The document states that data submitted through the API and ChatGPT Enterprise, including inputs and outputs, is not used to train OpenAI's models by default, distinguishing enterprise terms from standard consumer ChatGPT terms.
This analysis describes what OpenAI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision directly affects enterprise customers' data minimization posture and their ability to represent AI data governance to regulators and auditors. The default exclusion from model training is a foundational representation that organizations should verify is active for their specific account configuration and contractually documented in an executed agreement.
Interpretive note: The provision is stated as a default on a public web page rather than in a signed agreement; contractual enforceability depends on the specific DPA executed by the customer.
Removed explicit mention of ChatGPT Team product and removed redundant 'by default' from the second sentence.
View full change record →Under this provision, enterprise and API customers' conversation data is not used by OpenAI to improve or train its models by default. This provision applies specifically to ChatGPT Enterprise and API deployments, not to consumer-tier ChatGPT accounts.
How other platforms handle this
We use information to enhance the quality, reliability, and/or accuracy of our AI Features by creating, developing, training, testing, improving, and maintaining AI and ML models run by Strava or our service providers. We use aggregated, de-identified data for this purpose. We also use personal info...
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
Monitoring
OpenAI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We do not train on your business data by default. Inputs and outputs through the API and ChatGPT Enterprise are not used to train our models.— Excerpt from OpenAI's OpenAI Enterprise Privacy
(1) REGULATORY LANDSCAPE: This provision engages GDPR Article 5 data minimization and purpose limitation principles, as well as CCPA restrictions on secondary use of personal data by service providers. The EU data protection authorities and the California Privacy Protection Agency are the relevant enforcement bodies. Where enterprise customer data contains personal data of EU data subjects, this default exclusion from training supports compliance with purpose limitation requirements, though it must be reflected in the executed DPA to be contractually binding. (2) GOVERNANCE EXPOSURE: Medium. The provision is asserted as a default, but its enforceability depends on whether it is captured in an executed data processing agreement. Organizations that have not executed a DPA may be relying on a unilateral disclosure rather than a contractual commitment, which creates audit and compliance exposure if the practice changes. (3) JURISDICTION FLAGS: EU/EEA organizations have heightened exposure because GDPR requires purpose limitation to be documented in processing records and DPAs. California organizations should confirm this provision is reflected in a written service provider contract to satisfy CCPA requirements. Healthcare organizations using the API should confirm that this provision interacts appropriately with their BAA. (4) CONTRACT AND VENDOR IMPLICATIONS: Procurement teams should treat this disclosure as a due diligence trigger to verify that an executed DPA contains an equivalent contractual commitment. Where OpenAI is a sub-processor for downstream enterprise customers, this representation may need to flow down through vendor agreements. The provision does not address whether telemetry, metadata, or usage data (distinct from conversation inputs and outputs) is similarly excluded. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should document the model training exclusion in their AI system inventory and data processing records. If the organization's data protection impact assessment or AI governance framework relies on this provision, a contractual reference (not just a web page disclosure) should be obtained and retained. Teams should also verify whether fine-tuning or custom model features, if used, alter the default training exclusion.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision directly affects enterprise customers' data minimization posture and their ability to represent AI data governance to regulators and auditors. The default exclusion from model training is a foundational representation that organizations should verify is active for their specific account configuration and contractually documented in an executed agreement.
Under this provision, enterprise and API customers' conversation data is not used by OpenAI to improve or train its models by default. This provision applies specifically to ChatGPT Enterprise and API deployments, not to consumer-tier ChatGPT accounts.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by OpenAI.