This analysis describes what Cohere's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Users or enterprises deploying Cohere models in private or third-party-managed environments retain data isolation from Cohere itself, meaning Cohere cannot collect, review, or use that data.
The updated policy removes explicit language describing data retention timelines and deletion request procedures that were previously available. The prior policy stated that Enterprise Users' inputs and outputs were retained for 30 days, that Trial Users and Researchers were not intended to process personal information, and that deletion requests would normally be responded to within one month (up to three months for complex requests). The updated policy now contains only a general reference to 'retention practices' without specifying these timelines, response windows, or user-type distinctions. Users cannot determine from the updated policy what retention periods apply to their account category or what timeline to expect for deletion requests.
View change record →If Cohere's models or products are deployed in a Private Deployment or on a third-party managed AI service, your data processed there is inaccessible to Cohere.
How other platforms handle this
authorize ZipRecruiter to connect your account to the account of a "Connected Site" (e.g., Google, LinkedIn, Monster, Facebook or Twitter), we may be able to access information you have provided to the Connected Site...
telemetry information collected includes: (i) microservice settings, (ii) usage data and (iii) hardware environment.
Some of our ad partners may also enable us to collect similar data directly from their website or app by integrating our or our affiliates' advertising technology.
Monitoring
Cohere has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Cohere does not have access to data processed in connection with the use of Cohere models or products in Private Deployments or Deployments on Third-Party Managed AI services (e.g. on AWS, Azure, or GCP).— Excerpt from Cohere's Cohere Privacy Policy
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Users or enterprises deploying Cohere models in private or third-party-managed environments retain data isolation from Cohere itself, meaning Cohere cannot collect, review, or use that data.
If Cohere's models or products are deployed in a Private Deployment or on a third-party managed AI service, your data processed there is inaccessible to Cohere.
ConductAtlas has identified this type of provision across 300 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Cohere.