This analysis describes what OpenAI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The 30-day deletion window sets a defined limit on how long API data persists, but the legal-retention carve-out means deletion is not unconditional.
The updated terms establish that workspace admins, rather than individual end users, control how long workspace conversation data is retained and authorize admins to view, access, export, and delete end user conversations. Previously, the policy stated that each user controlled whether their conversations were retained and that only end users could view their own conversations. The revised terms also permit OpenAI to retain deleted or unsaved conversations beyond the standard 30-day deletion window if retention is required by law or reasonably necessary to protect OpenAI's services or third parties from harm. Workspace users should review their organization's data governance policies to understand what access and retention practices their admins have implemented.
View change record →API inputs and outputs will be deleted after 30 days, but may be retained longer if OpenAI is legally required to keep them.
How other platforms handle this
Developer must promptly and securely delete all Upwork User Data collected from Upwork users upon request of the Upwork user, when the Upwork user deactivates or uninstalls the Developer Application, when the Upwork user closes their account with Developer...
Affirm will retain your information in accordance with our Privacy Policy and any applicable state or federal law, rule or regulation.
Mistral AI shall retain the Customer Exportable Data and Assets for a period of thirty (30) days from the earlier between (a) the expiration of the Transitional Period or (b) Customer's notification under Section 2.2.2 (b) of these Additional Terms.
Monitoring
OpenAI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"After 30 days, API inputs and outputs are removed from our systems, unless we are legally required to retain them.— Excerpt from OpenAI's OpenAI API Data Usage Policies
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The 30-day deletion window sets a defined limit on how long API data persists, but the legal-retention carve-out means deletion is not unconditional.
API inputs and outputs will be deleted after 30 days, but may be retained longer if OpenAI is legally required to keep them.
ConductAtlas has identified this type of provision across 275 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by OpenAI.