Depending on where you live, you have rights to see, fix, or delete the personal data AI21 holds about you. EU, UK, and California residents have the most extensive rights, including the ability to stop AI21 from sharing your data for advertising. You can exercise all of these rights by emailing privacy@ai21.com.
This analysis describes what AI21 Labs's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
These rights give you meaningful control over your personal data held by AI21, including the ability to request deletion or restrict use of your data for advertising purposes, but exercising them requires you to proactively contact AI21.
EU, UK, and California residents have statutory rights to access, correct, delete, and restrict the use of their personal data, including the right to opt out of data sharing for behavioral advertising. These rights are exercised by contacting privacy@ai21.com, and the policy does not specify response timelines beyond what applicable law requires.
How other platforms handle this
In addition to the above rights, your local laws (including those in the EU, UK, Japan, California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Virginia, or Utah) may afford you f...
If you are a California resident, you may have certain rights under the California Consumer Privacy Act (CCPA). These rights may include: the right to know about personal information collected, disclosed, or sold; the right to delete personal information collected from you; the right to opt-out of t...
Depending on where you live, you may have certain rights with respect to your personal information. These rights may include: The right to know what personal information we have collected about you, including the categories of personal information, the categories of sources from which we collected i...
Monitoring
AI21 Labs has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Subject to applicable law, you may have the right to access, correct, update, or delete your personal information. EU/EEA and UK residents have the right to object to or restrict certain processing, and the right to data portability. California residents may have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know what personal information is collected, the right to delete, the right to correct, and the right to opt out of the sale or sharing of personal information. To exercise your rights, please contact us at privacy@ai21.com.— Excerpt from AI21 Labs's AI21 Labs Privacy Policy
REGULATORY LANDSCAPE: This provision engages GDPR Articles 15-21 (data subject rights including access, rectification, erasure, restriction, portability, and objection), the UK GDPR equivalent provisions, and CCPA and CPRA rights for California residents including the right to know, delete, correct, and opt out of sale or sharing. The California Privacy Protection Agency (CPPA) and state attorneys general enforce CCPA and CPRA. EU data protection authorities (DPAs) enforce GDPR rights in each member state. GOVERNANCE EXPOSURE: Medium. The policy consolidates all rights requests to a single email address (privacy@ai21.com) without specifying response timelines, identity verification procedures, or escalation processes. Under GDPR, AI21 is required to respond to data subject access requests within one month, with the possibility of a two-month extension. Failure to maintain and document a compliant rights request process creates regulatory exposure across multiple jurisdictions simultaneously. JURISDICTION FLAGS: EU and EEA users can escalate unresolved rights requests to their national DPA. UK users can escalate to the Information Commissioner's Office (ICO). California residents can escalate to the California Privacy Protection Agency. Users in other US states with comprehensive privacy laws (Virginia, Colorado, Connecticut, Texas, and others) may have analogous rights enforceable under state law. The policy's reference to 'subject to applicable law' creates a conditional framing that may limit rights assertions in jurisdictions without specific statutory requirements. CONTRACT AND VENDOR IMPLICATIONS: Enterprise customers acting as data controllers should ensure that their vendor agreements with AI21 include provisions requiring AI21 to assist in fulfilling data subject rights requests within the required statutory timeframes. The policy's single-channel approach (email only) should be evaluated for adequacy in supporting enterprise-scale rights request management. COMPLIANCE CONSIDERATIONS: Legal teams should verify that AI21's rights request handling process meets GDPR's one-month response requirement and includes documented identity verification procedures. A process for handling rights requests that originate through enterprise customers (rather than directly from data subjects) should be established. The policy should be reviewed for whether the 'Do Not Sell or Share' opt-out mechanism required by CPRA is operationally distinct from the general rights request process.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
These rights give you meaningful control over your personal data held by AI21, including the ability to request deletion or restrict use of your data for advertising purposes, but exercising them requires you to proactively contact AI21.
EU, UK, and California residents have statutory rights to access, correct, delete, and restrict the use of their personal data, including the right to opt out of data sharing for behavioral advertising. These rights are exercised by contacting privacy@ai21.com, and the policy does not specify response timelines beyond what applicable law requires.
ConductAtlas has identified this type of provision across 3 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by AI21 Labs.