Privacy Policy


Bellingcat is committed to respecting the right to privacy. We protect and maintain the confidentiality and security of personal data in accordance with applicable laws.

We process personal data carefully and with integrity, and protect it against unauthorised and unintended processing. All personal data you provide remains strictly confidential and will not be passed on to third parties. We process these data in accordance with the General Data Protection Regulation (GDPR).

This data privacy policy applies to collecting and processing of personal data gathered about the visitors of the website.

Bellingcat understands personal data as all information about an identifiable natural person (the ‘data subject’). This means information that is directly about a person or can be traced back to this person.

This policy sets out how Bellingcat processes and uses personal data in accordance with applicable regulations and legal requirements, and explains what rights are available to data subjects.

Purpose of Data Collection

  • Bellingcat collects and processes personal data only to the extent reasonably required and always adheres to applicable local laws and regulations.
  • The personal data collected will only be used for improving the quality of our services and informing the publication strategy.

Retention Period

Keeping personal data may be necessary for the proper implementation of the organisation’s business. Personal data is not kept for longer than necessary. When you send us an e-mail or contact us in another way, we shall keep and process the personal data you send us for as long as this is necessary and only for the purposes necessary.


Bellingcat has the necessary safeguard and control systems to protect personal and sensitive data against loss, unauthorised copying, modification or disclosure. Additionally, we have technical and organisational measures to protect and secure personal data, for example, by limiting access rights to authorised persons only. Access to sensitive data is always strictly on a need-to-know basis (compartmentalization).

We may share personal data with third parties or contractors that deliver services to Bellingcat. We are committed to ensuring that those third parties receiving personal data will also process and secure the personal data in accordance with this data privacy policy and applicable laws and regulations.

Your Rights

Under the General Data Protection Regulation (GDPR) your rights include the right to access personal data we have collected and in certain cases to modify or remove the personal information. If you’ve subscribed to our newsletter, each newsletter contains a clear link which you can use to unsubscribe.

To exercise your rights, you may send a request to To address your request, we may ask you for further information to check your identity. More information about your rights under the GDPR can also be found at

If you feel it is necessary, you may also file a complaint with the Data Protection Authority about how we use your personal data.

Changes to the Data Privacy Policy

We reserve the right to revise this data privacy policy. Important changes will be announced on our website.

Final Provisions

When we process the personal data of EU citizens in a non-EU country, we will ensure that it remains compliant with the applicable privacy regulations.

A data subject can request access, correction, restriction, portability, objection or removal of his or her personal data at any time by submitting a request to We will strive to respond to such a request without undue delay.

Any relevant data breach will be reported to the relevant data protection authorities within the timelines stipulated by applicable law, in accordance with the internal process for incident management.

Contact Details

Unless otherwise explicitly indicated, Bellingcat is the Data Controller for the processing of personal data as described in this data privacy policy.

In case you have any questions about this data privacy policy, you can contact us at