Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'The FTC can act against companies that retain personal data beyond disclosed purposes or fail to adequately disclose retention practices to consumers.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Data Retention clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Data Retention clauses across approximately 39 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Data Retention — Cohere

Share 𝕏 Share in Share 🔒 PDF

What it is

Cohere keeps your personal data for as long as needed to provide its services or meet legal obligations, without specifying a fixed retention period.

Consumer impact (what this means for users)

Cohere does not commit to specific data retention timeframes in this policy, meaning your personal information including AI interaction data may be retained for an indefinite period determined by Cohere.

Cross-platform context

See how other platforms handle Data Retention and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

The absence of specific retention periods means your personal data could be held indefinitely at Cohere's discretion, subject only to vague necessity standards.

View original clause language

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements, or as otherwise set forth in our agreements with you.

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: GDPR Art. 5(1)(e) (storage limitation principle) requires personal data to be kept no longer than necessary for the purpose for which it was collected, and Art. 13/14 requires disclosure of retention periods or criteria. CCPA does not prescribe retention limits but requires disclosure of retention practices under CPRA amendments. PIPEDA Schedule 1 Principle 5 requires retention only as long as necessary. (2)

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

The FTC can act against companies that retain personal data beyond disclosed purposes or fail to adequately disclose retention practices to consumers.
File a complaint →

Provision details

Document information

Document

Cohere Privacy Policy

Entity

Cohere

Document last updated

April 29, 2026

Tracking information

First tracked

April 30, 2026

Last verified

April 30, 2026

Record ID

CA-P-004380

Document ID

CA-D-00440

Evidence Provenance

Source URL

https://cohere.com/privacy

Wayback Machine

View archived versions →

SHA-256

b2e9f1f2a03da87b73e4a7e20ef221985d0c11e83740f590a5491a11338b7f5f

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: Cohere | Document: Cohere Privacy Policy | Record: CA-P-004380
Captured: 2026-04-30 09:10:31 UTC | SHA-256: b2e9f1f2a03da87b…
URL: https://conductatlas.com/platform/cohere/cohere-privacy-policy/data-retention/
Accessed: May 2, 2026

Classification

Severity

Medium

Data Retention