The terms state that fine-tuning datasets and custom models created by customers using Bedrock's fine-tuning capabilities remain customer content and are not used by AWS to train models made available to other customers. AWS treats these assets as customer content subject to the standard AWS Customer Agreement content provisions.
This analysis describes what AWS Bedrock's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes data isolation protections for customers who invest in fine-tuning foundation models with proprietary datasets through Bedrock; it is operationally significant for organizations that use proprietary training data that may constitute trade secrets or competitively sensitive information.
Interpretive note: The scope of the isolation commitment as applied to all fine-tuning methods, model artifacts, and AWS infrastructure components requires review of the complete untruncated document and associated Bedrock technical documentation.
The updated terms establish that customers operating Amazon RDS databases on end-of-life software versions are now required to upgrade to supported versions. The agreement authorizes AWS to scan extension code used with Trusted Language Extensions for security and performance purposes, and establishes that extension code constitutes customer content. AWS disclaims responsibility for service failures caused by extensions or end-of-life database software. If a customer does not upgrade before an engine reaches end of life, AWS may snapshot the customer's data and delete the instance or cluster running the unsupported software, after providing prior notice of the engine end-of-life date.
View change record →The updated terms establish new operational requirements for any organization using Amazon Connect Talent to make or inform employment decisions. Customers must now obtain legally adequate privacy notices and consents from job applicants before their data is processed by the service. The terms require customers to review all AI output before making hiring decisions, implement processes for applicants to request information about the AI's role in decisions, and ensure their use of the tool complies with applicable labor, anti-discrimination, disability, data privacy, AI, wiretap, recordkeeping, and biometrics laws. Customers can configure an AI services opt-out policy through AWS Organizations to prevent their data from being used to train or improve AWS AI technologies.
View change record →The updated terms establish that Reserved Cache Nodes and Amazon DynamoDB Reserved Capacity purchases are noncancellable obligations, and you will owe the full amount charged for the duration of the term you selected, even if the AWS agreement is terminated. For Kiro Free Tier users, the revised policy authorizes AWS to store your inputs for up to 60 days for purposes of detecting agreement violations and improving detection capabilities. You can review your existing reserved capacity commitments and their terms at any time, but the updated language does not provide an opt-out mechanism for this noncancellation obligation.
View change record →Under this clause, customers retain ownership of fine-tuning datasets and custom models created through Bedrock, and these assets are not accessible to or used in training models for other AWS customers. This is a data isolation commitment relevant to customers building proprietary AI capabilities on the Bedrock platform.
How other platforms handle this
(g) You will not use or attempt to use the Services or content accessible through the Services without DoorDash's prior written consent in connection with the development of any software program, including, but not limited to, training a machine learning or artificial intelligence (AI) system or pro...
We may modify these Terms from time to time. When we make material changes to these Terms, we will notify you by updating the date at the top of these Terms and, in some cases, we may provide you with additional notice (such as adding a statement to our homepage or sending you a notification). Your ...
"Content" means anything you or your Customers create or make available through the Service in connection with your Account, including your intellectual property (e.g. trademarks, trade names, service marks, and copyrighted works); the products or services you offer (e.g., courses, coaching, members...
Monitoring
AWS Bedrock has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Your fine-tuning data and custom models created using Amazon Bedrock remain your content. AWS will not use your fine-tuning data or custom models to train models that are made available to other AWS customers.— Excerpt from AWS Bedrock's AWS Service Terms
(1) REGULATORY LANDSCAPE: This provision is relevant to GDPR and CCPA where fine-tuning datasets contain personal data; the stated isolation of customer fine-tuning data supports a narrower data processing purpose claim. Trade secret protection frameworks are relevant for customers using proprietary datasets that constitute commercially sensitive information. (2) GOVERNANCE EXPOSURE: Low to Medium. The isolation commitment addresses a significant concern for enterprise customers but should be confirmed to apply across all Bedrock fine-tuning methods and all AWS infrastructure on which fine-tuning jobs are executed. (3) JURISDICTION FLAGS: EU customers should confirm this commitment is reflected in the AWS Data Processing Addendum for GDPR compliance where fine-tuning data contains EU personal data. (4) CONTRACT AND VENDOR IMPLICATIONS: Data governance frameworks should document this provision as the contractual basis for treating Bedrock fine-tuning as an isolated data processing activity. Legal teams should confirm whether this commitment extends to model weights and evaluation artifacts created during fine-tuning. (5) COMPLIANCE CONSIDERATIONS: Where fine-tuning data includes personal data, a legitimate processing purpose must be established under GDPR beyond the contractual commitment in this provision. Data protection impact assessments should document the fine-tuning data isolation commitment as a technical and organizational measure.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Buried in Robinhood's customer agreement is broad authority to close your positions, suspend your account, and force arbitration. Here is what it actually says.
Stripe's terms authorize fund reserves, payout withholding, and account termination. Here is what the agreement states and what business owners should review.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes data isolation protections for customers who invest in fine-tuning foundation models with proprietary datasets through Bedrock; it is operationally significant for organizations that use proprietary training data that may constitute trade secrets or competitively sensitive information.
Under this clause, customers retain ownership of fine-tuning datasets and custom models created through Bedrock, and these assets are not accessible to or used in training models for other AWS customers. This is a data isolation commitment relevant to customers building proprietary AI capabilities on the Bedrock platform.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by AWS Bedrock.