# AI Stack GRC Compliance Report — 2 platforms - Generated: 2026-06-14T10:10:05.481Z - Source: AIRIN verified findings (gate-verified, verbatim-cited, SHA-256-anchored) > Automated assessment against a published rubric — not legal advice. ## Stack summary | Platform | Headline risk | Verified findings | Dealbreakers | |---|---|---|---| | Claude (Anthropic) | HIGH | 202 | none detected | | Grok (xAI) | MEDIUM | 206 | none detected | --- # GRC Risk Assessment — Claude (Anthropic) - Platform: **Claude (Anthropic)** (anthropic-claude) - Headline risk rating: **HIGH** - Website: https://claude.ai - Generated: 2026-06-14T10:10:05.481Z - Findings (verified, published): **202** > Every assertion is anchored to a verbatim quote with a SHA-256 snapshot hash and a Wayback archive URL for independent verification. Informational only; not legal advice. ## Control crosswalk (NIST AI RMF 1.0 + ISO/IEC 42001) | Surface | Risk | Confidence | NIST AI RMF | ISO/IEC 42001 | |---|---|---|---|---| | training use | high | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | medium | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | medium | low | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | medium | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | medium | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | commercial use | high | low | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | medium | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | ambiguous | low | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | low | low | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | low | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | low | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | data retention | medium | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | medium | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | medium | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | ambiguous | medium | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | subprocessors data sharing | medium | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | medium | medium | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | medium | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | medium | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | medium | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | low | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | low | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | audit rights dpa residency | medium | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | low | medium | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | ambiguous | low | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | indemnity liability | high | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | governing law disputes | medium | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | moderation enforcement | high | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | high | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | high | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | medium | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | medium | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | medium | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | medium | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | medium | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | low | low | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | low | low | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | tier differences | medium | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | ## Evidence (verbatim, with provenance) ### training use — risk high > We may use your Inputs and Outputs to train our models and improve our Services, unless you opt out through your account settings. Even if you opt-out, we will use Inputs and Outputs for model improvement when: (1) your conversations are flagged for safety review to improve our ability to detect harmful content, enforce our policies, or advance AI safety research, or (2) you've explicitly reported the materials to us (for example via our feedback mechanisms). - Interpretation (disclaimed): The clause grants Anthropic a broad default right to use inputs and outputs for model training, with an opt-out mechanism that is materially limited by two exceptions. The safety-review carve-out in particular is broad and discretionary, meaning a user's opt-out election may be overridden by Anthropic's internal content moderation decisions. - Tier: All - Location: § 2 - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=We%20may%20use%20your,via%20our%20feedback%20mechanisms). ### training use — risk medium > To improve the Services and conduct research (including model training). See our Non-User Privacy Policy for more details on the data used to train our models. Feedback Inputs and Outputs Data provided through the Development Partner Program Consent (when users submit Feedback) Legitimate interests It is in our legitimate interests and in the interest of Anthropic users to evaluate the use of the Services and adoption of new features to inform the development of future features and improve direction and development of the Services. - Interpretation (disclaimed): Using legitimate interests as a legal basis for model training is contested under EU/UK GDPR. Users have an objection right, but the policy does not proactively highlight this for the training purpose. The dual legal basis (consent + LI) creates ambiguity about when each applies. