Glossary

GDPR

The GDPR — General Data Protection Regulation — is the European Union's data privacy law, in force since 2018. It governs how organizations collect, store, and use the personal data of people in the EU, and it applies based on whose data you are handling, not where your company sits — so a business anywhere can fall under it if it processes EU residents' personal data.

The law is built on principles: you should have a lawful basis for processing personal data, collect only what you need, be transparent about it, and respect people's rights to access or delete their information. Marketing and outreach are areas it touches directly, which is why B2B and lead-gen work has to take it into account.

Importantly, the GDPR can apply to personal data even when that data was publicly available. Scraping a public profile does not put you outside its scope if the result identifies EU individuals — what matters is how you then use and store that data. For most lead-gen work the takeaway is simple: collecting public contact details is not automatically a problem, but sending unsolicited messages to EU individuals is where the obligations really start to bite.

What it means for 1Scrape users

1Scrape collects public data, but if your results include personal data about people in the EU, the GDPR may govern what you do next. In practice that means having a legitimate reason for your outreach, being able to honor deletion or opt-out requests, and not misusing contact details. 1Scrape gives you the data; using it compliantly is your responsibility. This is general information, not legal advice — check with a professional for your situation.

Frequently asked questions

Does the GDPR ban scraping?

No — it does not prohibit scraping or single it out. It regulates how the personal data of EU residents is handled, however you obtained it. Collecting public data can be fine; what matters is having a lawful basis and respecting people's rights when you use it. General information, not legal advice.

Does the GDPR apply if the data was already public?

It can. Public availability does not put personal data outside the GDPR — if your results identify people in the EU, the law may still apply to how you store and use them. Being public lowers some risk but is not a blanket exemption.

Related

Public data, gathered simply

Start with $5.00 free. You stay responsible for lawful, respectful use.

Start a scrape