Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	We face significant and persistent cybersecurity risks due to the widespread use of our websites and mobile applications; the attractiveness of our websites and mobile applications to threat actors, including state-sponsored actors; the fact that we operate globally and must defend against cybersecurity attacks in thirteen countries; the substantial level of harm that could occur to our business, our customers, or our merchants if we were to suffer a material cybersecurity incident; and our use of third-party products and services. These risks include dependencies on cloud service providers and other third-party technology vendors that support our critical systems and operations. Protecting our systems, networks, data and confidential information is a priority at Groupon. We are committed to maintaining robust governance and oversight of these risks and implementing mechanisms, controls, technologies and processes designed to help us identify, assess and manage these risks. As of the date of this Form 10-K, we have not experienced a material cybersecurity threat or incident that resulted in a material adverse impact to our business strategy, results of operations or financial condition, but there can be no guarantee that we will not experience such an incident in the future. The determination of whether a cybersecurity incident is material involves judgment and depends on the specific facts and circumstances at the time of assessment. Such incidents, whether or not successful, could result in significant costs related to, for example: rebuilding our internal systems, implementing additional threat protection measures, providing modifications to our websites and mobile applications, defending against litigation, responding to regulatory inquiries or actions, paying damages, providing merchants and customers with incentives to maintain a business relationship with us, taking other remedial steps with respect to third parties or incurring significant reputational harm. In addition, these threats are constantly evolving, which increases the difficulty of successfully defending against them or implementing adequate preventative measures. We have seen an increase in the volume, frequency and sophistication of cyberattacks. We seek to detect and investigate unauthorized attempts and attacks against our network, cloud infrastructure, websites, and mobile applications and to prevent their occurrence and recurrence where practicable through changes or updates to our internal processes and our websites and mobile applications; however, we remain potentially vulnerable to known or unknown threats. It is also possible that we, our merchants, our customers or our vendors will be unaware of a threat or incident or its magnitude and effects. Further, there is increasing regulation regarding responses to cybersecurity incidents, including reporting to regulators, which could subject us to additional liability and reputational harm. This includes enhanced regulatory requirements in the United States and other jurisdictions related to the timing and content of cybersecurity incident disclosures. See Item 1A. Risk Factors for more information on our cybersecurity risks.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	We are committed to maintaining robust governance and oversight of these risks and implementing mechanisms, controls, technologies and processes designed to help us identify, assess and manage these risks.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	The Audit Committee oversees risks pertaining to cybersecurity. A member of our IT and Information Security teams regularly reports to the Audit Committee, and directly to the Board, as appropriate, on the state of our cybersecurity program and provides updates on cybersecurity matters. In addition, our IT and Information Security teams typically conduct an annual cybersecurity review, which is shared with our Board as needed. We employ security practices to protect and maintain the systems located at our cloud hosting providers, invest in intrusion and anomaly detection tools and engage third-party security firms to test the security of our websites and systems. Specifically, we leverage industry best practices to identify and mitigate data security risks, including but not limited to, utilizing processes and tools to monitor and address email security, the security of our workstations and servers, cloud security, password management, secure file transfers and ransomware protection. In addition, we utilize a firewall, a virtual private network, multi-factor authentication and single sign-on and conduct regular phishing testing. We also regularly evaluate and assess our systems and the controls, processes and practices to protect those systems, including recently completing the migration of our public-facing websites and applications and our back-end business intelligence systems to the cloud. We also retain personnel that have in-depth experience in penetration testing and conduct penetration testing against our own systems. Further, we utilize third party partners to help us monitor issues that are internally discovered or externally reported that may affect our websites and mobile applications, and we have processes to assess the potential cybersecurity impact or risk of these issues. We also have a process in place to manage cybersecurity risks associated with third-party service providers. We impose security requirements upon our suppliers, including maintaining an effective security management program abiding by information handling and asset management requirements and notifying us in the event of any known or suspected cyber incident. The day-to-day operations of our cybersecurity risk management program are overseen by our IT and Information Security teams. Our cybersecurity program is run by our CTO, Ales Drabek, who reports to our CEO, Dusan Senkypl. Ales Drabek joined Groupon as CTO on May 1, 2025, and is based in Munich, leading a team of around 350 people. He has deep expertise in digital and technology transformation, cloud technologies, eCommerce, B2B & B2C marketplaces, Big Data, and CRM. He was previously CIO at Lampenwelt GmbH, where he led a full technology modernization and AI initiatives across European marketplaces. Before that, as Chief Digital & Disruption Officer at Conrad Electronic SE, he launched one of Europe’s first B2B marketplaces and built an IoT platform for home automation. He also held leadership roles at Metro Cash & Carry International, driving digital transformation and customer-focused tech solutions. Our CTO regularly reports directly to the Audit Committee on our cybersecurity program and efforts to prevent, detect, mitigate and remediate issues. In addition, we have an escalation process in place to inform senior management and the Board of material issues.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Audit Committee oversees risks pertaining to cybersecurity. A member of our IT and Information Security teams regularly reports to the Audit Committee, and directly to the Board, as appropriate, on the state of our cybersecurity program and provides updates on cybersecurity matters.The day-to-day operations of our cybersecurity risk management program are overseen by our IT and Information Security teams.