Imagine searching your own name online and finding your home address, phone number, previous addresses, relatives, and even an estimate of your income—all on a website you’ve never visited. It’s an unsettling experience, especially if you’re someone who is careful online. So where did all that information come from? They’re called data brokers—companies whose entire business model revolves around collecting, combining, and selling information about millions of people.
Contrary to what you might think, data brokers don’t need to do anything illegal to gather this detailed information about you. Instead, they piece together data from public records, retailers, mobile apps, websites, and countless other sources that most people use every day. So, let’s look at how data brokers get your information—even if you’re careful—and what you can do to limit the amount of data they collect.
What is a data broker?
Incogni
Simply put, a data broker is a company that collects personal information from a wide variety of sources, combines it into detailed consumer profiles, and then sells that information to other businesses.
Unlike companies you interact with directly, most data brokers operate behind the scenes. There’s a good chance you’ve never heard of them, even though they likely have a file containing very detailed personal information about you.
That matters because these profiles can help determine which ads you see, the marketing offers you receive, or even support background checks, insurance risk assessments, voter targeting campaigns, and other business decisions. The more information brokers collect and connect to your profile, the more complete your digital profile becomes and the more valuable it is when being sold—so, there’s an incentive for them to hoover up as much of your data as possible.
PROMOTION
Google reveals more than you know.
Searching your name on Google reveals more than you’d like. Data brokers feed that information—and removing it yourself takes hours. Incogni sends removal requests automatically, across hundreds of brokers. Less exposure, zero effort.
Get 58% off. Use code PCWORLD
Where do data brokers get your information from?
The biggest misconception about data brokers is that they get your information from any one place. In reality, they build your profile by gathering thousands of small pieces of information from many different sources. On their own, each bit of data may seem harmless. But combined, the data can paint a remarkably detailed picture of your likes, interests, spending habits, relationships, and much more.

This graphic from the Federal Trade Commission (FTC) shows exactly how your data indirectly flows from you to data brokers.
Federal Trade Commision
Public records
Some of the information data brokers collect is already part of the public record. Property records, voter registrations (where publicly available), court filings, marriage and divorce records, business registrations, and professional licenses can all be legally obtained by just about anyone. While these records are often scattered across different government agencies, data brokers aggregate them all into comprehensive databases that government agencies could only dream of.
Retailers/loyalty programs
Every time you use a store loyalty card, sign up for rewards, register a product warranty, or shop online, you’re creating a record of your purchases. Many retailers share or sell customer data to marketing and analytics companies, which then pass it along to data brokers.
This information can include what you buy, how often you shop, how much you spend, and even which brands you prefer. Over time, these purchasing habits can reveal details about your income, hobbies, health interests, and major life events.
Website cookies & third-party trackers
Most people are aware that many websites contain “cookies” that can remember your preferences and login sessions. But you might not know that third-parties also utilize invisible tracking technologies such as advertising trackers, tracking pixels, and analytics scripts that can follow your activity across thousands of different websites.
This allows companies to build a history of the sites you visit, the products you research, and the ads you interact with. While at first this data is usually collected anonymously, it can often easily be linked back to you when combined with other information that data brokers can obtain.
Mobile apps
Those addictive apps that we all use are another major source of personal data. Free apps often include advertising and analytics software development kits (SDKs) that collect information in the background as we use them.
Depending on the permissions you’ve granted, apps may collect your approximate or precise location, advertising ID, device information, app usage patterns, and other telemetry data. Even if an individual app gathers only a small amount of information, that data can eventually find its way into data broker databases.
Social media profiles
You don’t have to post every detail (or meal) of your life for social media to reveal a lot about you. Public profile information, likes, follows, comments, group memberships, and interactions can all help data brokers infer your interests, hobbies, purchasing preferences, and even significant life events. Friends and family may also unintentionally expose information about you through tagged photos, public posts, or relationship connections.
Other sources of information
Not all of a data broker’s information comes directly from websites or apps. Many companies routinely share customer information with advertising, analytics, and marketing partners as part of their normal business operations.
Financial institutions, consumer research firms, and credit reporting agencies may also license certain types of legally shareable consumer data. Together, these sources can help brokers estimate details such as your household income, homeownership status, purchasing habits, and likely interests.
