The policy authorizes Perplexity to share user query content and conversation history with external AI model providers in order to generate responses. These third-party providers may process the submitted content under their own terms.
This analysis describes what Perplexity AI's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes that sensitive user query content and conversation history are transmitted to third-party organizations beyond Perplexity, creating a data sharing chain that extends Perplexity's privacy obligations into downstream provider relationships. Compliance teams should assess whether adequate data processing agreements govern these transfers and whether the processing basis is sufficient under applicable law.
Interpretive note: The policy does not enumerate specific third-party AI model providers, making it difficult to assess the full scope of data sharing authorized by this provision.
Under this clause, query content and conversation history submitted by users may be processed by third-party AI model providers, not solely by Perplexity. The specific identity and data handling practices of those third-party providers are not fully enumerated in the policy text reviewed.
How other platforms handle this
We may also share your personal information with third parties that assist us in providing our services, or where we are under an obligation to report to. But rest assured: we will only ever share your personal information in the limited circumstances described in this Policy.
We may share your personal information with third parties in the following circumstances: With service providers who perform services on our behalf, such as data analytics, marketing, customer service, and technology services. With financial partners, including banks, brokerage firms, and payment pr...
We may share your information with third parties that perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. We may also share your information with business partners who offer products or services that...
Monitoring
Perplexity AI has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We may share your information with third-party AI model providers to generate responses to your queries. These providers may process your queries and conversation history as part of providing their services.— Excerpt from Perplexity AI's Perplexity AI Privacy Policy
1) REGULATORY LANDSCAPE: This provision implicates GDPR Articles governing data controller and processor relationships and international data transfers, CCPA provisions on sharing personal information with service providers and third parties, and FTC Act standards on material disclosures to consumers. EU/EEA data transfers to third-party AI providers located outside the EEA require valid transfer mechanisms such as Standard Contractual Clauses. The enforcement authority in the EU is the lead supervisory authority under GDPR; the FTC has jurisdiction in the US. 2) GOVERNANCE EXPOSURE: High. The sharing of query content with third-party AI model providers creates complex data processing chain obligations. If the third-party providers use the data for their own model training or analytics, additional disclosure and consent obligations may arise. The policy does not enumerate specific third-party AI providers by name, limiting users' ability to assess downstream data handling. 3) JURISDICTION FLAGS: EU/EEA users face the highest exposure, as GDPR requires explicit lawful bases for data transfers to third countries and mandates data processing agreements with all processors. California users are protected by CCPA service provider restrictions. Healthcare or legal query content submitted by users could attract additional regulatory scrutiny in any jurisdiction. 4) CONTRACT AND VENDOR IMPLICATIONS: Procurement and legal teams should verify that data processing agreements with all third-party AI model providers are in place, covering purpose limitation, retention, security, and sub-processing restrictions. The policy's lack of named providers creates due diligence gaps for enterprise customers seeking to assess supply chain data risk. 5) COMPLIANCE CONSIDERATIONS: Compliance teams should maintain an updated list of third-party AI model providers, ensure DPAs or equivalent agreements are executed, and verify that transfer mechanisms are valid for cross-border flows. User-facing disclosures should be reviewed to confirm they satisfy GDPR transparency requirements regarding the identity of recipients.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes that sensitive user query content and conversation history are transmitted to third-party organizations beyond Perplexity, creating a data sharing chain that extends Perplexity's privacy obligations into downstream provider relationships. Compliance teams should assess whether adequate data processing agreements govern these transfers and whether the processing basis is sufficient under applicable law.
Under this clause, query content and conversation history submitted by users may be processed by third-party AI model providers, not solely by Perplexity. The specific identity and data handling practices of those third-party providers are not fully enumerated in the policy text reviewed.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Perplexity AI.