When you choose to use ChatGPT or other third-party AI through Apple Intelligence, your data is sent to that third party's servers under their own privacy policies, not Apple's PCC protections.
This analysis describes what Apple Intelligence's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Requests forwarded to third-party AI providers such as ChatGPT are not subject to PCC's privacy architecture, meaning the stateless computation, no privileged access, and non-targetability guarantees described elsewhere in this guide do not apply to those interactions.
The document states that third-party AI model requests, such as those sent to ChatGPT, are governed by the third party's own terms and privacy policies, not by PCC's architecture, meaning users who utilize third-party AI extensions within Apple Intelligence should review those providers' separate privacy disclosures.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
We may share your information with third-party vendors and service providers that perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. We may also share your information with third-party advertising p...
We may also share your personal information with third parties that assist us in providing our services, or where we are under an obligation to report to. But rest assured: we will only ever share your personal information in the limited circumstances described in this Policy.
Monitoring
Apple Intelligence has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Apple Intelligence includes the ability to access third-party AI models, including ChatGPT, with user permission. When a user chooses to use a third-party model, their request is sent to that model's infrastructure and is subject to the third party's terms and privacy policies. Apple does not control the privacy practices of third-party AI providers and makes no warranty regarding the privacy properties of their services.— Excerpt from Apple Intelligence's Apple Private Cloud Compute Security Guide
1. REGULATORY LANDSCAPE: Third-party model integration engages GDPR Article 26 (joint controllers) and Article 28 (processor agreements) considerations, as the forwarding of user request data to third-party AI providers may constitute a data transfer to a separate controller or processor. CCPA service provider and third-party sharing provisions are relevant for California users. The EU AI Act's requirements for transparency about AI system components may require disclosure of third-party model involvement to users. OpenAI's applicable terms and data processing agreements should be assessed separately. 2. GOVERNANCE EXPOSURE: High. The forwarding of Apple Intelligence requests to third-party AI providers creates a data sharing relationship governed by separate terms, which may not provide equivalent privacy protections to PCC. Enterprise deployments that include third-party AI extensions must assess each provider's privacy practices independently. Users who enable third-party model access may be sharing sensitive request data with providers subject to materially different data retention and access policies. 3. JURISDICTION FLAGS: EU/EEA data transfers to US-based AI providers, including OpenAI, require valid transfer mechanisms under GDPR Chapter V (Standard Contractual Clauses or other mechanisms). California CCPA assessments should address whether third-party AI requests constitute a sale or sharing of personal data. Healthcare and financial services operators face heightened risk if regulated data categories are included in requests forwarded to third-party models. 4. CONTRACT AND VENDOR IMPLICATIONS: Enterprise procurement teams should assess each third-party AI provider integrated with Apple Intelligence as a separate vendor, requiring review of their data processing agreements, subprocessor lists, retention policies, and international transfer mechanisms. The document's statement that Apple makes no warranty regarding third-party privacy properties places the due diligence burden on deploying organizations. 5. COMPLIANCE CONSIDERATIONS: Data protection impact assessments for Apple Intelligence deployments should include a specific assessment of third-party AI extension usage. Organizations should implement user communication or training to ensure employees understand that third-party AI requests within Apple Intelligence are not subject to PCC's privacy protections. Consent mechanisms may need to be reviewed to ensure users are adequately informed before their data is forwarded to third-party providers.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Requests forwarded to third-party AI providers such as ChatGPT are not subject to PCC's privacy architecture, meaning the stateless computation, no privileged access, and non-targetability guarantees described elsewhere in this guide do not apply to those interactions.
The document states that third-party AI model requests, such as those sent to ChatGPT, are governed by the third party's own terms and privacy policies, not by PCC's architecture, meaning users who utilize third-party AI extensions within Apple Intelligence should review those providers' separate privacy disclosures.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Apple Intelligence.