-
May 11, 2026
v1
low
The change appears to be a technical update to Booking.com's WAF (Web Application Firewall) challenge page, updating nonce values and a timestamp parameter. The before and after versions are HTML/JavaScript security challenge pages with no substantive changes to stated privacy policies or data practices. This is not a privacy policy change but rather a technical infrastructure update to the challenge mechanism users encounter when accessing Booking.com.
· 1 modified
8457a5cacea9…
-
May 9, 2026
v1
No material change detected
· 1 modified
b6eb0da28d3e…
-
May 7, 2026
v1
low
Booking.com's privacy statement update on May 7, 2026 involved a technical modification to security scripting nonce values that protect against unauthorized access to the page. The underlying privacy protections and disclosures remain functionally unchanged. This is a routine security maintenance update with no material impact on user rights or data handling.
· 1 modified
f1bf7f7332f0…
-
May 6, 2026
v1
No material change detected
· -404 removed
· 3 modified
948e8f0e2da7…
-
May 5, 2026
v1
medium
Booking.com removed a dedicated privacy section that previously explained how it and its insurance partners handle personal data when you purchase insurance products through the platform. The section previously clarified that both Booking.com and the insurer are jointly responsible for how your data is used, and encouraged you to review the insurer's privacy notice. This section is no longer in the updated privacy statement as of May 5, 2026.
+1 added
· -114 removed
· 8 modified
87ad90226c99…
-
April 23, 2026
v1
medium
Booking.com reorganized its privacy notice to separate California residents' data rights from the general US privacy section. The updated section now explicitly lists the 10 categories of personal information California law recognizes, clarifies what counts as a 'sale' of data under California law, and adds three new consumer rights: the ability to opt out of data sales, opt out of cross-context behavioral advertising, and limit use of sensitive personal information. These changes reflect California's privacy law requirements and give California residents more granular control over how their data is used.
+19 added
· -9 removed
· 10 modified
88aa6f84860e…
-
April 22, 2026
v1
medium
Booking.com's privacy policy has been reorganized to separate US (non-California) residents from California residents, with California-specific protections removed and replaced with broader US state privacy language. New sections have been added describing data sharing related to a co-branded credit card product with Imprint Payments, Inc. Key consumer rights such as the ability to limit use of sensitive personal information have been removed from the policy.
+10 added
· -19 removed
· 11 modified
8750944580c1…
-
April 19, 2026
v1
medium
Booking.com replaced a technical security challenge page with a substantially expanded privacy notice on April 19, 2026. The new document added approximately 516 sentences of privacy policy content covering data collection, processing purposes, user rights, cookie usage, AI decision-making, and data protection practices. This represents a comprehensive rewrite or major expansion of Booking.com's privacy disclosure to travelers.
+516 added
· 3 modified
97a8af5caf14…
-
April 18, 2026
v1
low
The detected change appears to be a technical update to Booking.com's server-side security infrastructure rather than a substantive modification to privacy terms. The HTML document containing security challenge code was updated with new nonce values and timestamps, which are routine security measures that prevent token reuse. This type of update does not materially alter what data Booking.com collects, uses, or discloses about users.
· 1 modified
fc4948ad7d79…
-
April 14, 2026
v1
low
The detected change consists entirely of technical updates to the HTML security and authentication infrastructure serving Booking.com's privacy policy page. Multiple security nonce values were updated (from 17753692585960... to 17761467425430...), and a timestamp parameter was refreshed (from 1760623098515 to 1776146742543). These are routine security maintenance updates with no impact on the actual privacy policy terms, user rights, or data handling practices.
· 1 modified
1c67228d0b35…
-
April 5, 2026
v1
low
The document provided appears to be a technical challenge/WAF (Web Application Firewall) verification page with security scripts, not Booking.com's actual privacy statement. The changes detected between versions are limited to updates in security nonce values and a timestamp parameter in the challenge token, which are routine technical updates to anti-bot verification mechanisms. These changes do not affect privacy rights, data handling practices, or user protections outlined in a privacy policy.
· 1 modified
5278b0da1357…
-
April 3, 2026
v1
low
The detected change involves technical updates to Booking.com's challenge verification system (likely a bot detection or security mechanism), not substantive changes to their Privacy Statement. The HTML security tokens and timestamps were updated, but the core privacy policy language and consumer rights remain unchanged. This is a routine security maintenance update with no material impact on what data Booking.com collects, uses, or how it protects user information.
· 1 modified
cd0d46d80313…
-
April 2, 2026
v1
low
Initial snapshot — monitoring begins
5e76cfb25435…