AI data privacy and processing claims: what should buyers ask?
Last reviewed June 2, 2026
AI data privacy claims often combine ownership, confidentiality, retention, model-training use, regional processing, and DPA support in one sentence. This page separates those claims into the processing evidence and buyer questions a procurement or diligence reviewer should request.
Evidence buyers verify
- A data-flow map for prompts, files, outputs, logs, feedback, embeddings, connectors, analytics, support access, and model-provider calls.
- Retention terms by product surface and endpoint, including exceptions for security, abuse monitoring, legal obligations, and audit logs.
- Training-use boundaries for customer data, including opt-in, fine-tuning, evaluation data, and feedback workflows.
Opens the checker for this claim type. Paste your vendor's exact wording there. Evidence questions only — not a blacklist or fraud detector. Not sure what a result looks like? See a sample receipt.
Sources this guide draws from
- OpenAI business data page OpenAI company-page· Accessed June 1, 2026
Public company source for business-data confidentiality, no-training-by-default, encryption, retention controls, and zero-retention wording.
- OpenAI enterprise privacy page OpenAI company-page· Updated January 8, 2026; accessed June 1, 2026
Public company source for DPA, review, retention, API handling, zero data retention, and fine-tuning data statements.
- OpenAI sub-processor list OpenAI company-page· April 2025 update; accessed June 2, 2026
Public company source for subprocessor processing purpose, processing location, moderation exception, support processing, and ZDR-related carve-outs.
- Intercom Fin AI Agent FAQs Intercom company-page· Accessed June 1, 2026
Public company source for EU-hosted workspace and regional processing wording for Fin AI Agent.
- UK ICO guidance on AI and data protection UK ICO guidance· Updated March 15, 2023; under review as of June 1, 2026
Regulator guidance source for AI transparency, lawfulness, fairness, security, data minimisation, and individual rights questions.
- EDPB automated decision-making and profiling guidelines EDPB guidance· Endorsed 2018; accessed June 1, 2026
Regulator guidance source for Article 22 automated-decision safeguards and human review path questions.
- GDPR Articles 22 and 35 European Parliament and Council standard· May 4, 2016
Primary EU regulation source for automated decision-making rights and DPIA requirements for high-risk processing.
Public claims with documented evidence gaps
"Your organization's data always remains confidential, secure, and entirely owned by you"
Compliance / Safety- Source and date
- OpenAI business data page · Accessed June 1, 2026
- Evidence signal
- Broad ownership and confidentiality wording without product-surface, retention, access, support, and subprocessor boundaries in the claim.
- Evidence gap
- A buyer needs data categories covered, exclusions, subprocessors, support access, retention settings, deletion process, and contract terms.
- Buyer question
- For the confidential and owned-by-you claim, which data categories, product surfaces, subprocessors, and support-access paths are covered or excluded?
"opting for our zero data retention policy in the API platform"
Compliance / Safety- Source and date
- OpenAI business data page · Accessed June 1, 2026
- Evidence signal
- Zero-retention wording that applies only to qualifying organizations, eligible endpoints, and specific API configurations.
- Evidence gap
- A buyer needs eligibility requirements, endpoint list, dashboard configuration evidence, abuse-monitoring exceptions, logging exclusions, and contract terms.
- Buyer question
- For the zero data retention claim, which endpoints and projects are eligible, and what logs or metadata remain outside request and response retention?
"Except where Zero Data Retention (ZDR) is used"
Compliance / Safety- Source and date
- OpenAI sub-processor list · April 2025 update; accessed June 2, 2026
- Evidence signal
- ZDR exception wording in a subprocessor list that needs endpoint, product, and processing-purpose boundaries.
- Evidence gap
- A buyer needs which products and endpoints use ZDR, which subprocessor activities still occur, what metadata remains, and which support or moderation events are outside the request/response retention promise.
- Buyer question
- For the ZDR exception wording, which subprocessor records, logs, support events, or moderation samples remain outside request and response retention?
"We may run any business data submitted to OpenAI's services through automated content classifiers and safety tools"
Compliance / Safety- Source and date
- OpenAI enterprise privacy page · Updated January 8, 2026; accessed June 1, 2026
- Evidence signal
- Processing disclosure that affects privacy review even when data is not used for model training.
- Evidence gap
- A buyer needs classifier purpose, metadata produced, human-review boundary, retention period, contractor access, and whether the same process applies to API, ChatGPT Business, and Enterprise.
- Buyer question
- For safety-classifier processing, what metadata is created, who can review it, and how long is it retained for the product we would use?
"EU hosted workspaces can use Fin AI Agent, with data processed securely within Europe"
Compliance / Safety- Source and date
- Intercom Fin AI Agent FAQs · Accessed June 1, 2026
- Evidence signal
- Regional processing wording that needs data-category, subprocessor, logging, and exception boundaries.
- Evidence gap
- A buyer needs which data stays in-region, which logs or subprocessors leave the region, connector behavior, support access, and contractual data-transfer terms.
