Sourcegraph and its AI partners will not use your code to train their AI models, unless you separately purchase a custom fine-tuning service.
This analysis describes what Sourcegraph Cody's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision directly addresses a common concern with AI coding tools: whether proprietary code submitted to the service is used to improve models available to other users. The terms state this does not occur for Enterprise and Pro team users.
Interpretive note: The provision states commitments on behalf of Partner LLMs without detailing the contractual mechanism binding those third parties, creating some uncertainty about enforceability against Partner LLMs directly.
Enterprise and Pro team users' code is not used to train Sourcegraph's or Partner LLMs' general models under this provision. The carve-out for custom fine-tuning is limited to separately purchased services and is stated to be for the customer's proprietary use only.
Cross-platform context
See how other platforms handle No Model Training on Customer Code and similar clauses.
Compare across platforms →Monitoring
Sourcegraph Cody has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Sourcegraph and Sourcegraph Partner LLMs do not use code from Cody Enterprise or Cody Pro teams to train models. Sourcegraph may fine-tune a custom model solely for your proprietary use if you purchase that service.— Excerpt from Sourcegraph Cody's Sourcegraph Cody Usage and Privacy
REGULATORY LANDSCAPE: This provision engages GDPR principles of purpose limitation and data minimization where customer code may constitute personal data or business-confidential information. CCPA service provider restrictions on secondary use of data are also relevant. Regulatory frameworks governing AI training data practices, including proposed EU AI Act provisions, may interact with this commitment. GOVERNANCE EXPOSURE: Medium. The commitment not to train on customer code is a contractual assertion. Legal teams should assess whether Sourcegraph's agreements with Partner LLMs contain equivalent contractual bindings, as the document does not detail the mechanism by which Partner LLMs are bound to this restriction. JURISDICTION FLAGS: EU and EEA organizations should evaluate whether this commitment satisfies GDPR purpose limitation requirements if Customer Content transmitted to Partner LLMs constitutes personal data. California organizations should assess alignment with CCPA service provider obligations. CONTRACT AND VENDOR IMPLICATIONS: Procurement teams should request documentation of the contractual bindings between Sourcegraph and each Partner LLM that enforce this no-training commitment. The bring-your-own-LLM carve-out documented in the FAQ means this provision does not apply to customers using non-Partner LLMs. COMPLIANCE CONSIDERATIONS: Data protection impact assessments for AI tool deployments should document this provision as a key control. Organizations in regulated industries, including financial services and healthcare, should verify that Partner LLM agreements are available for review and that the no-training commitment is enforceable.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision directly addresses a common concern with AI coding tools: whether proprietary code submitted to the service is used to improve models available to other users. The terms state this does not occur for Enterprise and Pro team users.
Enterprise and Pro team users' code is not used to train Sourcegraph's or Partner LLMs' general models under this provision. The carve-out for custom fine-tuning is limited to separately purchased services and is stated to be for the customer's proprietary use only.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Sourcegraph Cody.