Glassdoor has formally designated legal entities to represent it under GDPR for users in the UK and EU, meaning those users have specific data rights they can exercise against these named entities.
This analysis describes what Glassdoor's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Naming specific GDPR representatives means EU and UK users have clear entities to contact with data rights requests, complaints, or regulatory concerns, which is a meaningful compliance commitment.
The updated policy grants EU, UK, and Swiss residents explicit rights to request access to their personal data held by Glassdoor in the United States, and to correct, amend, or delete that data. Glas…
EU users can direct GDPR data rights requests (access, deletion, portability, objection) to Glassdoor Hiring Solutions Ireland Ltd., and UK users can direct requests to Glassdoor Global Ltd., giving users specific and named points of contact for data rights enforcement.
How other platforms handle this
Runway is considered the "data controller" of the "personal data" (as defined under the General Data Protection Regulation) we handle under this Privacy Policy. In other words, Runway is responsible for deciding how to collect, use, and disclose personal data, subject to applicable law. The laws of ...
If you are in the 'Designated Countries', LinkedIn Ireland Unlimited Company ('LinkedIn Ireland') will be the controller of your personal data provided to, or collected by or for, or processed in connection with our Services. If you are outside of the Designated Countries, LinkedIn Corporation will ...
When Okta provides its products and services to its customers (e.g., organizations that use Okta to manage their workforce or Auth0 to manage their customer identity), Okta processes personal data on behalf of those customers as a data processor. In those cases, the customer is the data controller a...
Monitoring
Glassdoor has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Glassdoor LLC is the data controller for our services. Our representative in the UK for GDPR: Glassdoor Global Ltd. Our representative in the EU for GDPR: Glassdoor Hiring Solutions Ireland Ltd.— Excerpt from Glassdoor's Glassdoor Privacy Policy
(1) REGULATORY LANDSCAPE: GDPR Article 27 requires non-EU/UK established controllers with EU/UK processing activities to designate a representative in each jurisdiction. The designation of Glassdoor Global Ltd. (UK) and Glassdoor Hiring Solutions Ireland Ltd. (EU) fulfills this requirement on the face of the policy. The UK ICO and EU Data Protection Authorities (led by the Irish DPC given the Irish entity) are the primary enforcement authorities. GDPR Articles 15-22 govern the data subject rights these representatives must facilitate. (2) GOVERNANCE EXPOSURE: Medium. The designation itself is standard compliance practice, but the operational effectiveness depends on whether these entities are properly resourced to handle data subject requests within GDPR timeframes (generally one month under Article 12). The Irish DPC's jurisdiction over Glassdoor's EU operations means it is the lead supervisory authority for cross-border processing matters. (3) JURISDICTION FLAGS: EU/EEA users have the right to lodge complaints with their local DPA even when the lead authority is the Irish DPC. UK users can file complaints with the ICO. Post-Brexit UK GDPR applies separately from EU GDPR, meaning two distinct compliance frameworks apply. (4) CONTRACT AND VENDOR IMPLICATIONS: The representative entities must be formally authorized under GDPR Article 27 and should have documented mandates. Legal teams should confirm that these entities are empowered to respond to regulatory inquiries on behalf of Glassdoor LLC. (5) COMPLIANCE CONSIDERATIONS: Data subject request workflows should be mapped to each representative entity and tested for timeliness and completeness. Complaint escalation paths to relevant DPAs should be clearly documented in internal procedures.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
We read the privacy policies and terms of service of 38 AI platforms. Here is what they say about training, retention, arbitration, and liability.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Naming specific GDPR representatives means EU and UK users have clear entities to contact with data rights requests, complaints, or regulatory concerns, which is a meaningful compliance commitment.
EU users can direct GDPR data rights requests (access, deletion, portability, objection) to Glassdoor Hiring Solutions Ireland Ltd., and UK users can direct requests to Glassdoor Global Ltd., giving users specific and named points of contact for data rights enforcement.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Glassdoor.