Salesforce added a new 'Transparency Reports' section to their privacy policy on May 1, 2026. This section provides information about how Salesforce handles government requests for customer data, along with links to annual transparency reports dating back to 2020. This is a positive change for consumers as it gives them clearer visibility into how often and under what circumstances governments may access their data.
Salesforce has added a dedicated section to its Privacy Statement linking to Transparency Reports that detail government requests for customer data from 2020 through the first half of 2025. This gives consumers and businesses greater insight into how frequently and under what circumstances law enforcement or government agencies may access their data held by Salesforce. You can review the linked transparency reports directly in the updated Privacy Statement to understand the volume and nature of government data requests made to Salesforce.
The addition of transparency reports gives consumers and enterprise customers concrete, annually updated information about how often governments request access to Salesforce-held data. This supports informed risk assessments and strengthens trust in Salesforce's data governance practices.
Salesforce added a new section disclosing its principles for handling government data requests and linking to annual transparency reports from 2020 through H1 2025.
ConductAtlas Policy Archive Entity: Salesforce | Document: Salesforce Privacy Statement | Record: CA-C-000758 Captured: 2026-05-01 06:15:43 UTC URL: https://conductatlas.com/change/2026-05-01-salesforce-salesforce-privacy-statement-758/ Accessed: May 2, 2026
Unlock the full analysis
14-day free trial available.
Salesforce added a 'Transparency Reports' section to its Privacy Statement on May 1, 2026, publicly disclosing principles and annual figures for government data requests (H1 2025 through 2020-2021). This touches transparency obligations under Art. 13(2)(b) and Art. 14(2)(b) GDPR regarding disclosure of recipients and international transfers, and aligns with GDPR Recital 39's transparency principle. No immediate compliance action is required for organizations using Salesforce as a processor, but legal and privacy teams should note this disclosure as evidence of Salesforce's government request handling — relevant for vendor risk assessments and DPA reviews.
1. GDPR Art. 13(2)(b) and Art. 14(2)(b): Transparency reports directly support disclosure obligations regarding the recipients of personal data and any government access mechanisms.
Compliance intelligence locked
Obligation analysis, escalation trigger, board language, and recommended action.
Watcher: regulatory citations + obligations. Professional: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-000758.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Unlock full diff — Watcher $9.99/moYour genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do…
We monitor 200+ platforms and archive every change — verified and timestamped.