SafeGraph is a location data broker that tracks the physical movements of tens of millions of mobile devices across the United States. Unlike people-search sites that publish your home address, SafeGraph operates quietly in the background — harvesting foot traffic data from apps on your phone and selling detailed movement profiles to hedge funds, retailers, real estate firms, and government agencies. Here's what SafeGraph knows about you, why it matters, and how to opt out.
What Is SafeGraph and How Does It Collect Your Data?
SafeGraph does not have a consumer-facing website where you can search for yourself. It operates entirely as a B2B data company, selling aggregated and raw location datasets to business customers. Its data comes primarily from two sources:
- SDK integrations: SafeGraph licenses its software development kit (SDK) to app developers. When an app includes SafeGraph's SDK, it can collect precise GPS coordinates from your device in the background — even when you're not actively using that app.
- Data partnerships: SafeGraph also acquires location data from other companies that collect it independently, then combines those feeds into a broader movement database.
The specific data SafeGraph collects and sells includes:
- Places visited: Specific businesses, buildings, points of interest, and addresses your device has been detected near
- Dwell time: How long your device stayed at each location
- Visit frequency: How often your device returns to the same location over days, weeks, and months
- Movement patterns: The sequence of places your device visits — home, work, gym, doctor's office, place of worship, and so on
- Catchment areas: Which neighborhoods and ZIP codes feed foot traffic to particular businesses
SafeGraph maintains that its data is "anonymized" and linked to device IDs rather than names or email addresses. It also requires customers to contractually agree not to re-identify individuals from the dataset. In practice, however, these protections are weaker than they sound.
Warning: "Anonymous" Location Data Is Routinely Re-Identified
Researchers have repeatedly shown that precise location data cannot be truly anonymized. A device that spends nights at your home address and days at your workplace is effectively identifiable — even without a name attached. The Electronic Frontier Foundation (EFF) has documented cases where SafeGraph location data was used to track people visiting abortion clinics, houses of worship, addiction treatment centers, and immigration legal services offices. The data was not originally collected for those purposes, but was sold to customers who used it that way. Anonymization promises do not survive determined re-identification efforts.
Who Buys SafeGraph Data?
SafeGraph markets its data to a wide range of industries:
- Retail and commercial real estate: Analyzing store foot traffic, customer overlap with competitors, and site selection for new locations
- Hedge funds and financial analysts: Using foot traffic as a leading indicator for earnings and economic trends
- Government and public health agencies: Monitoring population movement during emergencies, including the COVID-19 pandemic
- Advertising and marketing firms: Building audience segments based on the types of places people visit
- Academic researchers: SafeGraph has offered free access to universities and research institutions
The breadth of SafeGraph's customer base means your location history can end up in contexts far removed from the app you originally gave location access to.
How to Opt Out of SafeGraph
SafeGraph offers an opt-out mechanism that removes your device's data from its commercial dataset. Here is the step-by-step process:
Method 1: Online Opt-Out Form (Primary Method)
- Visit SafeGraph's website. Go to safegraph.com in your browser.
- Scroll to the footer. Scroll all the way to the bottom of the page and look for the privacy-related links in the footer navigation.
- Click "CCPA Policy." Find and click the link labeled CCPA Policy (California Consumer Privacy Act Policy).
- Find the opt-out section. On the CCPA Policy page, scroll down until you reach the section titled "Methods for Exercising Opt-Out Rights."
- Submit your opt-out request. Click the link labeled "Do Not Sell or Share My Personal Information." Complete the form to submit your request.
Not in California? You Can Still Opt Out
SafeGraph's opt-out form is available to all users, not just California residents. The CCPA label refers to the policy framework, but the underlying opt-out mechanism applies regardless of which state you live in. Submit the form even if you are not in California.
Method 2: Email Request
If the online form is unavailable or you prefer direct contact, you can submit your opt-out request by emailing privacy@safegraph.com. Include the following in your message:
- A clear statement that you are requesting to opt out of the sale or sharing of your personal information
- Your name and approximate location (city and state) so SafeGraph can attempt to locate relevant records
- Your advertising ID if you know it (see the next section for how to find this)
- A request for confirmation once your opt-out has been processed
Method 3: California DROP Portal
California residents have access to an additional opt-out channel through the California DELETE Act. The Data Rights and Opt-out Portal (DROP) is a state-administered platform that lets Californians submit a single opt-out request that applies to all data brokers registered with the California Privacy Protection Agency — including SafeGraph. Visit the California Privacy Protection Agency's website to access the DROP portal.
