The policy states that user personal data may be transferred to a third-party acquirer or successor entity in the context of a merger, acquisition, asset sale, bankruptcy, or service transition without a separate user consent event, subject to applicable law and contract terms.
This analysis describes what Skillshare's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision authorizes disclosure of user personal data to acquiring parties in a broad range of corporate transactions, including due diligence stages prior to a completed deal, which means data may be accessible to third parties before a transaction is finalized. Under GDPR, such transfers may require a lawful basis and, in asset sale scenarios, adequate safeguards and notice to data subjects.
Under this clause, user personal data including identifiers, contact information, and usage history may be disclosed to a third-party acquirer or successor in a corporate transaction, including during due diligence, as permitted by law and contract. The terms do not specify a user opt-out mechanism for this category of disclosure.
How other platforms handle this
We may disclose certain information, in connection with or during negotiations or closing of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
By issuing a chargeback or refund request for Premium subscriptions paid for through a third party, you agree to allow Telegram to release necessary data to that third party regarding your account status and Telegram Premium purchases.
We may share your information in connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition, or dissolution, transaction, or proceeding involving all or a portion of our business.
Monitoring
Skillshare has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We may disclose your information to a third party in connection with a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, in which case your information may be sold or transferred as part of such a transaction as permitted by law and/or contract.— Excerpt from Skillshare's Skillshare Privacy Policy
1. REGULATORY LANDSCAPE: This provision engages GDPR and UK GDPR regarding lawful bases for data disclosure and transfer to new controllers in M&A contexts; EU supervisory authorities have issued guidance indicating that data subjects should receive notice of controller changes. CCPA and CPRA require disclosure of data sale or transfer categories and may require updated privacy notices when data is transferred to a new business. 2. GOVERNANCE EXPOSURE: Medium. The inclusion of 'due diligence' as a permissible disclosure context means personal data may be accessed by potential acquirers who do not complete a transaction, which creates residual data exposure risk that may be difficult to contractually unwind. 3. JURISDICTION FLAGS: EU and UK users have GDPR and UK GDPR rights to notice when a data controller changes; the policy does not specify the procedure Skillshare will use to notify affected users in the event of a completed acquisition. The Superpeer acquisition itself is an example of this provision in operation. 4. CONTRACT AND VENDOR IMPLICATIONS: Agreements with potential acquirers during due diligence should include confidentiality and data handling obligations. Post-transaction, the acquiring entity's privacy policy and data practices will govern, which may differ materially from Skillshare's current terms. 5. COMPLIANCE CONSIDERATIONS: Legal teams should confirm that due diligence data room access is governed by data processing agreements that restrict use of personal data to transaction evaluation purposes only. For completed transactions, review whether GDPR Article 13 and 14 notice obligations are triggered for data subjects whose data is transferred to a new controller.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 10 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision authorizes disclosure of user personal data to acquiring parties in a broad range of corporate transactions, including due diligence stages prior to a completed deal, which means data may be accessible to third parties before a transaction is finalized. Under GDPR, such transfers may require a lawful basis and, in asset sale scenarios, adequate safeguards and notice to …
Under this clause, user personal data including identifiers, contact information, and usage history may be disclosed to a third-party acquirer or successor in a corporate transaction, including during due diligence, as permitted by law and contract. The terms do not specify a user opt-out mechanism for this category of disclosure.
ConductAtlas has identified this type of provision across 6 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Skillshare.