Skip to main content

How does Salary Confidential protect requester information from leaking?

Requesters are not anonymous on our platform: anyone asking for sensitive compensation data should disclose who they are so respondents can evaluate the context of the request. We make sure, however, that requester information is only seen by potential respondents, and not by anybody (or anything) else

There is no way to use Salary Confidential as an anonymous requester: this is a decision we made. It builds credibility and establishes the exchange as what it’s meant to be: peers helping peers. Transparency makes clear that the Requester is a legitimate professional, not a nosy neighbor brewing their tea with your compensation information (to use the technical term).

In professional terms: Salary Confidential is intentionally inhospitable to Requesters who don’t have a legitimate reason to survey their peers. The platform makes it difficult to misrepresent identity and easy for Respondents to verify authenticity.

Your requester information cannot be scraped from Survey pages

We take a comprehensive set of measures to prevent Requester details and Survey data from being scraped or harvested. Some of these protections are built directly into our product design, and others are reinforced through platform-level defenses.

By design

  • Requester information is provided and displayed only while a Survey is open and active. Once a Survey closes, personal identifiers are removed both from the API response and from public view.
  • Survey reports contain no personal data about the requester and no context about the request.
  • All Survey pages and reports are explicitly marked noindex, nofollow to prevent inclusion in search results.
  • Surveys and reports are also excluded from our sitemap, ensuring they are not discoverable by crawlers.

Platform-level protection

Our platform is hosted on Cloudflare, where we employ multiple layers of security designed to block bots and automated scraping:

  • Web Application Firewall (WAF) to filter suspicious or malicious network traffic.
  • AI Crawl Control and Bot Fight Mode to detect and deter automated scraping.

We especially protect your professional email address from being harvested by bots with custom defenses

While we ask the Requester to verify their professional email address and LinkedIn profile and show this information in in-flight surveys, we are especially mindful of the risk that the professional email address may be picked up by crawlers.

Tl;dr: There are pre-built tools to encode email addresses on page, but there are various methods documented out there that make it easy for more advanced spam bots to go around them. So we raised our own game, in order to be sure your professional email couldn't be picked up by bad actors...

In details, how we protect your professional email address even when we show it on a public page

  • The email address isn't displayed by default when the survey gets loaded in your browser: We show an anonymized version of the email address which will be enough for most people, like a*******@domain.com.
  • If a potential respondent wants to see the full email, they click "Show full email address" button. At this point, we fire an invisible Cloudflare Captcha. We only accept to send back the full de-anonymized email if the Captcha is valid. This is only shown in that moment, in that page view, without cache, and with the filter of captcha-check specifically for fetching this information from our platform

(If you're technical, all of this is happening server-side; the API request we originally load with the survey is anonymized server-side ; the captcha is analyzed server-side as well)

While no system can offer an absolute guarantee, we select technologies and make architectural decisions guided by a single north star: assume the worst and design defensively. Our aim is to make Salary Confidential an environment that is both transparent for human users and hostile to automated data collection.

Updated January 23, 2026