The policy grants EU, EEA, UK, and Switzerland-based users data subject rights under GDPR and equivalent laws, including access, rectification, erasure, restriction, objection, and data portability. Users in these jurisdictions may also complain to their local data protection authority.
This analysis describes what Perplexity AI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes GDPR data subject rights for EU/EEA, UK, and Swiss users and references the right to complain to supervisory authorities, which is a mandatory GDPR transparency requirement. The operational implementation of these rights, including response mechanisms and lawful basis documentation, is a primary compliance focus for GDPR-regulated operations.
EU, EEA, UK, and Swiss users can submit requests to access, correct, delete, restrict, or port their personal data, and can object to certain processing, by contacting Perplexity. These users can also escalate complaints to their national data protection authority.
How other platforms handle this
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
Depending on where you are located, you may have certain rights regarding your personal information, including the right to access, correct, delete, or restrict processing of your personal information, the right to data portability, and the right to object to or withdraw consent for certain processi...
For individuals in the United States, please also refer to our Notice For Individuals Residing In Certain US States below and the Consumer Health Data Policy.
Monitoring
Perplexity AI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have certain rights under applicable data protection laws, including the right to access, rectify, erase, restrict, or object to processing of your personal data, and the right to data portability. You may also have the right to lodge a complaint with your local data protection authority.— Excerpt from Perplexity AI's Perplexity AI Privacy Policy
1) REGULATORY LANDSCAPE: This provision directly engages GDPR, UK GDPR, and the Swiss Federal Act on Data Protection. Enforcement authorities include national data protection authorities in each EU/EEA member state and the UK ICO. Article 17 (right to erasure), Article 20 (data portability), and Article 21 (right to object) are directly referenced. Cross-border data transfers from the EU to the US require valid transfer mechanisms such as Standard Contractual Clauses or adequacy decisions. 2) GOVERNANCE EXPOSURE: High. Perplexity's AI query processing and model training data use provisions must each be grounded in a documented GDPR lawful basis. The policy's discussion of legitimate interests for certain processing activities requires a documented balancing test. Failure to provide adequate transfer mechanisms for US-based processing of EU user data creates enforcement exposure. 3) JURISDICTION FLAGS: EU/EEA member state laws may impose additional national derogations or requirements beyond the GDPR baseline. UK GDPR applies separately post-Brexit. Swiss law has recently been updated and imposes comparable requirements. AI-specific guidance from EU supervisory authorities on the use of personal data for model training is an active regulatory development area. 4) CONTRACT AND VENDOR IMPLICATIONS: Standard Contractual Clauses or equivalent transfer mechanisms should be in place for all transfers of EU user data to US-based servers or processors. Transfer impact assessments may be required. B2B customers with EU operations should verify Perplexity's transfer mechanism documentation before deployment. 5) COMPLIANCE CONSIDERATIONS: Legal teams should maintain a Record of Processing Activities covering all EU user data flows, document lawful bases for each processing purpose including AI model training, ensure SCCs or equivalent are executed with all relevant processors, and implement a functioning data subject request intake process with 30-day response capability.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes GDPR data subject rights for EU/EEA, UK, and Swiss users and references the right to complain to supervisory authorities, which is a mandatory GDPR transparency requirement. The operational implementation of these rights, including response mechanisms and lawful basis documentation, is a primary compliance focus for GDPR-regulated operations.
EU, EEA, UK, and Swiss users can submit requests to access, correct, delete, restrict, or port their personal data, and can object to certain processing, by contacting Perplexity. These users can also escalate complaints to their national data protection authority.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Perplexity AI.