A recruiter at a mid-sized tech company sent an offer letter last year. The candidate accepted, started, and six months later was having lunch with a colleague who had received an offer for the same role. They compared notes. Same title. Twelve thousand dollars apart in base salary. Neither knew the other's number — but both had inspected their offer letters in Adobe Reader. The document title field on one of them read "Offer — Senior Engineer — Band 4 — $142k ceiling." The HR team had forgotten to clear the document title before exporting.
This is not a hypothetical. It is the kind of thing that happens regularly because PDF metadata is invisible when you open a document, but completely readable by anyone who knows where to look — and increasingly, people know where to look.
This problem cuts both ways
Most metadata guides address one audience. This one addresses two — because in employment documents, both the sender and the recipient are simultaneously at risk.
You send offer letters, rejection notices, performance reviews, compensation adjustment letters, and job descriptions — all as PDFs. Each one can contain the drafter's name, internal salary band references, payroll system metadata, and modification timestamps that reveal your negotiation timeline.
A candidate who inspects an offer letter before signing may see things you never intended to disclose. Under GDPR and US state privacy laws, some of that metadata may also constitute a compliance violation.
You send resumes, cover letters, portfolios, and work samples — all as PDFs. Your resume contains your name from your OS account, the company name from your current employer's software license, and timestamps revealing exactly when you edited it.
If you created your resume on a work computer, the metadata may reveal your current employer before you're ready to disclose you're job hunting. If you created it at home, it may contain your home address or GPS coordinates.
What HR documents expose
The following table covers the most commonly shared HR documents and what metadata each typically contains when created in standard office software.
| Document type | Common metadata found | Risk level |
|---|---|---|
| Offer letter | HR drafter's name, internal document title (may include band/salary ceiling), modification timestamp showing negotiation timeline, company software license name | High |
| Performance review | Reviewer's full name, rating keywords (if used in document title/subject), modification dates revealing how long review was in draft | High |
| Termination letter | HR drafter's name, legal team reviewer's name (if passed between people), modification count revealing how many versions existed | High |
| Compensation adjustment | Author name, internal title field, payroll system producer tag, timestamp | High |
| Job description | Author, internal keywords (headcount codes, budget references), creation date | Medium |
| Rejection letter | Author name, template source (reveals whether it's a form letter), modification date | Medium |
| Employee handbook | Author, company, version history in revision count, creation date | Low |
Word and Google Docs populate the document Title field from whatever you typed in the document's title bar or properties. Many HR teams use internal naming conventions — "OL-SenEng-B4-142" — that mean nothing to other internal teams but immediately reveal salary band and ceiling to a candidate who opens File → Properties in Adobe Reader.
The fix is two seconds: clear the Title, Author, Subject, and Keywords fields before exporting. Or strip them entirely with a metadata remover after export.
What your resume reveals
Job seekers routinely underestimate how much their resume PDF exposes. Here is what a recruiter or hiring manager would see if they inspected a typical resume created in Microsoft Word on a corporate laptop:
That output reveals Alexandra's current employer — Meridian Capital Group — before she was ready to disclose she's interviewing. A recruiter at a competing firm who sees this might pass the information to contacts in her current organization. Her home location is also exposed. And the revision count of 23 suggests significant editing, which some interviewers interpret (fairly or not) as evidence of uncertainty or inconsistency in her story.
This is the metadata risk that job seekers consistently underestimate. The Creator/Company field in a PDF is populated by the software license of the computer that created it — not the person's choice. If you create your resume on your work laptop, your current employer's name is embedded in every copy you send. Always create and export job search documents from a personal device.
The legal dimension for HR teams
Beyond the operational embarrassment of accidentally disclosing salary bands, there are regulatory considerations that compliance-conscious HR teams need to account for.
GDPR — EU and UK
Under GDPR Article 4(1), personal data includes any information relating to an identifiable natural person. The name of the HR professional who drafted a document, embedded in the Author field of a PDF sent to a candidate, is personal data. Sharing it without necessity may violate the data minimisation principle in Article 5(1)(c).
This applies to candidates who are EU or UK residents, even when the employer is based outside Europe — GDPR's territorial scope under Article 3(2) applies when processing relates to offering employment to people in the EU.
US state privacy laws
California's CPRA, Virginia's CDPA, and Colorado's CPA all extend privacy rights to employees and job applicants. While none explicitly address PDF metadata, their requirements around data minimisation and purpose limitation create the same practical obligation: don't share personal data that isn't necessary for the purpose.
Pay transparency laws
Colorado, California, New York, and Washington now require salary range disclosure in job postings. But that disclosure is supposed to be controlled and standardized — not inadvertently leaked through document metadata. An offer letter metadata field that reveals an internal salary ceiling higher than the disclosed range could create legal exposure.
This article explains the practical implications of PDF metadata in employment contexts based on publicly available law and regulatory guidance. It is not legal advice. HR and legal teams with specific compliance questions should consult qualified employment law counsel.
How HR teams should fix this
The goal is to make metadata stripping a standard part of your document workflow — not an afterthought. It takes under thirty seconds per document.
Clean before export, not after
In Microsoft Word: File → Info → Check for Issues → Inspect Document → remove personal information before saving as PDF. This is the cleanest approach because it prevents metadata from entering the PDF at all.
Strip after export using FileIntel
Go to fileintel.me/pdf-metadata-remover, drop the exported PDF, review the Privacy Risk Score, strip all fields, and download the clean copy. Takes 30 seconds. The file never reaches a server — important when handling candidate documents.
Verify before sending
Re-inspect the stripped PDF before sending. A Privacy Risk Score near zero confirms the clean was complete. High-risk fields still showing means the strip missed something.
Add it to your document workflow policy
Update your HR document handling procedure to include a mandatory metadata strip step for all externally shared documents. Train the team once — it takes five minutes to explain and saves significant potential embarrassment or liability.
Strip metadata from HR documents now
Free. Browser-only. Your documents never reach our servers — or anyone else's.
How job seekers should fix this
Three things to do before sending any application document as a PDF:
Always create job search documents on a personal device
This is the single most important step. A resume created on a personal laptop will have your name in the Author field — not your employer's name in the Company/Creator field. Never create or edit job search documents on a work computer.
Strip metadata before every application
Use FileIntel's PDF Metadata Remover on your final resume before each application. Takes 30 seconds. Removes author name, GPS coordinates, modification timestamps, and any employer-identifying fields.
Check your own documents before they go out
Use the same inspector to verify what you're about to send. Seeing your current employer's name in the Creator field before the recruiter does is significantly better than the alternative.
How to inspect documents you receive
If you are a candidate who has received an offer letter and wants to inspect its metadata — that is entirely legal. You received the document. You can inspect it however you like.
Use FileIntel's PDF Metadata Inspector, Adobe Reader's File → Properties, or ExifTool. You may find nothing interesting. You may find that the document title contains internal salary references, or that the modification timestamp reveals the offer was revised three times in the week before it was sent. That information is legitimately yours to see and factor into your decision.
What you find in document metadata can inform your negotiation. A modification timestamp showing the offer was revised repeatedly suggests active decision-making at the hiring organization — potentially indicating flexibility. An internal document title containing a budget ceiling gives you a genuine upper bound for your counteroffer.
PDF metadata in employment documents is a two-sided information asymmetry problem. HR teams who strip their documents remove accidental disclosures and reduce compliance risk. Job seekers who strip their documents protect their current employer identity and personal location data. Both sides who inspect received documents gain information they are legally entitled to.
The tool is the same for all three use cases. The thirty seconds it takes is the same. The only variable is whether you know to do it.