The policy states that personal data is retained for the duration of account activity or as long as needed to provide services, and may be retained further to satisfy legal obligations, resolve disputes, or enforce agreements.
This analysis describes what Skillshare's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The retention clause does not specify fixed retention periods for any category of personal data, which may engage GDPR's storage limitation principle requiring that data not be kept longer than necessary for the specified purpose; the absence of defined retention schedules may be a point of inquiry for EU and UK supervisory authorities.
Interpretive note: The policy does not specify retention periods by data category, which creates uncertainty about the practical scope of the storage limitation principle as applied to specific categories of personal data Skillshare collects.
Under this provision, Skillshare retains personal data for the life of an active account and beyond if needed for legal compliance, dispute resolution, or agreement enforcement, without specifying fixed maximum retention periods by data category. Users who wish to close their account or request data deletion can contact privacy@skillshare.com.
How other platforms handle this
We retain personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. The specific retention periods depend on the type of information and the purposes for which it is processed.
We keep information for as long as we need it to provide our products, comply with legal obligations, or for other legitimate purposes, such as to maintain safety, security, and integrity.
After your account is deleted, we keep data about interactions you've had on our service to prevent abuse, ban evaders and others in an effort to protect and ensure the safety and security of our service and our members.
Monitoring
Skillshare has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We will retain your Personal Information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services, please contact us at privacy@skillshare.com. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.— Excerpt from Skillshare's Skillshare Privacy Policy
1. REGULATORY LANDSCAPE: This provision engages GDPR's storage limitation principle (Article 5(1)(e)), which requires that personal data be kept no longer than necessary for the purposes for which it was processed. The absence of defined retention periods by data category is a commonly identified compliance gap in GDPR audits; EU supervisory authorities and the UK ICO have issued guidance requiring documented retention schedules. 2. GOVERNANCE EXPOSURE: Medium. The open-ended retention language tied to 'legal obligations, resolve disputes, and enforce our agreements' is a standard industry carve-out but is subject to challenge if applied to extend retention of all data categories indefinitely without documented justification. 3. JURISDICTION FLAGS: EU and UK users have GDPR and UK GDPR rights to request erasure, which may be constrained by the legal obligation and dispute resolution carve-outs in this provision. California residents have CCPA deletion rights subject to similar carve-outs. The practical scope of these rights in the context of this retention clause depends on enforcement interpretation. 4. CONTRACT AND VENDOR IMPLICATIONS: Data processing agreements with sub-processors should address retention and deletion obligations. Where Skillshare retains data for dispute resolution or legal compliance, sub-processors holding that data should be subject to equivalent retention controls. 5. COMPLIANCE CONSIDERATIONS: Legal teams should prepare a documented retention schedule by data category that supports the policy's 'as long as necessary' standard with specific justifications. This schedule should be reviewed against GDPR Article 5(1)(e) and CCPA requirements and should inform data mapping and deletion workflow design.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The retention clause does not specify fixed retention periods for any category of personal data, which may engage GDPR's storage limitation principle requiring that data not be kept longer than necessary for the specified purpose; the absence of defined retention schedules may be a point of inquiry for EU and UK supervisory authorities.
Under this provision, Skillshare retains personal data for the life of an active account and beyond if needed for legal compliance, dispute resolution, or agreement enforcement, without specifying fixed maximum retention periods by data category. Users who wish to close their account or request data deletion can contact privacy@skillshare.com.
ConductAtlas has identified this type of provision across 136 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Skillshare.