What can I do about this clause?

{'method': 'EMAIL', 'recipient': 'privacy@ai21.com', 'difficulty': 'EASY', 'action_type': 'DELETE_DATA', 'instructions': 'Send an email to privacy@ai21.com stating that you wish to delete your personal data. Include your full name, account email address, and specify whether you want full deletion or access to a copy of your data. AI21 must respond within 30 days (GDPR) or 45 days (CCPA).', 'deadline_days': 30, 'deadline_hours': None} {'method': 'EMAIL', 'recipient': 'privacy@ai21.com', 'difficulty': 'EASY', 'action_type': 'EXPORT_DATA', 'instructions': 'Email privacy@ai21.com requesting a copy of all personal data AI21 holds about you under your right to data portability. Specify your account email and the format you prefer (e.g., machine-readable CSV or JSON). AI21 is required to provide this within the applicable statutory period.', 'deadline_days': 30, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'The FTC enforces against companies that fail to honor stated data rights commitments under Section 5 of the FTC Act as an unfair or deceptive practice.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Data Subject Rights (Access, Deletion, Portability) clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Data Subject Rights (Access, Deletion, Portability) clauses across approximately 8 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Data Subject Rights (Access, Deletion, Portability) — AI21 Labs

Share 𝕏 Share in Share 🔒 PDF

What it is

Depending on where you live, you have the right to see what data AI21 has about you, correct it, delete it, or get a copy to take elsewhere. You can exercise these rights by emailing privacy@ai21.com.

Consumer impact (what this means for users)

EU and California residents can legally demand that AI21 delete their personal data or provide a copy of it, and AI21 must respond within 30 days (GDPR) or 45 days (CCPA). Exercising these rights is straightforward via email.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Delete Your Data
Within 30 days
Send an email to privacy@ai21.com stating that you wish to delete your personal data. Include your full name, account email address, and specify whether you want full deletion or access to a copy of your data. AI21 must respond within 30 days (GDPR) or 45 days (CCPA).
Export Your Data
Within 30 days
Email privacy@ai21.com requesting a copy of all personal data AI21 holds about you under your right to data portability. Specify your account email and the format you prefer (e.g., machine-readable CSV or JSON). AI21 is required to provide this within the applicable statutory period.

Cross-platform context

See how other platforms handle Data Subject Rights (Access, Deletion, Portability) and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

These rights are legally enforceable under GDPR and CCPA, meaning AI21 is obligated — not just invited — to respond to your requests within statutory deadlines.

View original clause language

Depending on your location, you may have the following rights regarding your personal information: the right to access and receive a copy of the personal information we hold about you; the right to request that we correct inaccurate personal information; the right to request that we delete your personal information; the right to data portability; and the right to withdraw consent where processing is based on consent. To exercise these rights, please contact us at privacy@ai21.com.

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: Data subject rights are mandated under GDPR Arts. 15 (access), 16 (rectification), 17 (erasure), 18 (restriction), 20 (portability), and 21 (objection), enforced by EU supervisory authorities with fines up to €20M or 4% global turnover. CCPA/CPRA §§1798.100–1798.125 grant equivalent rights to California residents, enforced by the CPPA with fines up to $7,500 per intentional violation. Israeli Privacy Protection Law Art. 13 grants similar access rights. (2)

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

The FTC enforces against companies that fail to honor stated data rights commitments under Section 5 of the FTC Act as an unfair or deceptive practice.
File a complaint →

Provision details

Document information

Document

AI21 Labs Privacy Policy

Entity

AI21 Labs

Document last updated

April 29, 2026

Tracking information

First tracked

April 30, 2026

Last verified

April 30, 2026

Record ID

CA-P-004113

Document ID

CA-D-00460

Evidence Provenance

Source URL

https://www.ai21.com/privacy-policy

Wayback Machine

View archived versions →

SHA-256

4abc7ff0d7779bee955894a99670d17aadf5332ce2786437f3a3b85a2497adc3

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: AI21 Labs | Document: AI21 Labs Privacy Policy | Record: CA-P-004113
Captured: 2026-04-30 06:15:21 UTC | SHA-256: 4abc7ff0d7779bee…
URL: https://conductatlas.com/platform/ai21-labs/ai21-labs-privacy-policy/data-subject-rights-access-deletion-portability/
Accessed: May 2, 2026

Classification

Severity

Medium

Data Subject Rights (Access, Deletion, Portability)