Sourcegraph and its AI partners will not use your code to train their AI models, unless you separately purchase a custom fine-tuning service.
This analysis describes what Sourcegraph Cody's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision directly addresses a common concern with AI coding tools: whether proprietary code submitted to the service is used to improve models available to other users. The terms state this does not occur for Enterprise and Pro team users.
Interpretive note: The provision states commitments on behalf of Partner LLMs without detailing the contractual mechanism binding those third parties, creating some uncertainty about enforceability against Partner LLMs directly.
Enterprise and Pro team users' code is not used to train Sourcegraph's or Partner LLMs' general models under this provision. The carve-out for custom fine-tuning is limited to separately purchased services and is stated to be for the customer's proprietary use only.
How other platforms handle this
We use information to enhance the quality, reliability, and/or accuracy of our AI Features by creating, developing, training, testing, improving, and maintaining AI and ML models run by Strava or our service providers. We use aggregated, de-identified data for this purpose. We also use personal info...
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
Monitoring
Sourcegraph Cody has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Sourcegraph and Sourcegraph Partner LLMs do not use code from Cody Enterprise or Cody Pro teams to train models. Sourcegraph may fine-tune a custom model solely for your proprietary use if you purchase that service.— Excerpt from Sourcegraph Cody's Sourcegraph Cody Usage and Privacy
REGULATORY LANDSCAPE: This provision engages GDPR principles of purpose limitation and data minimization where customer code may constitute personal data or business-confidential information. CCPA service provider restrictions on secondary use of data are also relevant. Regulatory frameworks governing AI training data practices, including proposed EU AI Act provisions, may interact with this commitment. GOVERNANCE EXPOSURE: Medium. The commitment not to train on customer code is a contractual assertion. Legal teams should assess whether Sourcegraph's agreements with Partner LLMs contain equivalent contractual bindings, as the document does not detail the mechanism by which Partner LLMs are bound to this restriction. JURISDICTION FLAGS: EU and EEA organizations should evaluate whether this commitment satisfies GDPR purpose limitation requirements if Customer Content transmitted to Partner LLMs constitutes personal data. California organizations should assess alignment with CCPA service provider obligations. CONTRACT AND VENDOR IMPLICATIONS: Procurement teams should request documentation of the contractual bindings between Sourcegraph and each Partner LLM that enforce this no-training commitment. The bring-your-own-LLM carve-out documented in the FAQ means this provision does not apply to customers using non-Partner LLMs. COMPLIANCE CONSIDERATIONS: Data protection impact assessments for AI tool deployments should document this provision as a key control. Organizations in regulated industries, including financial services and healthcare, should verify that Partner LLM agreements are available for review and that the no-training commitment is enforceable.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision directly addresses a common concern with AI coding tools: whether proprietary code submitted to the service is used to improve models available to other users. The terms state this does not occur for Enterprise and Pro team users.
Enterprise and Pro team users' code is not used to train Sourcegraph's or Partner LLMs' general models under this provision. The carve-out for custom fine-tuning is limited to separately purchased services and is stated to be for the customer's proprietary use only.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Sourcegraph Cody.