Booking.com updated their Privacy Statement on April 5, 2026, but the change detected appears to be a technical update to an AWS WAF (web security challenge) page rather than a substantive change to the actual privacy policy content. The nonce values and a challenge timestamp parameter were updated, which are routine security infrastructure elements. This type of change has no meaningful impact on consumers' privacy rights or how their data is handled.
Although flagged as a privacy policy update, this change appears to be a routine technical security parameter rotation with no impact on how Booking.com handles personal data. Users' privacy rights and data practices remain unchanged.
The change detected in Booking.com's Privacy Statement on April 5, 2026 is a technical update to internal security challenge page parameters (nonce values and a timestamp), not a change to the substantive privacy policy text. This does not affect how Booking.com collects, uses, or shares your personal data. No consumer action is needed as a result of this change.
The detected change is a rotation of AWS WAF challenge page nonce values and a challenge timestamp parameter — standard security infrastructure maintenance. No substantive privacy policy language was modified. This does not touch GDPR Art. 13/14 disclosure obligations, CCPA notice requirements, or any data processing terms. No compliance action is required.
No regulatory exposure identified. The change is confined to AWS WAF bot-detection challenge page parameters (nonce rotation and chal_t timestamp update). No privacy policy provisions were substantively altered. No GDPR (Regulation (EU) 2016/679), CCPA (Cal. Civ. Code §1798.100 et seq.), UK GDPR, or ePrivacy Directive obligations are engaged by this technical change. No relevant enforcement actions or supervisory opinions apply.
Compliance intelligence locked
Obligation analysis, escalation trigger, board language, and recommended action.
Watcher: regulatory citations + obligations. Professional: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-000244.
ConductAtlas Policy Archive Entity: Booking.com | Document: Booking.com Privacy Statement | Record: CA-C-000244 Captured: 2026-04-05 06:07:38 UTC URL: https://conductatlas.com/change/2026-04-05-bookingcom-bookingcom-privacy-statement-244/ Accessed: April 19, 2026
Booking.com's privacy policy page was updated on April 14, 2026, but the change detected appears to be a technical update …
On April 14, 2026, Booking.com's Terms and Conditions page returned an AWS WAF (web application firewall) security challenge page instead …
Booking.com's Terms and Conditions page showed a detected change on April 11, 2026, but the actual content captured is an …
Subscribe to Watcher for $9.99/mo to get email alerts the moment Booking.com updates their policies. Or try Professional free for 14 days.