Glassdoor collects the content of direct messages sent on its platform and associated identifying information.
This analysis describes what Glassdoor's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Users may assume that direct messages on a professional networking platform are private, but the policy discloses that message content is collected as personal data, which has implications for how confidentially users can communicate.
Interpretive note: The policy does not specify the purposes for which direct message content is used beyond collection disclosure, creating uncertainty about downstream use.
The updated policy grants EU, UK, and Swiss residents explicit rights to request access to their personal data held by Glassdoor in the United States, and to correct, amend, or delete that data. Glassdoor commits to responding to deletion requests within a reasonable timeframe and to obtaining explicit consent before sharing sensitive data with third parties or using data for purposes beyond the original collection. You can exercise these rights by following the instructions in the 'Controlling Your Personal Data' section of the policy.
View change record →The updated privacy policy removes explicit language granting users the right to correct, amend, or delete personal information held by Glassdoor. It also eliminates the documented right to opt-out before data is shared with third parties or used for purposes beyond the original collection. Previously, users could request limits on data use and disclosure; this right is no longer stated in the policy. Instead, the updated terms establish binding arbitration as the mechanism for resolving privacy complaints. Under the revised policy, users who have unresolved privacy concerns may invoke binding arbitration through TrustArc, but they no longer have contractually documented access to data correction, deletion, opt-out, or use-limitation mechanisms.
View change record →Previous version had empty excerpt; current version now specifies that direct messages and associated content are collected and classified as identifiers.
View full change record →Direct messages sent through Glassdoor or Fishbowl are collected as personal data, meaning their content may be retained, used, or potentially shared in ways consistent with the broader policy's data use and sharing provisions.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If we collect health information from these integrations (such as heart rate), we will not sell or use it for advertising or other similar purposes; we do not disclose it to third parties without your prior consent; and we will only use it for the specific purposes described in this Policy.
We collect your personal data when you use our Services, create a new eBay account, provide us with information via a web form, add or update information in your eBay account, participate in online community discussions or otherwise interact with us.
Monitoring
Glassdoor has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Direct messages and associated Content. Identifiers.— Excerpt from Glassdoor's Glassdoor Privacy Policy
(1) REGULATORY LANDSCAPE: Collection and processing of direct message content engages GDPR Article 6 lawful basis requirements and potentially ePrivacy Directive obligations for communications privacy in the EU. The US Electronic Communications Privacy Act (ECPA) may be relevant depending on how message content is accessed and used. CCPA/CPRA covers message content as personal information subject to consumer rights. (2) GOVERNANCE EXPOSURE: Medium. The disclosure that direct message content is collected is legally significant for user trust and compliance purposes. If message content is used for advertising or shared with third parties, this creates heightened exposure under both privacy and communications law frameworks. (3) JURISDICTION FLAGS: EU/UK users have strong communications privacy protections under GDPR and the ePrivacy Directive. California users have CCPA/CPRA rights over message content as personal information. Fishbowl users, who may communicate more informally, should be aware this applies to that platform as well. (4) CONTRACT AND VENDOR IMPLICATIONS: Any vendor receiving message content data (e.g., trust and safety, moderation, analytics providers) should have documented data processing agreements limiting use to specified purposes. (5) COMPLIANCE CONSIDERATIONS: The policy should clearly disclose the specific purposes for which direct message content is used. Retention schedules for message data should be reviewed and documented. Users should have the ability to delete messages and have associated data removed from Glassdoor's systems.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Users may assume that direct messages on a professional networking platform are private, but the policy discloses that message content is collected as personal data, which has implications for how confidentially users can communicate.
Direct messages sent through Glassdoor or Fishbowl are collected as personal data, meaning their content may be retained, used, or potentially shared in ways consistent with the broader policy's data use and sharing provisions.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Glassdoor.