- Buyer question
- For the Europe-processing claim, which AI prompts, answers, source documents, logs, analytics, and support events stay in Europe or leave the region?
Match each claim pattern to the evidence buyers need
| Claim pattern | Evidence needed | Buyer question |
|---|---|---|
| We never train on your data or do not train by default | Product scope, opt-in and feedback settings, API and fine-tuning terms, data categories, subprocessor access, and DPA language. | What data is excluded from training, what opt-in changes that boundary, and how is the exclusion documented in the DPA? |
| Zero data retention, no storage, or deleted after processing | Eligibility, endpoint and feature scope, retention window, logs and metadata retained, abuse-monitoring exceptions, and deletion process. | Which request bodies, response bodies, logs, metadata, and audit records are retained despite the zero-retention wording? |
| Confidential, secure, private, or customer-owned AI data | Covered data categories, access roles, encryption, support review, subprocessors, export paths, and customer responsibility limits. | Who can access the data during support, safety review, debugging, abuse monitoring, or subprocessor operation? |
| GDPR-ready, DPA-backed, or privacy-preserving AI | Controller/processor role, lawful basis, DPA terms, DPIA status, Article 22 scope, and human review path where automated decisions affect individuals. | Does the AI make or support automated decisions with legal or similarly significant effects, and what human review path is documented? |
| EU, regional, or data-residency processing | Region-specific data map, subprocessors, logs, model-provider path, support access, connector transfers, and contract transfer terms. | Which AI data types remain in the named region, and which processing steps happen elsewhere? |
| No training, zero retention, and regional processing bundled in one claim | Separate boundaries for model training, request retention, logs, metadata, subprocessors, support access, region, eligible endpoints, and plan-specific controls. | Which parts of the privacy claim apply to our product surface, and which require a specific plan, endpoint, contract term, or opt-in setting? |
| Zero data retention, no storage, or deleted after processing with logs or subprocessors still present | Request body retention, response body retention, metadata, audit logs, abuse-monitoring records, support cases, subprocessor processing, and eligibility proof. | What does zero retention actually cover, and what logs, metadata, moderation records, support cases, or subprocessor records remain? |
Evidence to request
- A data-flow map for prompts, files, outputs, logs, feedback, embeddings, connectors, analytics, support access, and model-provider calls.
- Retention terms by product surface and endpoint, including exceptions for security, abuse monitoring, legal obligations, and audit logs.
- Training-use boundaries for customer data, including opt-in, fine-tuning, evaluation data, and feedback workflows.
- DPA, subprocessor, role, lawful-basis, DPIA, and Article 22 documentation where personal data or automated decisions are involved.
- Regional processing evidence that names what remains in-region and what can be transferred or accessed elsewhere.
- Separate boundaries for no-training, zero-retention, regional processing, subprocessors, support access, logs, metadata, and model-provider paths.
Questions to put in front of the vendor
- For this AI privacy claim, what data categories are processed: prompts, uploaded files, outputs, logs, feedback, embeddings, source documents, or connector data?
- Is the claim backed by a DPA or only by marketing copy, and which product surfaces does the DPA cover?
- What data is used for model training, evaluation, safety review, abuse monitoring, or human support review?
- What retention window applies to each data type, and what exceptions can extend retention?
- Which subprocessors or model providers process the data, and where does that processing happen?
- What logs, metadata, moderation records, support events, audit records, or subprocessor records remain outside zero-retention wording?
- If the AI supports decisions about individuals, what Article 22 or human-review documentation is available?
Wording boundaries to compare against
- Business inputs and outputs are not used for shared model training by default for named products, unless the customer opts in.
- API request and response bodies are retained for up to [period] unless zero data retention is enabled for eligible endpoints.
- Customer data is processed in [region] for named services; logs, support access, or subprocessors may follow documented exceptions.
- A DPA is available for named products; buyers should review controller/processor roles, subprocessors, retention, and automated-decision scope.
Frequently asked questions
- What should an AI data privacy claim disclose?
- It should name the data categories processed, retention window, training-use boundary, support-review path, subprocessors, model providers, region, and contract terms for the product surface the buyer will use.
- Does no-training mean zero data retention?
- No. No-training wording addresses whether customer data is used to train a model. Zero-retention wording addresses storage of request and response data. A buyer should ask about both, plus logs, metadata, abuse-monitoring exceptions, and support access.
- What does zero data retention actually cover?
- Ask whether zero retention covers request bodies, response bodies, files, embeddings, logs, metadata, audit records, moderation records, support cases, and subprocessor records. A short zero-retention claim should be tied to eligible endpoints, product plans, settings, and exceptions.
- What should buyers ask about regional AI data processing?
- Ask which prompts, files, outputs, embeddings, logs, analytics, support events, connector data, and model-provider calls remain in the named region. Also ask which subprocessors or support paths can move data outside that region.
Have your vendor's exact claim wording ready?
Check an AI data privacy claim How the evidence method works