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Audit Committee oversees risks pertaining to cybersecurity. A member of our IT and Information Security teams regularly reports to the Audit Committee, and directly to the Board, as appropriate, on the state of our cybersecurity program and provides updates on cybersecurity matters. In addition, our IT and Information Security teams typically conduct an annual cybersecurity review, which is shared with our Board as needed. We employ security practices to protect and maintain the systems located at our cloud hosting providers, invest in intrusion and anomaly detection tools and engage third-party security firms to test the security of our websites and systems. Specifically, we leverage industry best practices to identify and mitigate data security risks, including but not limited to, utilizing processes and tools to monitor and address email security, the security of our workstations and servers, cloud security, password management, secure file transfers and ransomware protection. In addition, we utilize a firewall, a virtual private network, multi-factor authentication and single sign-on and conduct regular phishing testing. We also regularly evaluate and assess our systems and the controls, processes and practices to protect those systems, including recently completing the migration of our public-facing websites and applications and our back-end business intelligence systems to the cloud. We also retain personnel that have in-depth experience in penetration testing and conduct penetration testing against our own systems. Further, we utilize third party partners to help us monitor issues that are internally discovered or externally reported that may affect our websites and mobile applications, and we have processes to assess the potential cybersecurity impact or risk of these issues. We also have a process in place to manage cybersecurity risks associated with third-party service providers. We impose security requirements upon our suppliers, including maintaining an effective security management program abiding by information handling and asset management requirements and notifying us in the event of any known or suspected cyber incident. The day-to-day operations of our cybersecurity risk management program are overseen by our IT and Information Security teams. Our cybersecurity program is run by our CTO, Ales Drabek, who reports to our CEO, Dusan Senkypl. Ales Drabek joined Groupon as CTO on May 1, 2025, and is based in Munich, leading a team of around 350 people. He has deep expertise in digital and technology transformation, cloud technologies, eCommerce, B2B & B2C marketplaces, Big Data, and CRM. He was previously CIO at Lampenwelt GmbH, where he led a full technology modernization and AI initiatives across European marketplaces. Before that, as Chief Digital & Disruption Officer at Conrad Electronic SE, he launched one of Europe’s first B2B marketplaces and built an IoT platform for home automation. He also held leadership roles at Metro Cash & Carry International, driving digital transformation and customer-focused tech solutions. Our CTO regularly reports directly to the Audit Committee on our cybersecurity program and efforts to prevent, detect, mitigate and remediate issues. In addition, we have an escalation process in place to inform senior management and the Board of material issues.
Cybersecurity Risk Role of Management [Text Block]	The day-to-day operations of our cybersecurity risk management program are overseen by our IT and Information Security teams. Our cybersecurity program is run by our CTO, Ales Drabek, who reports to our CEO, Dusan Senkypl. Ales Drabek joined Groupon as CTO on May 1, 2025, and is based in Munich, leading a team of around 350 people. He has deep expertise in digital and technology transformation, cloud technologies, eCommerce, B2B & B2C marketplaces, Big Data, and CRM. He was previously CIO at Lampenwelt GmbH, where he led a full technology modernization and AI initiatives across European marketplaces. Before that, as Chief Digital & Disruption Officer at Conrad Electronic SE, he launched one of Europe’s first B2B marketplaces and built an IoT platform for home automation. He also held leadership roles at Metro Cash & Carry International, driving digital transformation and customer-focused tech solutions. Our CTO regularly reports directly to the Audit Committee on our cybersecurity program and efforts to prevent, detect, mitigate and remediate issues. In addition, we have an escalation process in place to inform senior management and the Board of material issues.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	The day-to-day operations of our cybersecurity risk management program are overseen by our IT and Information Security teams. Our cybersecurity program is run by our CTO,
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Ales Drabek, who reports to our CEO, Dusan Senkypl. Ales Drabek joined Groupon as CTO on May 1, 2025, and is based in Munich, leading a team of around 350 people. He has deep expertise in digital and technology transformation, cloud technologies, eCommerce, B2B & B2C marketplaces, Big Data, and CRM. He was previously CIO at Lampenwelt GmbH, where he led a full technology modernization and AI initiatives across European marketplaces. Before that, as Chief Digital & Disruption Officer at Conrad Electronic SE, he launched one of Europe’s first B2B marketplaces and built an IoT platform for home automation. He also held leadership roles at Metro Cash & Carry International, driving digital transformation and customer-focused tech solutions.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Our CTO regularly reports directly to the Audit Committee on our cybersecurity program and efforts to prevent, detect, mitigate and remediate issues. In addition, we have an escalation process in place to inform senior management and the Board of material issues.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We face significant and persistent cybersecurity risks due to the widespread use of our websites and mobile applications; the attractiveness of our websites and mobile applications to threat actors, including state-sponsored actors; the fact that we operate globally and must defend against cybersecurity attacks in thirteen countries; the substantial level of harm that could occur to our business, our customers, or our merchants if we were to suffer a material cybersecurity incident; and our use of third-party products and services. These risks include dependencies on cloud service providers and other third-party technology vendors that support our critical systems and operations. Protecting our systems, networks, data and confidential information is a priority at Groupon. We are committed to maintaining robust governance and oversight of these risks and implementing mechanisms, controls, technologies and processes designed to help us identify, assess and manage these risks.

