What are the institutional and regulatory implications of this document?

REGULATORY EXPOSURE: This policy engages GDPR Arts. 6, 9, 13, 17, 20, and 28 (EU/EEA users, enforced by relevant EU Data Protection Authorities); UK GDPR and Data Protection Act 2018 (UK ICO); CCPA §1798.100 and CPRA amendments (California residents, enforced by California Privacy Protection Agency and State AG); FERPA 20 U.S.C. § 1232g (student records in institutional/campus contexts, enforced by U.S. Department of Education); and FTC Act Section 5 (unfair or deceptive practices, enforced by …

How does Coursera's Coursera Privacy Notice affect users?

Coursera collects extensive personal data including your identity, payment information, learning progress, quiz and assignment results, and behavioral data, and shares it with institutional partners such as universities and employers whose courses you take — those partners may independently govern how they use that data. California residents have additional rights under CCPA/CPRA including the right to opt out of the sale or sharing of personal information for cross-context behavioral advertisi…

How often is Coursera's Coursera Privacy Notice updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Coursera updates this document?

Yes. Watcher subscribers ($9.99/month) can add Coursera to their watchlist and receive same-day email alerts whenever this document or any other Coursera document changes.

Coursera Privacy Notice — Coursera

8 Total

2 High severity

6 Medium severity

0 Low severity

Summary

This is Coursera's privacy policy explaining how the online learning platform collects and uses your personal data, including your name, email, payment details, course progress, quiz scores, and browsing behavior. The most important thing to know is that Coursera shares your learning activity and personal data with universities and companies whose courses you take, and those third parties may have their own privacy policies that apply to your data. You can exercise rights to access, correct, delete, or download your personal data by visiting your account settings or contacting privacy@coursera.org.

Technical Summary

This document is Coursera's Privacy Notice governing the collection, use, and disclosure of personal data from users of Coursera's online learning platform, with legal bases including consent, legitimate interests, and contractual necessity under applicable frameworks including GDPR and CCPA. The most significant obligations include Coursera's collection of a broad range of data — including identity, payment, usage, learning activity, and inferred profile data — combined with its obligation to provide users data subject rights such as access, correction, deletion, and portability. Notable provisions include sharing personal data with university and enterprise partners (Content Providers and Campuses) who may independently process learner data, and the use of personal data to build learner profiles for personalization and marketing; the scope of third-party sharing with institutional partners may exceed reasonable consumer expectation in an educational context. The policy engages GDPR (EU/EEA users), UK GDPR, CCPA/CPRA (California residents), and FERPA (student records in institutional contexts), with Coursera acting as both data controller and, in enterprise/campus contexts, potentially as a data processor on behalf of institutional clients. Material compliance considerations include ensuring adequate GDPR Art. 6 legal bases for all processing activities, maintaining valid SCCs or equivalent transfer mechanisms for international data transfers, and assessing whether institutional data sharing arrangements require additional FERPA-compliant data use agreements.

Evidence Provenance

Captured April 19, 2026 06:12 UTC

Document ID CA-D-000158

Version ID CA-V-000712

Source URL https://www.coursera.org/about/privacy

Wayback Machine View archived versions →

SHA-256 78568696f73d2ee395e10abd93f0fdfe20e26f39f6538b763db084aa70ad39d2

✓ Snapshot stored ✓ Text extracted ✓ Change verified ✓ Cryptographically signed

Institutional Analysis

🔒 Institutional analysis locked

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Upgrade to Professional — $149/mo

Change Timeline

April 19, 2026 — Document updated medium

Coursera added a 'Do Not Sell/Share' link to the footer of their Privacy Notice on April 19, 2026. Previously, the footer only had a 'Cookies Preference Center' option; now it also includes a direct link for users to opt out of the sale or sharing of their personal data. This matters because it gives users — particularly California residents — a more visible and accessible way to exercise their privacy rights.

· 1 modified
View diff → View full record →
78568696…
April 18, 2026 — Initial capture

Initial snapshot — monitoring begins

74f42cd0…

View full version history (0 captures) →

Analyzed Changes

1 change analyzed since monitoring began.

Updated April 19, 2026

medium

What changed Coursera updated their Coursera Privacy Notice on April 19, 2026. Change detected: 1 sentence(s) modified. Document contained 235 sentences after update.

Consumer impact Coursera has added a 'Do Not Sell/Share' link in its site footer, making it easier for users to opt out of the sale or sharing of their personal data. This is particularly significant for California residents, who have a legal right under the CCPA/CPRA to prevent their data from being sold or shared with third parties. You can exercise this right by clicking the 'Do Not Sell/Share' link in the footer of Coursera's website.

Why it matters The addition of a 'Do Not Sell/Share' link gives all Coursera users — especially California residents — a direct, accessible way to opt out of data sale or sharing. This strengthens user privacy rights and reflects Coursera's compliance with CCPA/CPRA opt-out requirements.

Recent Clause-Level Changes Apr 19, 2026

8 provisions unchanged.

View full change record →

High Severity — 2 provisions

Sharing Data with Content Provider Partners

If you take a course from a university or company on Coursera, that organization receives your name, email, grades, and course activity data — and they may use it under their own privacy rules.

Added April 18, 2026
Enterprise and Campus Employer Data Disclosure

If your employer or school pays for your Coursera access, they can see your course completions, how long you spend learning, and your assessment results.

Added April 18, 2026

Medium Severity — 6 provisions

Cookie and Behavioral Tracking

Coursera uses cookies and tracking tools to follow your browsing behavior on their site and to show you targeted advertisements.

Added April 18, 2026
International Data Transfers

If you live outside the US, your personal data is transferred to and stored in the United States, where privacy laws may provide less protection than in your home country.

Added April 18, 2026
User Rights — Access, Deletion, and Portability

Depending on where you live, you may have the right to see, correct, delete, or download your personal data held by Coursera.

Added April 18, 2026
Data Retention

Coursera keeps your personal data for as long as it decides is necessary for its business or legal purposes, using a factors-based assessment rather than a fixed retention schedule.

Added April 18, 2026
Minors and Age Restriction

Coursera is not designed for children under 13 and will delete data if it discovers it has collected information from a child under 13 without parental consent.

Added April 18, 2026
California Resident Rights (CCPA/CPRA)

California residents have additional legal rights under CCPA/CPRA to know what data Coursera holds about them, request its deletion, and opt out of its sharing — including a specific right to know about disclosures for marketing purposes.

Added April 18, 2026