LangChain updated its Terms of Service on May 22, 2026 to clarify deployment options and data protection commitments. The company introduced a new 'Bring Your Own Cloud Deployment' (BYOC) option, redefined 'Hybrid Deployment' to specify that LangChain operates the control plane while customers operate the data plane, and explicitly extended its commitment not to use customer data for training to include 'large language models.' The disclaimer clause was also expanded to state the platform is not warranted to be 'accurate' or 'complete.' These changes affect how customers understand their deployment choices and what data protections apply.
The updated terms introduce a new deployment architecture option (BYOC) alongside existing Cloud and Hybrid options, giving customers more control over infrastructure placement. LangChain's explicit commitment to not use customer data for large language model training now has clear written language in the Terms, whereas the prior version only referenced 'products' generically. However, the expanded non-warranty clause now states the platform is not warranted to be 'accurate' or 'complete,' which broadens the disclaimers of liability. Customers should review which deployment option aligns with their infrastructure and compliance requirements.
The introduction of BYOC Deployment and redefinition of Hybrid Deployment clarify infrastructure control options, allowing enterprises to evaluate data residency and operational control tradeoffs more precisely. The explicit extension of data-use restrictions to exclude LLM training directly addresses a key concern in AI governance and may affect how organizations assess vendor compliance with their own AI governance frameworks. The expanded non-warranty clause removes guarantees of accuracy and completeness, which affects what assurances customers can rely on operationally.
→ Review the BYOC Deployment option to determine if it aligns with your infrastructure and data residency requirements.
→ Confirm whether your current deployment (Cloud or Hybrid) matches the updated Hybrid Deployment definition, which clarifies that customer now operates the data plane.
→ The updated Terms apply as written upon continued use of the LangSmith Platform, including the expanded non-warranty clause limiting guarantees of accuracy and completeness.
→ If your organization was relying on the prior Hybrid Deployment option where LangChain could manage the data plane through cloud provider APIs, that option is no longer available under the updated terms.
New deployment option allows customers to run LangSmith within their own infrastructure with LangChain operating through APIs without direct access to customer data.
Redefined to clarify control plane is operated by LangChain and data plane by customer, removing the prior option for LangChain to manage the data plane.
Extended to explicitly exclude use of customer data for training large language models, not just general product improvement.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
LangChain clarified its deployment architecture terminology and added a BYOC option, which may affect how organizations document vendor infrastructure controls in their security and data processing frameworks. The explicit extension of data-use restrictions to exclude LLM training aligns customer expectations with current AI governance concerns and may reduce ambiguity in Data Processing Agreements or vendor assessments. The expanded non-warranty clause adds 'accuracy' and 'completeness' to the list of things not guaranteed, which could affect how downstream customers rely on LangSmith for critical decision-making. No immediate compliance action is required unless the organization's vendor management or DPA framework requires updates to reflect the new BYOC option or the expanded warranty disclaimers.
AI governance and transparency frameworks (EU AI Act, FTC guidance on AI practices), data protection frameworks (GDPR data processor obligations, CCPA vendor assessment), and contract law regarding fitness for purpose and warranty disclaimers.
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Monitor: regulatory citations + obligations. Compliance: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-002279.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — MonitorGet alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.