As of the date of this Form 10-K, we have not experienced a material cybersecurity threat or incident that resulted in a material adverse impact to our business strategy, results of operations or financial condition, but there can be no guarantee that we will not experience such an incident in the future. The determination of whether a cybersecurity incident is material involves judgment and depends on the specific facts and circumstances at the time of assessment. Such incidents, whether or not successful, could result in significant costs related to, for example: rebuilding our internal systems, implementing additional threat protection measures, providing modifications to our websites and mobile applications, defending against litigation, responding to regulatory inquiries or actions, paying damages, providing merchants and customers with incentives to maintain a business relationship with us, taking other remedial steps with respect to third parties or incurring significant reputational harm. In addition, these threats are constantly evolving, which increases the difficulty of successfully defending against them or implementing adequate preventative measures. We have seen an increase in the volume, frequency and sophistication of cyberattacks. We seek to detect and investigate unauthorized attempts and attacks against our

network, cloud infrastructure, websites, and mobile applications and to prevent their occurrence and recurrence where practicable through changes or updates to our internal processes and our websites and mobile applications; however, we remain potentially vulnerable to known or unknown threats. It is also possible that we, our merchants, our customers or our vendors will be unaware of a threat or incident or its magnitude and effects. Further, there is increasing regulation regarding responses to cybersecurity incidents, including reporting to regulators, which could subject us to additional liability and reputational harm. This includes enhanced regulatory requirements in the United States and other jurisdictions related to the timing and content of cybersecurity incident disclosures. See Item 1A. Risk Factors for more information on our cybersecurity risks.

Cybersecurity Risk Management Processes Integrated [Text Block]

We are committed to maintaining robust governance and oversight of these risks and implementing mechanisms, controls, technologies and processes designed to help us identify, assess and manage these risks.

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Board of Directors Oversight [Text Block]

The Audit Committee oversees risks pertaining to cybersecurity. A member of our IT and Information Security teams regularly reports to the Audit Committee, and directly to the Board, as appropriate, on the state of our cybersecurity program and provides updates on cybersecurity matters. In addition, our IT and Information Security teams typically conduct an annual cybersecurity review, which is shared with our Board as needed. We employ security practices to protect and maintain the systems located at our cloud hosting providers, invest in intrusion and anomaly detection tools and engage third-party security firms to test the security of our websites and systems. Specifically, we leverage industry best practices to identify and mitigate data security risks, including but not limited to, utilizing processes and tools to monitor and address email security, the security of our workstations and servers, cloud security, password management, secure file transfers and ransomware protection. In addition, we utilize a firewall, a virtual private network, multi-factor authentication and single sign-on and conduct regular phishing testing. We also regularly evaluate and assess our systems and the controls, processes and practices to protect those systems, including recently completing the migration of our public-facing websites and applications and our back-end business intelligence systems to the cloud. We also retain personnel that have in-depth experience in penetration testing and conduct penetration testing against our own systems. Further, we utilize third party partners to help us monitor issues that are internally discovered or externally reported that may affect our websites and mobile applications, and we have processes to assess the potential cybersecurity impact or risk of these issues. We also have a process in place to manage cybersecurity risks associated with third-party service providers. We impose security requirements upon our suppliers, including maintaining an effective security management program abiding by information handling and asset management requirements and notifying us in the event of any known or suspected cyber incident.

