// Trust & Security Report
Skillshare, Inc.
Consumer/B2C online learning marketplace (video classes in creative, design, marketing, and AI/productivity topics) sold as an individual subscription, plus a separate B2B offering, Skillshare for Teams (Starter / Revive / Enterprise tiers with LMS integrations, API, SSO, and usage reporting). Not a data-processing or infrastructure vendor; core product is content consumption/teaching, not a tool that ingests customer business data.
Certifications held
1
Maturity
Growth
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on skillshare.com“Skillshare's Privacy Policy (redirect target legal.skillshare.com/hc/en-us/articles/27197362156685-Privacy-Policy) states it 'has included a more detailed description of data processing activities and the rights of members in the European Union' and that 'European Union and United Kingdom privacy law provides individuals with enhanced rights with respect to their Personal Data,' with an EU representative contact of skillshare@gdpr-rep.com and a Data Protection contact at Skillshare, Inc., 35 E 21st Street, 5th Floor, New York, NY 10012.”
> Show 6 unconfirmed / not-held certifications
source: skillshare.comNo public evidence. Skillshare publishes no trust center or security page on skillshare.com; no SOC 2 report, badge, or statement was found on any skillshare.com or legal.skillshare.com page. A third-party SaaS-risk aggregator (Nudge Security) labels Skillshare 'SOC 2 Compliant' on its own site, but that is not a vendor-domain source and was excluded per sourcing policy.
source: skillshare.comNo public evidence on any skillshare.com or legal.skillshare.com page. Same third-party aggregator caveat as SOC 2 above applies; not counted as vendor-domain proof.
source: skillshare.comNo public evidence of AI management system certification on vendor domain.
source: skillshare.comNo public evidence and not applicable: Skillshare is a general consumer creative-education marketplace, not a healthcare product, and no BAA offering is advertised.
source: skillshare.comNo public PCI DSS attestation found on vendor domain; payment processing is presumably handled by a third-party processor (not disclosed on any public page reviewed).
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Not offered
Data region
Not specified on any page reviewed. Company is US-based (Skillshare, Inc., New York, NY); privacy policy references EU/UK rights and an EU representative but does not state where data is hosted or processed.
Two distinct AI-related items, and no confirmed answer for the general case. (1) Skillshare 'uses automated processes and algorithms, such as artificial intelligence, to make recommendations to Skillshare subscribers about content' -- ordinary recommendation-engine use of platform activity data, not third-party model training. (2) Separately, Skillshare has explored third-party AI content-licensing partnerships for teacher-created course content; a Help Center notice ('Skillshare Explores AI Partnerships to Expand Teacher Revenue Opportunities', Feb 2025) states teachers can opt out of these licensing deals via a form, and the opt-out applies to future deals. No public statement addresses whether learner/member personal data (as opposed to teacher course content) is used to train Skillshare's own or third-party AI models, or whether an opt-out exists for that. Direct fetch of the underlying Help Center and Terms of Service pages (legal.skillshare.com, help.skillshare.com) was blocked by bot protection (HTTP 403) during this review; the quotes above come from search-engine snippets of those vendor-domain pages, not a direct page render, so treat as medium-confidence text pending manual confirmation.
// Security controls
Data retention/deletion
Privacy Policy states Skillshare 'takes reasonable measures to destroy or de-identify personal information in a secure manner when it is no longer required,' but gives no specific retention schedule.
skillshare.comSSO (enterprise)
Skillshare for Teams marketing/help pages reference single sign-on as part of the enterprise offering, but no detail on protocol (SAML/OIDC) was found on a directly-fetchable vendor page.
help.skillshare.comVulnerability disclosure / security.txt
No public security.txt or bug bounty/vulnerability disclosure program found on skillshare.com.
skillshare.com// Products & data scope
data: Account/profile data, payment data (via processor), learning activity/engagement data, community posts/uploads. No sensitive regulated data (health, financial-institution, government) by product design.
Primary product; 425k+ members, 30k+ classes per the vendor's own homepage. Annual auto-renewing subscription with a free trial.
data: Employee accounts, usage/engagement reporting, SSO identity data, possible LMS integration data at the Enterprise tier.
Starter, Revive, and Enterprise tiers; Enterprise adds LMS integrations, API access, and private learning experiences. No enterprise-specific security/compliance documentation was publicly reachable; would need to be requested from Skillshare sales/support for a genuine B2B procurement review.
// What to watch
- No trust center or dedicated security page found anywhere on skillshare.com; all cert grading is held=false/no-public-evidence for SOC 2, ISO 27001, ISO 42001, CSA STAR, HIPAA, and PCI DSS.
- Over-claim risk: a third-party SaaS-risk aggregator (Nudge Security) labels Skillshare 'SOC 2 Compliant, GDPR Compliant, and ISO 27001 Compliant' with no vendor-domain citation backing it up. This claim was deliberately NOT used as proof and should not be repeated in the listing without independent vendor confirmation.
- Identity-conflation risk: skillshare.org ('Skillshare International') is a separate, unrelated UK-based nonprofit organization, not the same entity as skillshare.com (Skillshare, Inc., a Delaware for-profit corporation). Do not merge their privacy/compliance postures.
- Enterprise 'Skillshare for Teams' security/compliance posture (SSO detail, data handling for corporate learner data) could not be confirmed from directly-fetchable public pages; the Help Center and Legal Center (legal.skillshare.com, help.skillshare.com) returned HTTP 403 to automated fetch during this review, so quotes there rely on search-engine snippets rather than a direct render.
- AI content-licensing note only covers teacher/course-content opt-out; no public statement found on whether general member/learner personal data feeds AI model training, and no opt-out mechanism is documented for that scenario.
// At a glance
Pricing model
Consumer: annual auto-renewing subscription with free trial. Teams: tiered per-seat B2B pricing (Starter/Revive/Enterprise), contact-sales for Enterprise.
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Skillshare, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-09. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
skillshare.com