Depending on where you live, you may have the right to see your data, correct it, delete it, or take it elsewhere, and you can contact Coursera to exercise these rights.
This analysis describes what Coursera's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
EU users have legally enforceable rights under GDPR, and California users have rights under CCPA/CPRA, but the notice frames these as conditional on location and applicable law, which is accurate but requires users to proactively assert their rights.
The updated terms now explicitly disclose that Coursera processes communications through voice-enabled features that transcribe audio into text, and clarify that personal data may be shared with third parties including affiliates and business partners. The policy expands descriptions of AI-driven personalization and chatbot applications that use your learning and interaction data. The terms establish that data may be transferred to entities that become Coursera affiliates or subsidiaries during business transitions. You should review the updated guidance that cautions against including unnecessary or sensitive personal data in the platform's free-text and voice-enabled communication features.
View change record →The updated Privacy Notice removes explicit language stating that the policy does not apply to Coursera's Ollie mobile application and no longer directs users to a separate Ollie Privacy Notice for that app. Previously, users of Ollie had clear notice to consult a dedicated privacy policy; that direction is now absent from the main Privacy Notice. The updated notice also narrows the scope of covered entities by removing 'affiliates' from the definition of Coursera, stating the policy now applies to Coursera, Inc., its subsidiaries, and international branches only. Users of the Ollie App should independently verify what privacy terms currently govern that application, as the main Coursera Privacy Notice no longer explicitly addresses Ollie coverage.
View change record →EU and California users have meaningful data rights including deletion and portability, but must actively contact Coursera at privacy@coursera.org to exercise them; users in other jurisdictions may have more limited rights depending on their local law.
How other platforms handle this
Depending on where you are located, you may have certain rights regarding your personal information, including the right to access, correct, delete, or restrict processing of your personal information, the right to data portability, and the right to object to or withdraw consent for certain processi...
Depending on your location, you may have certain rights regarding your personal data, including the right to access, correct, delete, or port your data. EU and UK users may also have the right to object to or restrict certain processing. California residents may have the right to know, delete, corre...
For individuals in the United States, please also refer to our Notice For Individuals Residing In Certain US States below and the Consumer Health Data Policy.
Monitoring
Coursera has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Depending on your location and applicable law, you may have certain rights with respect to your personal data, including the right to access, correct, delete, and in some cases port your personal data. You also may have the right to object to or restrict certain processing of your personal data.— Excerpt from Coursera's Coursera Privacy Notice
REGULATORY LANDSCAPE: This provision engages GDPR Articles 15-22 (data subject rights including access, rectification, erasure, portability, restriction, and objection), CCPA/CPRA Sections 1798.100-1798.125 (consumer rights including access, deletion, correction, and opt-out of sale/sharing), and UK GDPR equivalent provisions. Enforcement authorities include EU supervisory authorities, the UK ICO, and the California Privacy Protection Agency. GOVERNANCE EXPOSURE: Medium. The notice commits to honoring applicable statutory rights but does not detail response timeframes (GDPR requires one month, extendable to three), identity verification procedures, or appeal mechanisms. The adequacy of Coursera's rights fulfillment process is an operational compliance question that is not fully addressed in the notice text. JURISDICTION FLAGS: EU/EEA users have the broadest enforceable rights under GDPR, including the right to lodge complaints with their national supervisory authority. California residents have rights under CPRA that extend to employee data. UK users have equivalent rights under UK GDPR. Users in jurisdictions without comprehensive privacy laws have more limited statutory protections. CONTRACT AND VENDOR IMPLICATIONS: Enterprise clients should assess whether their data processing agreements with Coursera include commitments to assist with data subject rights requests, as required by GDPR Article 28(3)(e). The notice's general framing of rights as location-dependent may require supplementation in B2B contracts. COMPLIANCE CONSIDERATIONS: Coursera's rights request handling process should be audited for compliance with GDPR response timelines and CPRA verification requirements. Organizations using Coursera for Business should ensure their DPAs include adequate rights assistance provisions.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
EU users have legally enforceable rights under GDPR, and California users have rights under CCPA/CPRA, but the notice frames these as conditional on location and applicable law, which is accurate but requires users to proactively assert their rights.
EU and California users have meaningful data rights including deletion and portability, but must actively contact Coursera at privacy@coursera.org to exercise them; users in other jurisdictions may have more limited rights depending on their local law.
ConductAtlas has identified this type of provision across 2 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Coursera.