Udemy's platform is not intended for users under 16, and Udemy states it will delete any data collected from children under that age if discovered.
This analysis describes what Udemy's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The age threshold of 16 (rather than 13, which COPPA requires) creates a more protective standard for minors in the U.S. and aligns with GDPR Article 8 requirements in the EU, but parents or guardians should be aware there is no verified age-gating mechanism described in the policy.
Interpretive note: The policy does not describe technical age-gating mechanisms, making the practical enforceability of this restriction uncertain and dependent on user self-reporting rather than verified compliance.
Removal of explicit children's privacy protections and age restriction (16+) disclosure reduces transparency about child data handling and removes direct contact information for privacy concerns.
View full change record →Users under 16 are not supposed to use Udemy, and data collected from such users should be deleted upon discovery; however, the policy does not describe technical age-verification measures, so the practical enforcement of this restriction depends on user self-reporting.
How other platforms handle this
The Service is intended for general audiences and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child under the age of 13 has provided us with personal information without your cons...
Our Services are not directed to children under 13. If you learn that anyone younger than 13 has unlawfully provided us with personal data, please contact us at privacy@medium.com.
To access and use the Services, you must be at least the age of majority in the state, province, or territory where you live or at least 18 years of age. If you are under the age of 13, you may not use the Services and you should not be visiting the Sites or using the Services.
Monitoring
Udemy has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Our Services are not directed to children under the age of 16. If we learn that we have collected personal information from a child under 16, we will take steps to delete the information as soon as possible. If you believe we have mistakenly collected information from a child under 16, please contact us at privacy@udemy.com.— Excerpt from Udemy's Udemy Privacy Policy
1. REGULATORY LANDSCAPE: In the U.S., COPPA (Children's Online Privacy Protection Act) applies to online services directed to children under 13; Udemy's stated age threshold of 16 exceeds COPPA's minimum and reflects GDPR Article 8's default age of consent for data processing in many EU member states (16, with member state flexibility down to 13). The FTC enforces COPPA; EU national DPAs enforce GDPR Article 8. The UK Age Appropriate Design Code (Children's Code) also applies to platforms accessible by under-18 users in the UK and imposes design and data minimization obligations beyond notice requirements. 2. GOVERNANCE EXPOSURE: Medium. The absence of described technical age-verification or age-gating mechanisms means the policy's age restriction is largely self-declaratory. Regulatory guidance, particularly from the UK ICO and the FTC's COPPA enforcement program, increasingly emphasizes that platforms must take affirmative technical steps, not merely post age-restriction notices. If Udemy's platform is accessible to and used by minors, the absence of robust gating could constitute a governance gap. 3. JURISDICTION FLAGS: The UK Children's Code creates the highest current regulatory exposure for platforms accessible to UK users under 18. California's Age-Appropriate Design Code Act (AB 2273), though its status has been subject to legal proceedings, creates additional state-level obligations. EU member states that have set the GDPR Article 8 age of consent at 13 or 14 would expect compliance at those lower thresholds for their residents. 4. CONTRACT AND VENDOR IMPLICATIONS: Schools or educational institutions procuring Udemy for student use should assess whether Udemy's age restriction and data practices comply with FERPA, COPPA, and any applicable state student privacy laws (e.g., SOPIPA in California). The policy's age restriction may not be sufficient standing alone for institutional educational deployments involving minors. 5. COMPLIANCE CONSIDERATIONS: Compliance teams at educational organizations should review whether deploying Udemy for any users under 16 (or 18 under the UK Code) requires additional safeguards, parental consent mechanisms, or vendor contractual commitments. Udemy's data deletion process for under-16 users should be assessed for operational effectiveness.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The age threshold of 16 (rather than 13, which COPPA requires) creates a more protective standard for minors in the U.S. and aligns with GDPR Article 8 requirements in the EU, but parents or guardians should be aware there is no verified age-gating mechanism described in the policy.
Users under 16 are not supposed to use Udemy, and data collected from such users should be deleted upon discovery; however, the policy does not describe technical age-verification measures, so the practical enforcement of this restriction depends on user self-reporting.
ConductAtlas has identified this type of provision across 11 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Udemy.