Skip the manual opt-outs
One opt-out won't stop them — brokers relist your data. PrivacyOn removes your info from 100+ sites and keeps it removed.
Start your free scanDevice-Level Controls: Limiting Future Collection
Opting out of SafeGraph's existing dataset addresses data that has already been collected. To prevent ongoing collection, you need to take action at the device level.
Reset Your Advertising ID
Location data brokers primarily track devices using the advertising ID — a resettable identifier your phone provides to apps. Resetting this ID breaks the continuity of your location history across data broker systems, because your old identifier no longer matches your new activity.
- On iPhone (iOS): Go to Settings → Privacy & Security → Tracking and disable "Allow Apps to Request to Track." Then go to Settings → Privacy & Security → Apple Advertising and disable personalized ads to limit your identifier's use.
- On Android: Go to Settings → Privacy → Ads (exact path varies by manufacturer) and select "Reset advertising ID" or "Delete advertising ID." On Android 12 and later, you can delete the ID entirely.
Audit App Location Permissions
SafeGraph's SDK reaches your device through apps that have been granted location access. Reviewing and tightening those permissions directly limits what can be collected.
- On iPhone: Go to Settings → Privacy & Security → Location Services. Review each app and change the setting to "Never" or "While Using the App" for any app that doesn't need continuous background location access.
- On Android: Go to Settings → Apps → [App Name] → Permissions → Location and restrict location access for apps that don't need it.
- Be especially cautious with: Free apps, games, weather apps, utility apps, and apps that have no obvious reason to need your location. These are common vectors for background location SDKs.
Disable Precise Location Where Possible
Both iOS and Android allow you to grant apps only approximate location access (within a few miles) rather than precise GPS coordinates. Approximate location is sufficient for most legitimate use cases — weather, maps at a city level, local search — while making your data far less valuable to location data brokers who need exact coordinates to build meaningful movement profiles.
Opt-Outs Don't Reach Every Downstream Customer
When you opt out of SafeGraph, it removes your device from SafeGraph's active dataset going forward. It does not recall data that has already been sold to SafeGraph's customers. If a hedge fund purchased your foot traffic history last quarter, opting out today will not remove it from that fund's files. This is a structural limitation of commercial data broker opt-outs — they are prospective, not retroactive.
Why SafeGraph Deserves Particular Attention
Most data brokers collect information you shared voluntarily — a name you entered on a website, an address in a public record. SafeGraph is different because the data was collected passively, typically without the user meaningfully understanding that a weather app or game was broadcasting their GPS coordinates to a data broker in the background.
The EFF's investigations found that SafeGraph data was specifically marketed in ways that enabled tracking of visits to sensitive locations: reproductive health clinics, places of worship, immigration attorneys, addiction treatment facilities, and political rallies. The anonymization layer provided no practical protection against this type of use.
In 2022, SafeGraph quietly removed data about visits to abortion clinics from its offerings following public pressure after the Dobbs decision — but only after that specific use case attracted media attention. The underlying data collection and sale infrastructure remained in place.
How PrivacyOn Helps
SafeGraph is one of dozens of location data brokers that operate in the same ecosystem. Many are less well-known than SafeGraph and offer no consumer opt-out at all. PrivacyOn monitors your exposure across the data broker landscape and automates opt-out submissions wherever they are available — including SafeGraph. Because location data brokers continuously refresh their datasets, a one-time opt-out is rarely sufficient; PrivacyOn re-submits removal requests automatically when your data reappears.
Quick Reference Checklist
- Submit opt-out via safegraph.com footer → CCPA Policy → "Do Not Sell or Share My Personal Information"
- Alternatively, email privacy@safegraph.com with your opt-out request
- If you're in California, use the DROP portal for a single opt-out covering all registered brokers
- Reset your advertising ID on iOS and Android
- Review app location permissions — revoke background access for apps that don't need it
- Switch apps with legitimate location needs to approximate location rather than precise GPS
- Repeat the SafeGraph opt-out every 6–12 months, as data can be re-ingested from partner sources