CA-C-003789
OpenAI — OpenAI Enterprise Privacy
Entity
Date detected
July 18, 2026
Severity
Direction
Negative
Affected users
enterprise customers workspace admins business accounts
Taxonomy
Retention change
Changes
2 sentences modified
Share 𝕏 Share in Share 🔒 PDF
Get same-day alerts when OpenAI changes We email you the diff and what it means, the day it happens.
Get same-day alerts →

Get the weekly digest

Every policy change across 844 tracked documents, once a week. No account needed.

Event Summary

OpenAI modified two sentences in its Enterprise Privacy policy as detected on July 18, 2026. The first change was purely formatting, moving the title 'Enterprise privacy at OpenAI' to appear before the 'Updated' date. The second change altered the language describing workspace admin control over data retention, replacing 'Your workspace admins control how long your workspace data is retained' with 'Your workspace admins can control how long your data is retained.' The shift from 'control' to 'can control' introduces conditional language that may permit admins to retain data without explicit time limits, whereas the previous phrasing stated admins directly exercise retention control.

MEDIUM

Consumer Impact

The updated terms state that workspace admins 'can control' data retention rather than directly controlling it. This conditional phrasing may suggest that retention control is optional or contingent rather than a guaranteed capability. Enterprise customers relying on admin-driven data retention policies should clarify with OpenAI whether this change affects their ability to set specific retention timelines for workspace data.

Governance Analysis

The updated terms introduce conditional language around a stated commitment regarding workspace admin authority over data retention. This shift from direct control to optional control may affect how enterprise customers rely on admin-driven retention settings to fulfill their own data governance obligations. Organizations with data processing agreements or compliance requirements tied to specific retention controls should verify whether this change affects their operational capability.

Available Actions

Contact OpenAI for clarification on whether workspace admin data retention controls remain fully available under the revised language

If No Action Is Taken

Enterprise customers may operate under unclear expectations about admin-controlled data retention capabilities, potentially creating gaps in data governance implementation

Organizations relying on this feature to fulfill downstream retention obligations may discover the capability is optional or unavailable only when attempting to apply it

Historical Context

This is the 2nd significant Retention Change change OpenAI has made since ConductAtlas began monitoring.

ConductAtlas has recorded 2 material changes to this document over 51 days of monitoring (since May 2026). An additional minor or cosmetic changes were excluded.

Across all monitored documents, OpenAI has made 16 significant changes.

10 of OpenAI's significant changes have been classified as negative for consumers.

Key Clauses Affected

workspace admin data retention control

Language changed from 'control how long your workspace data is retained' to 'can control how long your data is retained', introducing conditionality around admin authority over retention periods.

Full clause-by-clause analysis available with Analyst.
These clauses may change again. Get alerted when they do. Get same-day alerts →

This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology

Evidence Verification

✓ Verified
Previous Version
4fad13eadbe372ddef81bc720241b2744f389001e7f8d370d543b17b6b2d3167
July 1, 2026 00:07 UTC
✓ Verified
Current Version
cd24c5ab22cf5f2583aa1685ae7f4e1564c358c8dd78316499180e8dc3597862
July 18, 2026 00:04 UTC
✓ Verified
Change Detected
July 18, 2026 00:04 UTC
Analysis Methodology
✓ Verified
Source Document
https://openai.com/enterprise-privacy/
Citation Record
Entity: OpenAI
Document: OpenAI Enterprise Privacy
Record ID: CA-C-003789
Captured: 2026-07-18 00:04:50 UTC
URL: https://conductatlas.com/change/2026-07-18-openai-openai-enterprise-privacy-3789/
Accessed: July 18, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
For legal and compliance teams

Institutional Analysis

Assessment

The policy language shift from 'control' to 'can control' regarding workspace admin authority over data retention creates ambiguity about whether data retention management remains a fully available feature or is now conditional. This change does not appear to engage specific regulatory frameworks, but organizations using OpenAI's enterprise services that depend on contractual commitments regarding data retention controls may wish to clarify the operational scope of this revised language with OpenAI directly, particularly if their data processing agreements or internal retention policies reference this capability.

Full compliance analysis

Regulatory exposure, obligation analysis, escalation trigger, board language, and recommended action.

Analyst $49/mo

ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-003789.

Full Changes

View complete diff →

Document Context

Version history → Policy drift analysis → Document page →
Document
OpenAI Enterprise Privacy
Entity
OpenAI
Captured
July 18, 2026
Source URL
https://openai.com/enterprise-privacy/
Other changes to OpenAI Enterprise Privacy
Previous change Jul 1, 2026
OpenAI updated its Enterprise Privacy policy on July 1, 2026 with four minor formatting adjustments to hyperlink syntax and spacing …
Low Neutral
View full version history →
More from OpenAI
Jul 18, 2026 Low
OpenAI GPT-5.5 System Card

OpenAI updated the GPT-5.5 System Card on April 24, 2026, to include safeguards information. In an update detected on July …

Jul 18, 2026 Low
OpenAI GPT-5 System Card

OpenAI's GPT-5 System Card was updated on July 18, 2026, with a modification to the document's linked content references. The …

Jul 18, 2026 Low
OpenAI Frontier Governance Framework

OpenAI removed the audio article feature reference from its Frontier Governance Framework post on July 18, 2026. The updated version …

Related Analysis
Regulatory Analysis · July 8, 2026
The AI Foundation Model Transparency Act, Explained

H.R. 8094 would make the FTC the referee for AI model disclosure. It also names system cards as a way to comply, which turns a voluntary in…

Regulatory Analysis · June 28, 2026
The Great American AI Act, Explained: What the First Federal AI Law Would Require

The bill does not regulate most AI startups directly. But it changes the companies they depend on. Here is what the first federal AI law wo…

Platform Analysis · June 12, 2026
OpenAI Changed Its Privacy Policy 4 Times in One Week. Here Is What Actually Changed.

Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.

Track OpenAI policy changes

Get alerted when this policy changes again — including what changed and why it matters.