This analysis describes what Windsurf's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The provision operationalizes different data handling standards based on subscription tier, with enterprise and team arrangements automatically excluding data retention while individual users must affirmatively elect this configuration.
Individual plan users operate under a default data retention model unless they affirmatively enable zero-data retention mode from their profile page; teams and enterprise plan users have zero-data retention applied without requiring configuration.
How other platforms handle this
We retain personal data for as long as needed to provide our services, comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will vary depending on the type of data and the purposes for which we use it.
Microsoft retains personal data for as long as necessary to provide the products and fulfill the transactions you have requested, or for other legitimate purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for differen...
We keep information as long as we need it to provide our products and services and fulfil the purposes described in this policy. This is a case-by-case determination that depends on things like the nature of the information, why it is collected and processed, relevant legal or operational retention ...
Monitoring
Windsurf has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"For any teams or enterprise plans, all inputs and outputs to these requests follow zero-data retention policies by default. For any individual plan, users can opt-in to zero-data retention mode from their profile page. A large fraction of individual users have zero-data retention mode enabled.— Excerpt from Windsurf's Windsurf Security & Data Handling
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The provision operationalizes different data handling standards based on subscription tier, with enterprise and team arrangements automatically excluding data retention while individual users must affirmatively elect this configuration.
Individual plan users operate under a default data retention model unless they affirmatively enable zero-data retention mode from their profile page; teams and enterprise plan users have zero-data retention applied without requiring configuration.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Windsurf.