Where this data comes from
Sources
The directory skeleton is the official registries: the California Data Broker Registry (privacy.ca.gov, maintained by the California Privacy Protection Agency) and the Vermont Data Broker Registry (Vermont Secretary of State). Registration is a legal requirement for brokers operating on residents of those states, and registry data is public record. We deduplicate on legal name and keep both registration IDs where a company appears in both.
Current counts: 10 enriched dossiers, 575 registry entries pending enrichment.
Enrichment
Full dossiers are researched and written by hand, ten per week, prioritized by how often people search for that broker's opt-out. Sources per dossier: the broker's own privacy policy and opt-out flow, registry filings, enforcement records, and published investigative reporting. Every opt-out process is tested by hand before its difficulty rating publishes.
The honesty rules
- Verified facts and inferences are labeled differently, always. Category guesses on pending entries say so.
- Every opt-out difficulty rating reflects the documented process, tested by hand.
- A "last verified" date displays on every dossier, and opt-out URLs are re-checked monthly.
- We never claim that opting out is permanent. It usually isn't, and each dossier's "catch" field says why.
- FCRA and HIPAA carve-outs are stated wherever DROP is mentioned.
- Enforcement and breach entries cite verifiable public records or reporting only.
What we collect about you
Nothing. No accounts, no scans, no PII, no advertising trackers. Aggregate, cookieless page analytics only. The optional Sya waitlist takes an email address you choose to give, and that is the entire list.
Corrections
Found something wrong or stale? hello@ydyl.io. Broker processes change without notice, and correction mail is how the verification dates stay honest between monthly sweeps.
YDYL is information, and none of it is legal advice.