Track 1 platform and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
This privacy policy establishes Stability AI's data collection and processing practices for users of its image and content generation services, including DreamStudio and the Stability AI API. The policy authorizes collection of account details, device information, usage activity, payment data, and user-generated prompts and outputs, with authorization to use this data for product improvement, AI model training, and marketing purposes. Users in the UK, EU, and California are granted specific rights to request access, deletion, correction, and portability of their personal data through privacy@stability.ai.
This document is Stability AI's privacy policy governing the collection, use, storage, and disclosure of personal data from users of its AI products and services, including the Stability AI API, DreamStudio, and related platforms; the policy cites compliance with GDPR (for UK and EU users), CCPA (for California residents), and references lawful bases including consent, legitimate interests, and contractual necessity. The agreement states that Stability AI collects identifiers, device and usage data, payment information, and user-generated content (including prompts and outputs), and the terms authorize use of this data for product improvement, safety research, fraud prevention, marketing, and sharing with service providers, analytics partners, and third parties in the context of business transfers. The policy permits retention of personal data for as long as necessary for stated purposes and reserves the right to use input data to train and improve AI models, which is an operationally significant provision for users of generative AI services; the agreement asserts broad data use rights, though applicable law in certain jurisdictions may constrain how these are exercised in practice. The policy engages GDPR and UK GDPR for European and UK users, CCPA for California residents, and the EU AI Act framework may be relevant given the nature of Stability AI's products; enforcement authorities include the UK Information Commissioner's Office (ICO), EU data protection authorities, and the California Attorney General. Material compliance considerations include the adequacy of consent mechanisms for AI training data use, cross-border data transfer safeguards, and the sufficiency of user rights mechanisms provided under the policy.
Institutional analysis available with Professional
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.
Start Professional free trialMonitoring
Stability AI has updated this document before.
Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
Professional Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Start Professional free trialCross-platform context
See how other platforms handle AI Model Training Use of User Content and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.