If you live in the EU or California, you have legal rights to see what data Inflection AI holds about you, correct it, or ask for it to be deleted, with California residents also having the right to opt out of certain data sharing.
This analysis describes what Inflection AI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
These rights give you meaningful control over your personal data, but they are only available to users in specific jurisdictions and typically require you to actively submit a request to exercise them.
Interpretive note: The exact scope of rights extended to users outside of California and EU jurisdictions is not fully determinable from the available document text; applicability to users in other US state privacy law jurisdictions depends on policy language not fully visible in the HTML extract.
EU and California users can request access to, correction of, or deletion of their personal data, and California residents can opt out of the sharing of their personal information, but these rights require proactive action by the user and are not automatic.
Cross-platform context
See how other platforms handle User Rights for EU and California Residents and similar clauses.
Compare across platforms →Monitoring
Inflection AI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Depending on where you live, you may have certain rights regarding your personal information, including the right to access, correct, delete, or restrict processing of your data. California residents may have additional rights under the CCPA/CPRA, including the right to opt out of the sale or sharing of personal information. EU/EEA residents have rights under the GDPR.— Excerpt from Inflection AI's Inflection AI Privacy Policy
REGULATORY LANDSCAPE: This provision directly engages GDPR Articles 15-22 (data subject rights including access, rectification, erasure, restriction, portability, and objection) and CCPA/CPRA Sections 1798.100 through 1798.199 (consumer rights including access, deletion, correction, and opt-out from sale or sharing). The relevant enforcement authorities are EU data protection authorities for GDPR rights and the California Privacy Protection Agency and California AG for CCPA/CPRA rights. GOVERNANCE EXPOSURE: Medium. The policy's acknowledgment of jurisdiction-specific rights is a necessary compliance disclosure, but the practical adequacy of the rights fulfillment infrastructure (response timelines, identity verification processes, appeal mechanisms) cannot be assessed from the policy text alone. GDPR requires responses to data subject requests within 30 days (extendable to 60 in complex cases). JURISDICTION FLAGS: EU/EEA users have the broadest set of rights and the most robust enforcement backstop via national DPAs. California residents under CPRA have expanded rights compared to the original CCPA, including the right to correct inaccurate data and limit use of sensitive personal information. Users in other US states with comprehensive privacy laws (Virginia, Colorado, Connecticut, Texas, and others) may have analogous rights depending on the policy's scope. CONTRACT AND VENDOR IMPLICATIONS: Enterprise customers should confirm that Inflection AI's data subject request handling processes extend to data processed in connection with B2B deployments, and that the company's contractual commitments include assistance with data subject request fulfillment as required by GDPR Article 28. COMPLIANCE CONSIDERATIONS: Legal teams should verify that the internal rights fulfillment process meets GDPR timing requirements, that identity verification procedures do not create unnecessary barriers to rights exercise, and that the opt-out mechanism for California residents functions properly and propagates to all relevant data flows including third-party sharing.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
These rights give you meaningful control over your personal data, but they are only available to users in specific jurisdictions and typically require you to actively submit a request to exercise them.
EU and California users can request access to, correction of, or deletion of their personal data, and California residents can opt out of the sharing of their personal information, but these rights require proactive action by the user and are not automatic.
ConductAtlas has identified this type of provision across 2 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Inflection AI.