In some cases, personal information exposed in data breaches can also circulate through the broader data broker ecosystem. The end result is that even if no single company knows everything about you, data brokers can combine information from all of these different sources into one shockingly detailed profile. And that’s not even mentioning the as yet relatively unknown impact of AI models and their impact on data analytics and data sharing.
But what if I’m careful online?
You might already do the smart stuff. You skip cookie banners. You use a good VPN. You clear your browser history. You don’t post much online.
These habits help, but the catch is that they only solve part of the problem.
Most of the data that ends up with data brokers doesn’t come from anything risky you did online. It comes from normal things you do every day. You sign up for a store rewards card. You download a weather app. You buy a house. You register to vote. You create an account on a shopping site. Each of these actions creates data and that data inevitably ends up in the hands of data brokers.
Privacy tools like a VPN have limits too. It hides your IP address and encrypts your traffic, keeping your internet provider or a website from seeing what you browse. But it can’t stop a store from tracking what you buy or an app from using info you gave it permission to use.
Blocking cookies works the same way. It cuts down on tracking across websites, but it won’t stop a company from using data you handed over yourself, based on their own privacy rules.
None of this means these tools are useless. They still help a lot. But they don’t solve the whole problem. Data brokers don’t need one big slip-up from you. They collect small pieces of data from dozens of places you interact with every day.
You might think you’re already being careful, but data collection is systemic. So real protection means watching what you share everywhere, not just while you browse the web.
Can you stop data brokers?
The short answer is no. At least, not completely. Once your information enters the data broker ecosystem, it’s difficult to remove it entirely. But you can make it much harder for brokers to collect new information and reduce how much of your existing data remains available.
Reduce new data collection
The best way to stop data collection is to delete your online presence entirely. Unfortunately, that’s not really feasible in our modern world. However, you can slow data collection by being more selective about who you share your information with. Skip loyalty programs unless the savings are really worth it, only grant apps the permissions they truly need, and think twice before filling out optional online forms.
It’s also a good idea to review your privacy settings on social media. Lock down profiles to only friends and family, turn off personalized ads, turn off geotagging, and revoke access to any connected apps you no longer use.
Additionally, it can be useful to delete or disable your phone’s advertising ID when possible. And finally, do a thorough spring cleaning by deleting apps and accounts you no longer use.
None of these steps will make you invisible, but together they reduce the amount of new and persistent information that data brokers have access to.
Exercise privacy rights
Depending on where you live, privacy laws may give you the right to see what information companies have collected about you, request that it be deleted, or opt out of the sale of your personal data.
Residents of places covered by laws such as the European Union’s GDPR or California’s CCPA have some of the strongest protections, but similar privacy laws are becoming more common around the world.
One easy place to start is Google itself. If your home address, phone number, or other personal information appears in search results, you can often request its removal. We’ve put together a step-by-step guide explaining what data you can remove from Google search and how to do it.
Many data brokers also offer opt-out forms on their websites, although you’ll typically need to submit requests individually and may have to repeat the process periodically—which takes a lot of time.
Use a data-removal service

Data removal services such as Incogni send out hundreds of removal requests on your behalf, saving you weeks or months of your time.
Sam Singleton
For most people, a data-removal service is the most practical way to immediately reduce their online footprint. While you can contact data brokers yourself, there are hundreds of them operating around the world, each with its own opt-out process, identity verification requirements, and removal policies. Even after you successfully remove your information, it can reappear months later as brokers acquire fresh data from new sources, forcing you to repeat the process ad nauseum.
Data-removal services such as Incogni, DeleteMe, Optery, and Aura automate much of this work for you. They submit removal requests to hundreds of data brokers and people-search sites on your behalf, track which requests have been completed, and continue checking for new listings over time. With these services you can also review reports showing which brokers had your information and which records have been removed.
These services can’t erase every trace of you from the internet or remove information that’s legally part of the public record. However, they can dramatically reduce how much of your personal information is available for sale online. If you’re serious about protecting your privacy but don’t have the time to manage countless opt-out requests yourself, a good data-removal service is one of the simplest and most effective privacy investments you can make.



