding your account.
From our Customers about their Contacts. Brevo Services enables Customers to promote their brands through email, SMS, chat, and other types of marketing communications. Customers may choose to input their Contacts’ Personal Data into the Services to send them marketing communications. We collect Contacts’ Personal Data to fulfill our contractual obligations as a service provider to the Customer. A Customer’s processing of Contacts’ Personal Data via the Services is subject to the Customer’s privacy practices, not ours. Brevo is not responsible for any Customer’s compliance with applicable privacy laws, or a Customer’s obligations related to their Contacts’ privacy rights.
Automatically from you when you visit the Website. When you visit our Website or use our Software, we automatically collect data about your internet activity such as your IP address, internet service provider description, information about the type of device used to access our Site, and browser information. Like most online services, the Site and Software use cookies as described in our Cookie List: https://www.brevo.com/legal/cookies/. We collect this information to achieve our legitimate interest of facilitating online communication or when it is strictly necessary to provide an online Service. We use this information to help diagnose problems with and secure our servers, to administer the proper functioning and legitimate use of our Site, generate analytics and statistics. With your prior consent, we also use that information to improve the nature and marketing of the Services. The Customer warrants that it will provide all necessary information to the relevant natural persons, and obtain all necessary consents from them, as required by applicable data protection and electronic communication laws, in order to allow Brevo to lawfully deploy cookies and similar tracking technologies and to lawfully collect data from the devices of Contacts and Service Users. These tracers might include pixels and web beacons. The exact list of cookies and tracking devices is available https://www.brevo.com/legal/cookies/.

Brevo will update this Privacy Policy or otherwise notify you before we collect additional categories of Personal Data from consumers or use such Personal Data for purposes that are incompatible with the purpose stated at the time of collection.

💥 TRENDING: Legal/privacypolicy - Collection