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=To%20improve%20the%20Services,development%20of%20the%20Services. ### training use — risk medium > Utilization of inputs and outputs to train an AI model (e.g., “model scraping” or “model distillation”) without prior authorization from Anthropic - Interpretation (disclaimed): The restriction is framed as a prohibited user behavior under the AUP, not as a bilateral obligation. The document is silent on Anthropic's own training-use rights over user-submitted content, which is a significant gap for risk assessment. Users who wish to fine-tune competing models using Claude outputs are expressly prohibited without authorization. - Tier: All - Location: Usage Policy › “Do Not Abuse our Platform” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=Utilization%20of%20inputs%20and,prior%20authorization%20from%20Anthropic ### training use — risk medium > Data that our users or crowd workers provide, including Inputs and Outputs from our Services (unless users opt out) - Interpretation (disclaimed): This clause establishes that user-submitted inputs and outputs are a listed data source for model training by default, placing the onus on users to affirmatively opt out rather than opting in. - Tier: All - Location: Privacy Policy › “Publicly available information via the Internet” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Data%20that%20our%20users,(unless%20users%20opt%20out) ### training use — risk medium > We may process personal data in an aggregated or de-identified form to analyze the effectiveness of our Services, conduct research, study user behavior, and train our AI models as permitted under applicable laws. For instance: When you submit Feedback, we disassociate Inputs and Outputs from your user ID to use them for training and improving our models. If our systems flag Inputs or Outputs for potentially violating our  Usage Policy , we disassociate the content from your user ID to train our trust and safety internal classification and generative models. However, we may re-identify the Inputs or Outputs to enforce our Usage Policy with the responsible user if necessary. - Interpretation (disclaimed): Under GDPR and similar laws, truly anonymous data falls outside data protection scope, but the explicit re-identification capability suggests the data may not qualify as fully anonymous, raising Art. 4(1) personal data concerns. The training use is based on legitimate interests, which users may object to. - Tier: All - Location: Privacy Policy › “Aggregated or De-Identified Information” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=We%20may%20process%20personal,responsible%20user%20if%20necessary. ### training use — risk unknown > When you access our website or Services, your personal data may be transferred to our servers in the US, or to other countries outside the European Economic Area ( “EEA” ) and the UK. This may be a direct provision of your personal data to us, or a transfer that we or a third party make. Where information is transferred outside the EEA or the UK, we ensure it benefits from an adequate level of data protection by relying on: Adequacy decisions.   These are decisions from the European Commission under Article 45 GDPR (or equivalent decisions under other laws) where they recognise that a country outside of the EEA offers an adequate level of data protection. We transfer your information as described in “Collection of Personal Data” to some countries with adequacy decisions, such as the countries listed  here ; or Standard contractual clauses.   The European Commission has approved contractual clauses under Article 46 GDPR that allows companies in the EEA to transfer data outside the EEA. These (and their approved equivalent for the UK and Switzerland) are called standard contractual clauses. We rely on standard contractual clauses to transfer information as described in “Collection of Personal Data” to certain affiliates and third parties in countries without an adequacy decision. In certain situations, we rely on derogations provided for under applicable data protection law to transfer information to a third country. - Interpretation (disclaimed): This segment permits Anthropic to process personal data in aggregated or de-identified form for research, analytics, and AI model training, and describes specific de-identification procedures for feedback and safety-flagged content, while noting the possibility of re-identification, establishing a qualified permission for de-identified training data use. - Tier: All - Location: § 5 (Data Transfers) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20When%20you%20access,to%20a%20third%20country. ### training use — risk unknown > When you use our Services, you acknowledge and agree: Outputs may not always be accurate and may contain material inaccuracies even if they appear accurate because of their level of detail or specificity. Actions may not be error free or operate as you intended. You should not rely on any Outputs or Actions without independently confirming their accuracy. The Services and any Outputs may not reflect correct, current, or complete information. Outputs may contain content that is inconsistent with Anthropic’s views. Our use of Materials.  