// Trust & Security Report

    Skillshare, Inc. logo

    Skillshare, Inc.

    Consumer/B2C online learning marketplace (video classes in creative, design, marketing, and AI/productivity topics) sold as an individual subscription, plus a separate B2B offering, Skillshare for Teams (Starter / Revive / Enterprise tiers with LMS integrations, API, SSO, and usage reporting). Not a data-processing or infrastructure vendor; core product is content consumption/teaching, not a tool that ingests customer business data.

    Certifications held

    1

    Maturity

    Growth

    Trains on your data

    Unknown

    Trust center

    No

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    GDPR (posture, not a certification)
    HELD

    Skillshare's Privacy Policy (redirect target legal.skillshare.com/hc/en-us/articles/27197362156685-Privacy-Policy) states it 'has included a more detailed description of data processing activities and the rights of members in the European Union' and that 'European Union and United Kingdom privacy law provides individuals with enhanced rights with respect to their Personal Data,' with an EU representative contact of skillshare@gdpr-rep.com and a Data Protection contact at Skillshare, Inc., 35 E 21st Street, 5th Floor, New York, NY 10012.

    Verify on skillshare.com
    > Show 6 unconfirmed / not-held certifications
    SOC 2 (Type 1/2)
    NOT CONFIRMED

    No public evidence. Skillshare publishes no trust center or security page on skillshare.com; no SOC 2 report, badge, or statement was found on any skillshare.com or legal.skillshare.com page. A third-party SaaS-risk aggregator (Nudge Security) labels Skillshare 'SOC 2 Compliant' on its own site, but that is not a vendor-domain source and was excluded per sourcing policy.

    source: skillshare.com
    ISO 27001
    NOT CONFIRMED

    No public evidence on any skillshare.com or legal.skillshare.com page. Same third-party aggregator caveat as SOC 2 above applies; not counted as vendor-domain proof.

    source: skillshare.com
    ISO/IEC 42001 (AI governance)
    NOT CONFIRMED

    No public evidence of AI management system certification on vendor domain.

    source: skillshare.com
    CSA STAR
    NOT CONFIRMED

    No public evidence found on vendor domain.

    source: skillshare.com
    HIPAA
    NOT CONFIRMED

    No public evidence and not applicable: Skillshare is a general consumer creative-education marketplace, not a healthcare product, and no BAA offering is advertised.

    source: skillshare.com
    PCI DSS
    NOT CONFIRMED

    No public PCI DSS attestation found on vendor domain; payment processing is presumably handled by a third-party processor (not disclosed on any public page reviewed).

    source: skillshare.com

    // Privacy & AI training

    Trains on customer data

    Not stated

    Data processing agreement

    Not offered

    Data region

    Not specified on any page reviewed. Company is US-based (Skillshare, Inc., New York, NY); privacy policy references EU/UK rights and an EU representative but does not state where data is hosted or processed.

    Two distinct AI-related items, and no confirmed answer for the general case. (1) Skillshare 'uses automated processes and algorithms, such as artificial intelligence, to make recommendations to Skillshare subscribers about content' -- ordinary recommendation-engine use of platform activity data, not third-party model training. (2) Separately, Skillshare has explored third-party AI content-licensing partnerships for teacher-created course content; a Help Center notice ('Skillshare Explores AI Partnerships to Expand Teacher Revenue Opportunities', Feb 2025) states teachers can opt out of these licensing deals via a form, and the opt-out applies to future deals. No public statement addresses whether learner/member personal data (as opposed to teacher course content) is used to train Skillshare's own or third-party AI models, or whether an opt-out exists for that. Direct fetch of the underlying Help Center and Terms of Service pages (legal.skillshare.com, help.skillshare.com) was blocked by bot protection (HTTP 403) during this review; the quotes above come from search-engine snippets of those vendor-domain pages, not a direct page render, so treat as medium-confidence text pending manual confirmation.

    // Security controls

    Encryption in transit

    not verified / no public evidence

    skillshare.com

    Encryption at rest

    not verified / no public evidence

    skillshare.com

    Data retention/deletion

    Privacy Policy states Skillshare 'takes reasonable measures to destroy or de-identify personal information in a secure manner when it is no longer required,' but gives no specific retention schedule.

    skillshare.com

    SSO (enterprise)

    Skillshare for Teams marketing/help pages reference single sign-on as part of the enterprise offering, but no detail on protocol (SAML/OIDC) was found on a directly-fetchable vendor page.

    help.skillshare.com

    Vulnerability disclosure / security.txt

    No public security.txt or bug bounty/vulnerability disclosure program found on skillshare.com.

    skillshare.com

    // Products & data scope

    Skillshare (consumer membership)Online creative-education video marketplace

    data: Account/profile data, payment data (via processor), learning activity/engagement data, community posts/uploads. No sensitive regulated data (health, financial-institution, government) by product design.

    Primary product; 425k+ members, 30k+ classes per the vendor's own homepage. Annual auto-renewing subscription with a free trial.

    Skillshare for TeamsB2B corporate learning / LMS add-on

    data: Employee accounts, usage/engagement reporting, SSO identity data, possible LMS integration data at the Enterprise tier.

    Starter, Revive, and Enterprise tiers; Enterprise adds LMS integrations, API access, and private learning experiences. No enterprise-specific security/compliance documentation was publicly reachable; would need to be requested from Skillshare sales/support for a genuine B2B procurement review.

    // What to watch

    • No trust center or dedicated security page found anywhere on skillshare.com; all cert grading is held=false/no-public-evidence for SOC 2, ISO 27001, ISO 42001, CSA STAR, HIPAA, and PCI DSS.
    • Over-claim risk: a third-party SaaS-risk aggregator (Nudge Security) labels Skillshare 'SOC 2 Compliant, GDPR Compliant, and ISO 27001 Compliant' with no vendor-domain citation backing it up. This claim was deliberately NOT used as proof and should not be repeated in the listing without independent vendor confirmation.
    • Identity-conflation risk: skillshare.org ('Skillshare International') is a separate, unrelated UK-based nonprofit organization, not the same entity as skillshare.com (Skillshare, Inc., a Delaware for-profit corporation). Do not merge their privacy/compliance postures.
    • Enterprise 'Skillshare for Teams' security/compliance posture (SSO detail, data handling for corporate learner data) could not be confirmed from directly-fetchable public pages; the Help Center and Legal Center (legal.skillshare.com, help.skillshare.com) returned HTTP 403 to automated fetch during this review, so quotes there rely on search-engine snippets rather than a direct render.
    • AI content-licensing note only covers teacher/course-content opt-out; no public statement found on whether general member/learner personal data feeds AI model training, and no opt-out mechanism is documented for that scenario.

    // At a glance

    Pricing model

    Consumer: annual auto-renewing subscription with free trial. Teams: tiered per-seat B2B pricing (Starter/Revive/Enterprise), contact-sales for Enterprise.

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Skillshare, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-07-09. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    skillshare.com

    > Browse all vendor trust reports