Udemy updated the last-updated date in its Privacy Policy from April 21, 2026 to May 29, 2026. This is a metadata change to the document timestamp and does not reflect substantive modifications to the privacy terms, rights, or data practices described in the policy itself.
The updated timestamp does not indicate a substantive change to Udemy's privacy practices, data collection, retention, or user rights. The policy continues to apply as previously stated. No action is required on the user's part.
This change does not materially alter Udemy's privacy obligations or user rights. The timestamp reflects routine document maintenance and does not signal substantive changes to data collection, processing, retention, or user consent mechanisms.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
This change is a metadata update to the document's last-updated date. No substantive modifications to privacy obligations, data processing terms, or regulatory disclosures are evident from the detected change. No compliance action is indicated.
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Monitor: regulatory citations + obligations. Compliance: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-002520.
New provision addressing what categories of personal data are collected, indicating expanded transparency requirements around data collection practices.
New provision establishing explicit GDPR compliance and EU/EEA user rights, representing heightened regulatory focus on European data protection.
New dedicated provision on tracking technologies, suggesting clearer disclosure of cookie usage and tracking consent mechanisms.
Removal of explicit M&A data transfer disclosure may indicate integration into broader data handling provisions or reduced transparency around transaction-related data transfers.
Removal of specific DPF certification language may indicate outdated framework reliance or integration into the new GDPR provision, potentially obscuring international data transfer compliance mechanisms.
Removal of explicit children's privacy protections and age restriction (16+) disclosure reduces transparency about child data handling and removes direct contact information for privacy concerns.
Removal of explicit instructor data access disclosure reduces user clarity about what learning data is visible to instructors within the platform.
Severity escalated from medium to high, and excerpt content removed from current version (text not provided).
Provision name updated from 'California CCPA/CPRA Rights' to 'California Resident Privacy Rights (CCPA/CPRA)' and excerpt content removed.
Excerpt content removed in current version while maintaining the same provision name and severity.
Provision renamed from 'Udemy Business Employer Data Sharing' to 'Udemy for Business Data Handling' and severity reduced from high to medium with excerpt removed.
Cross-platform context
See how other platforms handle similar provisions across the ConductAtlas archive.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — MonitorUdemy added a comprehensive preamble to its Privacy Policy on April 22, 2026, introducing the policy's scope and purpose. The …
Udemy's Privacy Policy was substantially removed on April 20, 2026, with nearly all explanatory content deleted and replaced with an …
Udemy removed the welcome message and introductory text from its Legal Terms & Resource Center page on April 20, 2026. …
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them t…
ConductAtlas tracked the restructuring, new disclosures, and entity changes that followed the largest privacy fine in EU history.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do…
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.