We may use Materials to provide, maintain, and improve the Services and to develop other products and services, including training our models, unless you opt out of training through your account settings. Even if you opt out, we will use Materials for model training when: (1) you provide Feedback to us regarding any Materials, or (2) your Materials are flagged for safety review to improve our ability to detect harmful content, enforce our policies, or advance our safety research. - Interpretation (disclaimed): This segment disclaims accuracy of Outputs and Actions, warns users not to rely on them without independent verification, and grants Anthropic permission to use Materials to provide, maintain, and improve Services, which encompasses potential training use of user-submitted content. - Tier: All - Location: § 4 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=When%20you%20use%20our,advance%20our%20safety%20research. ### training use — risk unknown > Datasets that we obtain through commercial agreements with third party businesses Data that our users or crowd workers provide, including Inputs and Outputs from our Services (unless users opt out) - Interpretation (disclaimed): Discloses that user inputs and outputs are used for model training unless users opt out, and that commercially licensed third-party datasets are also used, establishing both the training use permission and the opt-out right as a restriction on default use. - Tier: All - Location: Privacy Policy › “Publicly available information via the Internet” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Datasets%20that%20we,(unless%20users%20opt%20out) ### training use — risk unknown > Datasets that we obtain through commercial agreements with third party businesses Data that our users or crowd workers provide, including Inputs and Outputs from our Services (unless users opt out) - Interpretation (disclaimed): This segment discloses that training data includes commercially licensed third-party datasets and user/crowd worker Inputs and Outputs, with a conditional exception allowing users to opt out, creating a default obligation to use user data for training unless opt-out is exercised. - Tier: All - Location: Privacy Policy › “Publicly available information via the Internet” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Datasets%20that%20we,(unless%20users%20opt%20out) ### training use — risk unknown > It is in our legitimate interests and in the interest of Anthropic users to evaluate the use of the Services and adoption of new features to inform the development of future features and improve direction and development of the Services. Our research also benefits the AI industry and society: it investigates the safety, inner workings, and societal impact of AI models so that artificial intelligence has a positive impact on society as it becomes increasingly advanced and capable. To improve the Services and conduct research (including model training). See our Non-User Privacy Policy for more details on the data used to train our models. Feedback - Interpretation (disclaimed): Explains Anthropic's legitimate interest justification for processing data to improve services and conduct research that includes model training, referencing the Non-User Privacy Policy and articulating the public-benefit rationale for AI safety research, thereby granting permission to use data for model training purposes. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,train%20our%20models.%20Feedback ### training use — risk unknown > For more information about how we collect and use personal data to develop our language models that power our Services, the steps we take to minimize the privacy impact on individuals through the training process, and your choices with respect to that information, please see our separate Non-User Privacy Policy . - Interpretation (disclaimed): Incorporates by reference the separate Non-User Privacy Policy for detailed information on how personal data is used to develop language models, steps taken to minimize privacy impact, and user choices regarding training data, making that document operative for training-related rights and obligations. - Tier: All - Location: Privacy Policy › “Data that we generate internally” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20For%20more%20information,Non-User%20Privacy%20Policy%20. ### training use — risk unknown > Anthropic obtains personal data from third party sources in order to train our models. Specifically, we train our models using data from the following sources: - Interpretation (disclaimed): States that Anthropic obtains personal data from third-party sources specifically for the purpose of training AI models, establishing the legal basis and scope of this data acquisition obligation. - Tier: All - Location: Privacy Policy › “Personal data we collect or receive to train our models” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Anthropic%20obtains%20personal,from%20the%20following%20sources%3A ### training use — risk unknown > For more information about how we collect and use personal data to develop our language models that power our Services, the steps we take to minimize the privacy impact on individuals through the training process, and your choices with respect to that information, please see our separate Non-User Privacy Policy . - Interpretation (disclaimed): This segment incorporates by reference the Non-User Privacy Policy for further detail on personal data used in language model development, the steps taken to minimize privacy impact, and user choices, making that separate document legally operative for training-related rights and obligations. - Tier: All - Location: Privacy Policy › “Data that we generate internally” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20For%20more%20information,Non-User%20Privacy%20Policy%20. ### training use — risk unknown > Anthropic obtains personal data from third party sources in order to train our models. Specifically, we train our models using data from the following sources: - Interpretation (disclaimed): This segment discloses that Anthropic obtains personal data from third-party sources for model training and introduces the enumeration of those sources, creating a transparency obligation regarding training data provenance. - Tier: All - Location: Privacy Policy › “Personal data we collect or receive to train our models” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Anthropic%20obtains%20personal,from%20the%20following%20sources%3A ### training use — risk unknown > It is in our legitimate interests and in the interest of Anthropic users to evaluate the use of the Services and adoption of new features to inform the development of future features and improve direction and development of the Services. Our research also benefits the AI industry and society: it investigates the safety, inner workings, and societal impact of AI models so that artificial intelligence has a positive impact on society as it becomes increasingly advanced and capable. To improve the Services and conduct research (including model training). See our Non-User Privacy Policy for more details on the data used to train our models. Feedback - Interpretation (disclaimed): Articulates the legitimate interest rationale for service improvement and research excluding model training, then transitions to a separate processing purpose that explicitly includes model training, referencing the Non-User Privacy Policy for further detail, thereby granting permission for AI model training using Inputs and Outputs. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,train%20our%20models.%20Feedback ### training use — risk unknown > We may process personal data in an aggregated or de-identified form to analyze the effectiveness of our Services, conduct research, study user behavior, and train our AI models as permitted under applicable laws. For instance: When you submit Feedback, we disassociate Inputs and Outputs from your user ID to use them for training and improving our models. If our systems flag Inputs or Outputs for potentially violating our  Usage Policy , we disassociate the content from your user ID to train our trust and safety internal classification and generative models. However, we may re-identify the Inputs or Outputs to enforce our Usage Policy with the responsible user if necessary. To improve user experience, we may analyze and aggregate general user behavior and usage data. This information does not identify individual users. - Interpretation (disclaimed): Permits processing of personal data in aggregated or de-identified form for analytics, research, and AI model training, and describes the procedure of disassociating inputs/outputs from user IDs for training and safety purposes, while noting the possibility of re-identification under specific circumstances. - Tier: All - Location: Privacy Policy › “Aggregated or De-Identified Information” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20We%20may%20process,not%20identify%20individual%20users. ### prompt ownership — risk unknown > Generally. You may be allowed to interact with our Services in a variety of formats (we call these “ Inputs ”). Our Services may generate responses (we call these “ Outputs ”), or enable the Services to take actions on your behalf, such as software manipulation, data processing, and system interactions (we call these "Actions" ), based on your Inputs. Inputs and Outputs collectively are “ Materials .” Rights and Responsibilities.  You are responsible for all Inputs you submit to our Services and all Actions. By submitting Inputs to our Services, you represent and warrant that you have all rights, licenses, and permissions that are necessary for us to process the Inputs under our Terms and to provide the Services to you, including for example, to integrate with third-party services, to share Materials with others at your direction, and to take Actions. You also represent and warrant that your submitting Inputs to us or directing Claude to take Actions will not violate our Terms, our  Acceptable Use Policy , or any laws or regulations applicable to those Inputs or Actions. As between you and Anthropic, and to the extent permitted by applicable law, you retain any right, title, and interest that you have in the Inputs you submit. Subject to your compliance with our Terms, we assign to you all of our right, title, and interest—if any—in Outputs. Reliance on Outputs and Actions.  Artificial intelligence and large language models are frontier technologies that are still improving in accuracy, reliability and safety. - Interpretation (disclaimed): This segment defines key terms—Inputs, Outputs, Actions, and Materials—and establishes that users are responsible for all Inputs and Actions and represent they have all rights necessary to submit Inputs, creating foundational definitions and ownership-related representations that govern user content rights. - Tier: All - Location: § 4 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Generally.%20You%20may,reliability%20and%20safety.%20 ### prompt ownership — risk unknown > The Services are owned, operated, and provided by us and our affiliates, licensors, distributors, and service providers (collectively “ Providers ”). We and our Providers retain all of our respective rights, title, and interest, including intellectual property rights, in and to the Services. Other than the rights of access and use expressly granted in our Terms, our Terms do not grant you any right, title, or interest in or to our Services. - Interpretation (disclaimed): This segment establishes that Anthropic and its Providers retain all intellectual property rights in and to the Services, and restricts users from claiming any right, title, or interest beyond the express access rights granted, limiting user ownership claims over the Services. - Tier: All - Location: § 10 (Ownership of the Services) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20The%20Services%20are,or%20to%20our%20Services. ### output ownership — risk unknown > We appreciate feedback, including ideas and suggestions for improvement or rating an Output