Please be advised that this FAQ is for your convenience only. It is not an exhaustive explanation or legal advice, and does not supplement or replace the applicable Terms of Service, which constitute a legally binding agreement between you and Indeed. We advise to read applicable terms in full.
How does Indeed view privacy?
Indeed values each of its users’ privacy. We’ve invested significant resources into building a global privacy framework that bakes privacy-by-design into our product development lifecycle and affords all of our users the same rights to access and delete their personal data.
How does Indeed process user data?
How does Indeed share user data with its affiliates?
What is the GDPR?
On May 25, 2018, the European Union (EU) introduced the General Data Protection Regulation (GDPR) . The GDPR established a comprehensive framework for protecting individual’s personal data by defining individual rights and the obligations for businesses around transparency, security and accountability in all processing of personal data.
What is Indeed doing to comply with GDPR?
The GDPR introduced stronger rights and protections for individuals, and created new obligations for businesses in terms of how they process individuals’ personal data. We are excited about doing what is best for our users, and have introduced changes in accordance with the GDPR and its principles.
Indeed also employs applicable privacy principles, and has introduced certain changes to support additional user rights and satisfy all of our obligations. Some examples of those changes are set out below.
What is the CCPA?
On January 1, 2020, the California legislature introduced the California Consumer Privacy Act (CCPA). The CCPA is a first-of-its-kind privacy framework in the United States (US), delivering a new standard of transparency for businesses collecting California residents’ personal data. Among other things, the CCPA offers California residents new consumer rights around accessing and deleting their personal data collected by businesses, and redefines how businesses must account for certain transfers of California residents’ personal data.
What is Indeed doing to comply with the CCPA?
Indeed has taken a number of measures to satisfy this new law, and other laws, by building on Indeed’s existing privacy framework. A few examples include:
Does Indeed transfer data in any way that may be a “sale” under the CCPA?
Please see our explanation here.
How does Indeed manage EU personal data transfers?
Indeed helps people get jobs using a system designed and developed in the United States. So helping people get the jobs they want inevitably involves the transfer of our users’ personal data from the EU and Switzerland to the US and to other countries. Indeed uses various mandated legal mechanisms to ensure that adequate protections are applied to such personal data when it is transferred outside the EU.
Furthermore, Indeed Ireland’s transfers made according to the Privacy Shield Framework are performed based on agreements that also incorporate the protections provided for under Chapter V (and Article 28, where appropriate) of the GDPR. This incorporates EU data protection requirements to ensure adequate protection of such personal data transfers.
What information does Indeed transfer to third parties?
We do this for a number of reasons, for example: to improve our services to you; to maintain quality and protect users; to facilitate payments (where applicable); to permit user log-in through third party accounts; or to understand and optimize our users’ customer journey.
What information is shared with third parties when the Indeed App is installed?
In order to provide you with certain services and support ad attribution, limited user data may be shared with certain service providers when you install, download or use the Indeed App. This may include your IP address or other unique identifier, and event data related to the installation of the Indeed App.
This may be done for a variety of purposes, including facilitating user log-in through third party accounts. It may also assist Indeed to understand and optimize our users’ complete customer journey by helping us: (i) understand how users arrive to Indeed; (ii) better measure the performance of our ads; and (iii) understand where a user has accessed Indeed through different devices.
How do individuals make a personal data access request?
How do individuals make a personal data deletion request?
How can individuals avail of the other rights provided under GDPR?
How do I unsubscribe from any marketing messages from Indeed?
If you wish to opt out of a particular marketing email from Indeed, you may do so by clicking “unsubscribe from this email” (or an equivalent action) where applicable. Please note that this will only opt you out of that particular marketing message.
If you wish to adjust all your job alerts, you can click on “manage my subscriptions” (or an equivalent action) to adjust your subscriptions. You can also access and adjust your subscriptions (for job alerts, recommended jobs, and other notifications) from your account dashboard, or contact Indeed Customer Support to do so.
In addition, you may opt out of all marketing messages or withdraw your consent from any consent-based processing by sending an email to privacy-dept @ indeed.com (remove spaces when sending email). In your message, please detail which activities from which you wish to opt out or withdraw your consent. We will comply with your request as soon as reasonably practicable, and in accordance with applicable laws.
Finally, please note that we may still send other messages to you, such as administrative messages.
How long does Indeed retain personal data?
What security measures are adopted by Indeed?
Indeed seeks to use reasonable security measures to help protect against unauthorized access, disclosure, and destruction and accidental loss of Personal Data under Indeed’s control, although no method of transmission over the Internet, or method of electronic storage, is 100% secure. The practices Indeed follows vary depending on the nature of the data, the context of the processing, and the risks involved, as well as available technology.
With respect to data transfers, Indeed Inc. is certified under EU-US Privacy Shield, and adheres to applicable Privacy Shield principles. It also adheres to GDPR requirements concerning transfers of personal data to Indeed affiliates and to third parties.
For more information on some of the steps we take and advice on steps you can take to help keep your information safe during your job seeking journey, please visit our Security page.
Does the GDPR impact my current use of Indeed Resume?
Resumes set to ‘public’ will continue to be available in their current capacity as outlined in our terms. Indeed has made necessary changes, as detailed above, to ensure lawful processing in compliance with GDPR and the rights of our users.
Does Indeed comply with international privacy rules?
Where is Indeed's main establishment for GDPR purposes?
What has Indeed done from a privacy perspective to prepare for Brexit?
Indeed has taken measures to ensure the personal data of its users continues to be protected. For example, Indeed has introduced data transfer and processing agreements where appropriate to protect personal data transfers to the United Kingdom in the event of that jurisdiction departing from the European data protection regime.