What are the institutional and regulatory implications of this document?

REGULATORY LANDSCAPE: This policy engages the GDPR and UK GDPR for European Residents (Yelp Ireland Ltd. as controller), the California Consumer Privacy Act and California Privacy Rights Act for California residents, state privacy laws in Virginia, Colorado, Connecticut, and other US states with comprehensive privacy statutes, COPPA for users under 13, and Quebec Law 25. The FTC has broad oversight over Yelp's US data practices under its unfair and deceptive practices authority. The policy's AI…

How does Yelp's Yelp Privacy Policy affect users?

The policy establishes that user-generated content, behavioral data, and location information are collected and used by Yelp for advertising targeting and AI system development, with such data subject to sharing with third-party advertising networks. Users may manage certain advertising preferences and submit data access, deletion, or restriction requests through account settings or the designated privacy email address. The scope and ease of exercising these options vary across different data u…

How often is Yelp's Yelp Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Yelp updates this document?

Yes. Watcher subscribers ($9.99/month) can add Yelp to their watchlist and receive same-day email alerts whenever this document or any other Yelp document changes.

CA-D-000240

Yelp Privacy Policy

Yelp

Last change detected April 19, 2026 Privacy policy

SHA-256: f6c4d9b7cc34ed9151a… 2 versions captured 0 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Yelp ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

9 Total

0 High severity

6 Medium severity

3 Low severity

Summary

This Yelp Privacy Policy establishes the categories of personal information Yelp collects from users of its platform, including name, location, search history, device data, and user-generated content such as reviews and photos. The policy authorizes Yelp to use collected data for targeted advertising purposes, to share behavioral and location data with advertising partners, and to incorporate user content and interaction data into AI model training. The policy establishes data subject rights for California, EU/UK, and Quebec residents, including rights to access, delete, or restrict processing of personal data through Yelp's privacy settings or by submitting requests to privacy@yelp.com.

Technical / Legal Breakdown

This document is Yelp's Privacy Policy (last updated October 1, 2025), governing the collection, use, and sharing of personal information across Yelp's websites, mobile applications, and communications services, with Yelp Inc. (Delaware) serving as the data controller for non-European users and Yelp Ireland Ltd. serving as the controller for European Residents (EEA, Switzerland, UK). The policy asserts broad data collection practices including account information, precise geolocation, device identifiers, browsing and search behavior, payment data, communications content, health and biometric data in some contexts, and data obtained from third-party partners; the terms authorize use of this data for advertising, AI model training, service personalization, and sharing with advertising networks, business partners, and affiliates. Notably, the policy includes an explicit AI section disclosing that user-generated content and interactions may be used to train Yelp's AI systems, and it reserves broad rights to share data with third parties for advertising purposes while offering opt-out mechanisms that vary in scope and accessibility; the English version of the policy is stated to prevail over any translated versions, which may create comprehension barriers for non-English speakers. The policy engages GDPR and UK GDPR for European Residents, the California Consumer Privacy Act (CCPA/CPRA) and related state privacy laws for US residents, COPPA for users under 13, and Quebec Law 25 for Quebec residents; the scope and enforceability of certain data sharing and AI training provisions may require evaluation under GDPR's lawful basis requirements, CCPA's sale and sharing opt-out obligations, and emerging state AI transparency regulations. Material compliance considerations include the adequacy of consent mechanisms for sensitive data categories, the clarity of opt-out pathways for targeted advertising and AI data use, and the sufficiency of data retention disclosures post-account closure.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

Medium — 6 provisions

AI Training Use of User Content Compare →

Yelp may use the reviews, photos, and other content you post, as well as your interactions with Yelp's AI features, to train its artificial intelligence systems.

Added May 10, 2026 Common Seen across 104 platforms
Precise Geolocation Data Collection Compare →

If you grant permission, Yelp can collect your exact GPS location and use it for search results, analytics, and targeted advertising; even without permission, Yelp may estimate your location from your IP address.

Added May 10, 2026 Standard Seen across 251 platforms
Third-Party Advertising Data Sharing Compare →

Yelp shares your search activity, the businesses you look at, and how you interact with ads with outside advertising companies to show you targeted ads and measure whether those ads worked.

Added May 8, 2026 Standard Seen across 246 platforms
Data Retention Post-Account Closure Compare →

Closing your Yelp account removes your public profile and reviews from display, but Yelp retains your underlying personal data for legal, dispute resolution, and agreement enforcement purposes for an unspecified period.

Added May 10, 2026 Standard Seen across 223 platforms
Sensitive Data Collection Including Health Information Compare →

If you search for or review health-related businesses, or if you share details about your religion, sexual orientation, politics, or finances in reviews or profile information, Yelp may collect and use that sensitive information.

Added May 10, 2026 Standard Seen across 251 platforms
Children's Privacy and Age Restriction Compare →

Yelp's platform is not designed for children under 13, and Yelp states it does not intentionally collect data from children under 13; parents can contact privacy@yelp.com to request deletion of a child's data.

Added May 10, 2026 Standard Seen across 262 platforms

Low — 3 provisions

California Residents Privacy Rights (CCPA/CPRA) Compare →

California residents have six specific privacy rights under CCPA/CPRA: the right to know, delete, correct, opt out of data sale or sharing, limit sensitive data use, and protection against discrimination for exercising these rights.

Added May 10, 2026 Standard Seen across 262 platforms
European Residents Privacy Rights (GDPR) Compare →

If you live in the EU, EEA, UK, or Switzerland, Yelp Ireland Ltd. is responsible for your data under GDPR, and you have rights to access, correct, delete, restrict, port your data, and object to how it is used, and you can complain to your national data protection authority.

Added May 8, 2026 Standard Seen across 262 platforms
Policy Modifications and Notification Compare →

Yelp can update this privacy policy at any time; for significant changes, it will post a notice on its website before the changes take effect, and may seek your consent where legally required.

Added May 10, 2026 Standard Seen across 178 platforms