How is Pearl Diver data compliant and secure?
As a publicly listed company, we take data compliance very seriously.
Here’s how our model is structured to ensure compliance and defensibility:
- Data type: Pearl Diver only provides U.S.-based PII (such as names, emails, addresses) but absolutely no sensitive categories of data (health, financial, religious, etc.).
- Chain of permissions: Every record in our collective comes from members who are contractually required to obtain proper notices and consents, maintain compliant privacy policies, and honor all opt-outs. This creates a defensible chain of permissions under U.S. law.
- Licensed and registered entity: Pearl Diver is a product of Black Pearl Group Limited, which is a licensed data broker in every U.S. state that requires registration. This ensures compliance not only at the federal level but also under all relevant state-level regimes.
- Collective governance: Pearl Diver operates as part of a data collective, meaning we don’t just rely on one source, all members adhere to shared compliance obligations that are auditable.
- No unauthorized sharing: Unlike the BetterHelp case, where sensitive data was misused beyond the purpose for which it was collected, Pearl Diver’s data is only used for clearly disclosed intent-based advertising, aligned with the original user consents.
- Transparency & opt-outs: Consumers have a straightforward way to see and control their data usage. Opt-outs are honored across the collective