The day-to-day operations of our cybersecurity risk management program are overseen by our IT and Information Security teams. Our cybersecurity program is run by our CTO, Ales Drabek, who reports to our CEO, Dusan Senkypl. Ales Drabek joined Groupon as CTO on May 1, 2025, and is based in Munich, leading a team of around 350 people. He has deep expertise in digital and technology transformation, cloud technologies, eCommerce, B2B & B2C marketplaces, Big Data, and CRM. He was previously CIO at Lampenwelt GmbH, where he led a full technology modernization and AI initiatives across European marketplaces. Before that, as Chief Digital & Disruption Officer at Conrad Electronic SE, he launched one of Europe’s first B2B marketplaces and built an IoT platform for home automation. He also held leadership roles at Metro Cash & Carry International, driving digital transformation and customer-focused tech solutions.

Our CTO regularly reports directly to the Audit Committee on our cybersecurity program and efforts to prevent, detect, mitigate and remediate issues. In addition, we have an escalation process in place to inform senior management and the Board of material issues.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Audit Committee oversees risks pertaining to cybersecurity. A member of our IT and Information Security teams regularly reports to the Audit Committee, and directly to the Board, as appropriate, on the state of our cybersecurity program and provides updates on cybersecurity matters. In addition, our IT and Information Security teams typically conduct an annual cybersecurity review, which is shared with our Board as needed. We employ security practices to protect and maintain the systems located at our cloud hosting providers, invest in intrusion and anomaly detection tools and engage third-party security firms to test the security of our websites and systems. Specifically, we leverage industry best practices to identify and mitigate data security risks, including but not limited to, utilizing processes and tools to monitor and address email security, the security of our workstations and servers, cloud security, password management, secure file transfers and ransomware protection. In addition, we utilize a firewall, a virtual private network, multi-factor authentication and single sign-on and conduct regular phishing testing. We also regularly evaluate and assess our systems and the controls, processes and practices to protect those systems, including recently completing the migration of our public-facing websites and applications and our back-end business intelligence systems to the cloud. We also retain personnel that have in-depth experience in penetration testing and conduct penetration testing against our own systems. Further, we utilize third party partners to help us monitor issues that are internally discovered or externally reported that may affect our websites and mobile applications, and we have processes to assess the potential cybersecurity impact or risk of these issues. We also have a process in place to manage cybersecurity risks associated with third-party service providers. We impose security requirements upon our suppliers, including maintaining an effective security management program abiding by information handling and asset management requirements and notifying us in the event of any known or suspected cyber incident.

The day-to-day operations of our cybersecurity risk management program are overseen by our IT and Information Security teams. Our cybersecurity program is run by our CTO, Ales Drabek, who reports to our CEO, Dusan Senkypl. Ales Drabek joined Groupon as CTO on May 1, 2025, and is based in Munich, leading a team of around 350 people. He has deep expertise in digital and technology transformation, cloud technologies, eCommerce, B2B & B2C marketplaces, Big Data, and CRM. He was previously CIO at Lampenwelt GmbH, where he led a full technology modernization and AI initiatives across European marketplaces. Before that, as Chief Digital & Disruption Officer at Conrad Electronic SE, he launched one of Europe’s first B2B marketplaces and built an IoT platform for home automation. He also held leadership roles at Metro Cash & Carry International, driving digital transformation and customer-focused tech solutions.

Our CTO regularly reports directly to the Audit Committee on our cybersecurity program and efforts to prevent, detect, mitigate and remediate issues. In addition, we have an escalation process in place to inform senior management and the Board of material issues.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Ales Drabek, who reports to our CEO, Dusan Senkypl. Ales Drabek joined Groupon as CTO on May 1, 2025, and is based in Munich, leading a team of around 350 people. He has deep expertise in digital and technology transformation, cloud technologies, eCommerce, B2B & B2C marketplaces, Big Data, and CRM. He was previously CIO at Lampenwelt GmbH, where he led a full technology modernization and AI initiatives across European marketplaces. Before that, as Chief Digital & Disruption Officer at Conrad Electronic SE, he launched one of Europe’s first B2B marketplaces and built an IoT platform for home automation. He also held leadership roles at Metro Cash & Carry International, driving digital transformation and customer-focused tech solutions.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true