Track 1 platform and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
This privacy policy establishes Glassdoor's data collection, use, and sharing practices for Glassdoor.com and Fishbowlapp.com. The policy authorizes collection of sensitive personal information categories including race, sexual orientation, disability status, and religion, and establishes data sharing with employers, advertisers, affiliated companies including Indeed, and analytics providers. Users may modify privacy settings within their accounts and, depending on jurisdiction, submit requests to access, delete, or restrict processing of personal data through Glassdoor's privacy request portal.
This document is Glassdoor LLC's Privacy Policy (revised April 22, 2026), governing personal data processing across Glassdoor.com and Fishbowlapp.com, with Glassdoor LLC designated as data controller and separate GDPR representatives named for the UK (Glassdoor Global Ltd.) and EU (Glassdoor Hiring Solutions Ireland Ltd.). The policy states that Glassdoor collects an extensive range of personal data categories including demographics (race/ethnicity, sexual orientation, disability, religion), job applications, direct messages, profile information, and behavioral/usage data, and the terms authorize sharing this data with affiliates (including Indeed and Indeed Flex), employers, advertising partners, data analytics providers, and other third parties for purposes including targeted advertising, service improvement, and research. Notably, the policy covers sensitive personal information categories such as racial/ethnic origin, sexual orientation, health data (disability status), and religion under both GDPR Special Category Data and US state-law Sensitive Personal Information frameworks, which imposes heightened consent and processing obligations that the policy does not exhaustively detail within its visible text; the scope of data sharing with employers and advertising partners in the context of a platform where users may post anonymously creates meaningful re-identification risk not fully addressed in the document. The policy engages GDPR (with named EU and UK representatives), US state privacy laws including CCPA/CPRA for California residents, and potentially other state frameworks; applicable law or regulatory guidance may limit how broadly asserted data sharing and processing rights apply in practice, particularly for sensitive data categories, and compliance obligations will vary materially by jurisdiction.
Institutional analysis available with Compliance
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.
Start Compliance free trial3 important changes detected
4 versions captured · Last updated: July 2026
Glassdoor removed several data access and control rights from its privacy policy on March 19, 2026. Previously, the policy stated users could correct, amend, or delete personal information, could request …
View change record →This new provision reveals granular tracking of user engagement with communications including opens, clicks, and address book data, expanding transparency about behavioral monitoring beyond previous 'Behavioral Tracking and Inference Data' provision.
This provision was removed and replaced with more detailed 'Communications Activity Tracking' provision, potentially narrowing the stated scope of behavioral tracking to communications-specific activities only.
Previous version had empty excerpt; current version now provides detailed enumeration of specific sensitive data categories collected including race, sexual orientation, disability, religion, and other protected classifications.
Previous version had empty excerpt; current version now specifies that data sharing practices may change with service modifications and clarifies consequences of not providing personal data.
Previous version had empty excerpt; current version now explicitly names Indeed and Indeed Flex as affiliates and references a Privacy Center for more information.
Renamed from 'GDPR Dual-Representative Structure' with empty excerpt to current version that explicitly designates Glassdoor LLC as data controller and names specific UK and EU GDPR representatives.
Previous version had empty excerpt; current version now details specific job application data collected including resumes, interactions, and classifies it as special category data.
Monitoring
Glassdoor has updated this document before.
Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
Compliance Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Start Compliance free trialCross-platform context
See how other platforms handle Data Sharing with Employers and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.