What are the institutional and regulatory implications of this document?

(1) REGULATORY LANDSCAPE: This policy engages GDPR (Regulation (EU) 2016/679) for EU and UK users, with named data controller representatives in both jurisdictions, and US state privacy laws including CCPA/CPRA for California residents. The collection and processing of Special Category Data under GDPR (racial/ethnic origin, sexual orientation, health data, religion) requires explicit consent or another enumerated legal basis, and the policy's visible text does not exhaustively detail the legal …

How does Glassdoor's Glassdoor Privacy Policy affect users?

The policy establishes that Glassdoor collects and shares sensitive personal information including race, sexual orientation, disability status, and religion with employers, advertisers, affiliates, and third-party analytics providers. Users retain the ability to adjust privacy settings within their accounts and access jurisdiction-specific data rights including access, deletion, and processing restrictions through formal request mechanisms.

How often is Glassdoor's Glassdoor Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Glassdoor updates this document?

Yes. Watcher subscribers ($9.99/month) can add Glassdoor to their watchlist and receive same-day email alerts whenever this document or any other Glassdoor document changes.

CA-D-000156

Glassdoor Privacy Policy

Glassdoor

Last change detected April 23, 2026 Privacy policy

SHA-256: fd0586601d50c704dfb… 3 versions captured 2 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Glassdoor ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

7 Total

3 High severity

4 Medium severity

0 Low severity

Summary

This privacy policy establishes Glassdoor's data collection, use, and sharing practices for Glassdoor.com and Fishbowlapp.com. The policy authorizes collection of sensitive personal information categories including race, sexual orientation, disability status, and religion, and establishes data sharing with employers, advertisers, affiliated companies including Indeed, and analytics providers. Users may modify privacy settings within their accounts and, depending on jurisdiction, submit requests to access, delete, or restrict processing of personal data through Glassdoor's privacy request portal.

Technical / Legal Breakdown

This document is Glassdoor LLC's Privacy Policy (revised April 22, 2026), governing personal data processing across Glassdoor.com and Fishbowlapp.com, with Glassdoor LLC designated as data controller and separate GDPR representatives named for the UK (Glassdoor Global Ltd.) and EU (Glassdoor Hiring Solutions Ireland Ltd.). The policy states that Glassdoor collects an extensive range of personal data categories including demographics (race/ethnicity, sexual orientation, disability, religion), job applications, direct messages, profile information, and behavioral/usage data, and the terms authorize sharing this data with affiliates (including Indeed and Indeed Flex), employers, advertising partners, data analytics providers, and other third parties for purposes including targeted advertising, service improvement, and research. Notably, the policy covers sensitive personal information categories such as racial/ethnic origin, sexual orientation, health data (disability status), and religion under both GDPR Special Category Data and US state-law Sensitive Personal Information frameworks, which imposes heightened consent and processing obligations that the policy does not exhaustively detail within its visible text; the scope of data sharing with employers and advertising partners in the context of a platform where users may post anonymously creates meaningful re-identification risk not fully addressed in the document. The policy engages GDPR (with named EU and UK representatives), US state privacy laws including CCPA/CPRA for California residents, and potentially other state frameworks; applicable law or regulatory guidance may limit how broadly asserted data sharing and processing rights apply in practice, particularly for sensitive data categories, and compliance obligations will vary materially by jurisdiction.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

2 important changes detected

3 versions captured · Last updated: April 2026

April 23, 2026

medium

What changed Glassdoor updated its privacy policy on April 23, 2026 to add specific rights for individuals whose data is transferred under the Data Privacy Framework, a U.S.-EU data transfer agreement. The new language confirms that EU, UK, and Swiss users can request access to their personal data, correct or delete it, and opt out of data sharing with third parties. The policy also clarifies complaint resolution procedures and response timelines for data deletion requests.

Why this matters The updated policy grants EU, UK, and Swiss residents explicit rights to request access to their personal data held by Glassdoor in the United States, and to correct, amend, or delete that data. Glassdoor commits to responding to deletion requests within a reasonable timeframe and to obtaining explicit consent before sharing sensitive data with third parties or using data for purposes beyond the original collection. You can exercise these rights by following the instructions in the 'Controlling Your Personal Data' section of the policy.

View full change record →

March 19, 2026

high

What changed Glassdoor removed several data access and control rights from its privacy policy on March 19, 2026. Previously, the policy stated users could correct, amend, or delete personal information, could request limits on data use and disclosure, and would receive opt-out choices before data was shared with third parties or used for new purposes. The updated policy removes these explicit protections and replaces them with a reference to binding arbitration for unresolved privacy concerns. Users no longer have documented rights to amend their data, request use limitations, or receive advance notice before third-party sharing.

Why this matters The updated privacy policy removes explicit language granting users the right to correct, amend, or delete personal information held by Glassdoor. It also eliminates the documented right to opt-out before data is shared with third parties or used for purposes beyond the original collection. Previously, users could request limits on data use and disclosure; this right is no longer stated in the policy. Instead, the updated terms establish binding arbitration as the mechanism for resolving privacy complaints. Under the revised policy, users who have unresolved privacy concerns may invoke binding arbitration through TrustArc, but they no longer have contractually documented access to data correction, deletion, opt-out, or use-limitation mechanisms.

View full change record →

High — 3 provisions

Sensitive Personal Information Collection

Glassdoor collects highly sensitive personal details including your race, sexual orientation, disability status, and religion as part of its standard data collection practices.

Added May 9, 2026 Rare
Data Sharing With Employers and Advertising Partners Compare →

Glassdoor shares your personal data with employers, advertising partners, and other third parties as part of providing its services, and limiting what you share may restrict your access to features.

Added May 9, 2026 Standard Seen across 246 platforms
Job Application Data Collection Compare →

When you apply for jobs through Glassdoor, the company collects your resume and all associated application data, which may include sensitive personal information.

Added May 9, 2026 Standard Seen across 251 platforms

Medium — 4 provisions

Affiliate Data Sharing (Indeed and Indeed Flex) Compare →

Glassdoor shares data across its corporate family, which includes Indeed and Indeed Flex, meaning your Glassdoor activity may inform your Indeed profile and vice versa.

Added April 3, 2026 Standard Seen across 246 platforms
GDPR Data Controller and Representative Designation Compare →

Glassdoor has formally designated legal entities to represent it under GDPR for users in the UK and EU, meaning those users have specific data rights they can exercise against these named entities.

Added May 9, 2026 Standard Seen across 189 platforms
Communications Activity Tracking Compare →

Glassdoor tracks how you interact with its emails and messages, including whether you open them, what links you click, and what you download, and uses this to build inferences about your interests.

Added May 7, 2026 Standard Seen across 251 platforms
Direct Messages Data Collection Compare →

Glassdoor collects the content of direct messages sent on its platform and associated identifying information.

Added April 3, 2026 Standard Seen across 251 platforms