An artificial intelligence research company that develops and operates large language models and AI systems, including ChatGPT and GPT-4, which are used by millions of consumers worldwide for text generation, conversation, and various productivity tasks. The company's policies govern how user data is collected and used to train AI models, what content is permitted on their platforms, and the safety measures implemented to prevent harmful AI outputs, making their terms particularly significant given the personal and sensitive information users often share with AI assistants.
High — provisions that significantly limit your legal rights, authorize broad data collection, or create material financial exposure. Medium — provisions worth knowing about but with partial protections or limited scope. Low — standard terms with minimal consumer impact.
This provision establishes that API-based deployments handling protected health information may be eligible for BAA coverage, which is a prerequisite for using a third-party vendor under HIPAA. The p…
This provision establishes the mechanism by which EU-based enterprise customers can lawfully transfer personal data to OpenAI for processing. Under GDPR, a valid transfer mechanism is required for an…
This provision places the compliance burden on the operator to identify when HIPAA applies to their use case and to execute a BAA before submitting any protected health information. Using the API wit…
GDPR Article 8 sets the digital consent age at 16 by default, though member states may lower it to a minimum of 13; users below the applicable threshold require verifiable parental or guardian consen…
The scope of this content license determines whether personal data or proprietary information submitted as inputs can be used for purposes beyond delivering the immediate service response, which enga…
This is OpenAI's enterprise privacy information page covering ChatGPT Enterprise, ChatGPT Teams (Business), and the API Platform. The document states that by default, inputs, outputs, and conversation data from enterprise …
This document presents OpenAI's public safety framework, detailing the company's internal processes for AI system development including red-teaming, preparedness assessments, and superalignment research. The document describes OpenAI's iterative deployment methodology …
This is OpenAI's Enterprise Privacy disclosure page, covering data handling practices for ChatGPT Enterprise, ChatGPT Teams (Business), and the API Platform. The document states that for these enterprise and API …
This document establishes OpenAI's data processing terms for business customers who submit personal data through the OpenAI API. The agreement specifies that OpenAI processes personal data only according to documented …
This document establishes the terms of use for OpenAI services accessed by users in the European Union, covering products including ChatGPT and the OpenAI API. The agreement authorizes OpenAI to …
OpenAI's Services Agreement sets the terms for using ChatGPT, the API, and other OpenAI products, covering account creation, acceptable use, content rights, payment, and dispute resolution. The agreement grants OpenAI …
OpenAI's Service Terms establish the conditions governing user access to ChatGPT, the API, and related products. The agreement authorizes OpenAI to use user inputs and outputs to operate and improve …
OpenAI Usage Policies establish prohibited and restricted use categories for ChatGPT, the API, and other OpenAI products. The document prohibits specified uses including generation of content sexualizing minors, assistance with …
This document establishes the terms governing user access to and use of OpenAI services, including ChatGPT, Sora, and related products. The agreement authorizes OpenAI to use content submitted by users …
This document establishes OpenAI's privacy practices for users of its products including ChatGPT, the API, and DALL-E. The policy authorizes collection of conversation content, uploaded files, device identifiers, IP addresses, …
This document is OpenAI's system card for GPT-4o, disclosing the model's capabilities across audio, image, and text processing and the identified risks prior to release. The document establishes that GPT-4o …
This document establishes OpenAI's Terms of Use for individual consumers of ChatGPT, DALL·E, and related services, effective January 1, 2026. The agreement requires that disputes between users and OpenAI be …
OpenAI's Privacy Policy (ROW) establishes the data collection, processing, and sharing practices applicable to users of ChatGPT, the OpenAI API, DALL-E, and Sora. The policy authorizes OpenAI to collect and …
OpenAI's Usage Policies establish prohibited use categories for ChatGPT, Sora, Codex, and other OpenAI services, including generation of child sexual abuse material, weapons of mass destruction, election disinformation, malware, cyberweapons, …
OpenAI updated its privacy policy on June 9, 2026, removing specific language about ad personalization controls for Free and Go users while adding language directing Korean users to a separate …
View change record →OpenAI removed specific language about collecting advertiser data for ad targeting on free and paid tiers, but simultaneously removed user-facing controls for managing ad personalization. The policy now consolidates ad-related …
View change record →OpenAI updated its privacy request procedures on May 14, 2026. Previously, the policy stated users could exercise privacy rights by submitting requests through privacy.openai.com or dsar@openai.com. The updated language now …
View change record →OpenAI updated its privacy policy on May 11, 2026 to explicitly authorize the collection and use of advertiser data from partners and to create a new ad personalization purpose for …
View change record →OpenAI removed language describing advertiser data partnerships and ad personalization controls for free users, while also removing the specific statement that free and go users could control ad personalization through …
View change record →No provisions found.
OpenAI expanded its data sharing terms to include third-party marketing partners. The updated policy authorizes the use of personal data fo…
ConductAtlas tracks 15 OpenAI documents including terms of service, privacy policy, and other governance documents. Every document is captured daily with cryptographic verification.
OpenAI has made 36 policy changes in the past 12 months across the documents ConductAtlas tracks.
ConductAtlas has classified 186 provisions across OpenAI's tracked documents. 52 are rated high severity, 111 medium, and 23 low.
Yes. Monitor subscribers ($19/month) can add OpenAI to their watchlist and receive same-day email alerts whenever any tracked document changes.