EU commercial customers using Mistral AI's hosted products have formal rights to switch to a different provider or delete their data, governed by specific procedures and timelines established under these additional terms, effective September 12, 2025.
This analysis describes what Mistral AI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The agreement establishes a structured framework for EU customers to exercise data portability and deletion rights under the EU Data Act, including defined notice periods, transitional support obligations, and post-switch data retention and deletion procedures.
EU-based commercial customers gain enforceable switching and deletion rights under the EU Data Act, supported by defined procedures and timelines, though these rights apply only to agreements entered into on or after September 12, 2025, and do not apply if the agreement was terminated due to customer breach.
How other platforms handle this
We may share your personal information with our affiliates, meaning entities that control, are controlled by, or are under common control with Consensys. We also share information with service providers who assist in operating our services, subject to confidentiality obligations.
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
RedCard. We share information with our financial partners to operate the Target RedCard program.
Monitoring
Mistral AI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"These Additional Terms apply only to the Mistral AI Products available on the Mistral AI Infrastructure and provided to customers located in the European Union that are subject to the EU Data Act (as defined below). These Additional Terms shall take effect on 12 September 2025 (the "Effective Date"). For the avoidance of doubt, these Additional Terms apply only to Agreements or Order Forms entered into on or after the Effective Date. In the event of any conflict between these Additional Terms and the Agreement, these Additional Terms shall prevail, but only with respect to the obligations arising from the EU Data Act. These Additional Terms do not apply in case of termination of the Agreement for breach of the Customer.— Excerpt from Mistral AI's Mistral AI Additional Product Terms
REGULATORY LANDSCAPE: This provision is directly grounded in the EU Data Act (Regulation EU 2023/2854), specifically its cloud switching and portability obligations for cloud service providers. The European Commission and national competent authorities designated under the Data Act have oversight jurisdiction. The provision's explicit carve-out for customer-breach terminations may require evaluation under the Data Act's requirements for unconditional portability rights. GOVERNANCE EXPOSURE: Medium. The framework establishes clear procedural rights for EU customers, but the exclusion of switching rights upon customer-breach termination and the limitation to agreements entered on or after September 12, 2025 may leave some EU customers without Data Act protections for existing agreements. The definition of Customer Exportable Data and Assets is key to assessing the actual scope of portability rights, and is governed by referenced schedules not reproduced in this document excerpt. JURISDICTION FLAGS: This provision applies exclusively to EU customers subject to the EU Data Act. Non-EU customers have no rights under this section. Organizations with EU subsidiaries or EU-based operations should assess whether those entities' agreements qualify under the effective date requirement. CONTRACT AND VENDOR IMPLICATIONS: Procurement teams for EU entities should confirm that new agreements are entered into on or after September 12, 2025 to qualify for Data Act protections. The Schedules defining Customer Exportable Data and Non-Exportable Data should be reviewed carefully at contract execution. Exit planning for EU deployments should incorporate the two-month switching notice period and the transitional period timeline into vendor transition planning. COMPLIANCE CONSIDERATIONS: Legal teams should map Customer Exportable Data and Assets to the referenced Schedules and assess whether the defined scope meets their data governance and regulatory portability obligations. The retention period of thirty days post-switch or post-deletion notice should be incorporated into data lifecycle management policies. Organizations should document their switching or deletion requests and Mistral AI's responses as evidence of Data Act compliance.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The agreement establishes a structured framework for EU customers to exercise data portability and deletion rights under the EU Data Act, including defined notice periods, transitional support obligations, and post-switch data retention and deletion procedures.
EU-based commercial customers gain enforceable switching and deletion rights under the EU Data Act, supported by defined procedures and timelines, though these rights apply only to agreements entered into on or after September 12, 2025, and do not apply if the agreement was terminated due to customer breach.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Mistral AI.