in response to an Input (“ Feedback ”). If you rate an Output in response to an Input—for example, by using the thumbs up/thumbs down icon—we will store the related conversation as part of your Feedback. You have no obligation to give us Feedback, but if you do, you agree that we may use the Feedback however we choose without any obligation or other payment to you. - Interpretation (disclaimed): This segment defines Feedback, establishes that Anthropic will store rated conversations as Feedback, and grants Anthropic an unrestricted, royalty-free permission to use Feedback however it chooses with no obligation or payment to the user, effectively conveying broad rights over user-provided feedback content. - Tier: All - Location: § 5 (Feedback) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20We%20appreciate%20feedback%2C,other%20payment%20to%20you. ### commercial use — risk high > Human-in-the-loop: When using our products or services to provide advice, recommendations, or in subjective decision-making directly affecting individuals or consumers , a qualified professional in that field must review the content or decision prior to dissemination or finalization. You or your organization are responsible for the accuracy and appropriateness of that information. - Interpretation (disclaimed): This clause contractually assigns responsibility for output accuracy to the operator ('You or your organization are responsible'), which could be used against the operator in negligence or product liability claims by affected individuals. The human-in-the-loop requirement also increases operational overhead and may make certain automated workflows non-compliant. - Tier: All - Location: Usage Policy › “High-Risk Use Case Requirements” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=Human-in-the-loop%3A%20When%20using%20our,appropriateness%20of%20that%20information. ### commercial use — risk medium > Disclosure: If model outputs are presented directly to individuals or consumers , you must disclose to them that you are using AI to help produce your advice, decisions, or recommendations. This disclosure must be provided at a minimum at the beginning of each session. - Interpretation (disclaimed): This contractual disclosure requirement mirrors and reinforces emerging regulatory obligations. Non-compliance risks breach of contract with Anthropic and potential regulatory liability under consumer protection or AI-specific disclosure laws. Operators must implement session-level disclosure mechanisms. - Tier: All - Location: Usage Policy › “High-Risk Use Case Requirements” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=Disclosure%3A%20If%20model%20outputs,beginning%20of%20each%20session. ### commercial use — risk ambiguous > Anthropic may enter into contracts with certain governmental customers that tailor use restrictions to that customer’s public mission and legal authorities if, in Anthropic’s judgment, the contractual use restrictions and applicable safeguards are adequate to mitigate the potential harms addressed by this Usage Policy. - Interpretation (disclaimed): This clause gives Anthropic unilateral discretion ('in Anthropic's judgment') to waive or modify AUP restrictions for government customers via contract. Non-governmental commercial users have no equivalent mechanism disclosed here, creating a two-tiered enforcement regime with potential fairness and competitive concerns. - Tier: Enterprise - Location: Usage Policy › “Usage Policy \ Anthropic” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=Anthropic%20may%20enter%20into,by%20this%20Usage%20Policy. ### privacy data use — risk medium > Inputs and Outputs:  You are able to interact with our Services in a variety of formats, including but not limited to chat, coding, and agentic sessions ( “Prompts”  or  "Inputs" ), which generate responses and actions ( “Outputs” ) based on your Inputs. This includes third-party applications you choose to integrate with our Services. If you include personal data or reference external content in your Inputs, we will collect that information and this information may be reproduced in your Outputs. - Interpretation (disclaimed): The clause confirms that any personal data embedded in user inputs is collected by Anthropic and may reappear in outputs, raising risks of inadvertent disclosure of third-party personal data and complicating deletion or access requests. - Tier: All - Location: Privacy Policy › “Personal data you provide to us directly” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Inputs%20and%20Outputs%3A%20You,reproduced%20in%20your%20Outputs. ### privacy data use — risk medium > Feedback on your use of our Services:  We appreciate feedback, including ideas and suggestions for improvement or rating an Output in response to an Input (" Feedback "). If you rate an Output in response to an Input—for example, by using the thumbs up/thumbs down icon—we will store the entire related conversation as part of your Feedback. - Interpretation (disclaimed): The clause broadens the data collection consequence of a minimal user action (rating), resulting in full conversation retention. This expands the data footprint beyond what users would typically expect from a feedback mechanism. - Tier: All - Location: Privacy Policy › “Personal data you provide to us directly” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Feedback%20on%20your%20use,part%20of%20your%20Feedback. ### privacy data use — risk medium > Cookies & Similar Technologies.  We and our service providers use cookies, scripts, or similar technologies (“ Cookies ”) to manage the Services and to collect information about you and your use of the Services. These technologies help us to recognize you, customize or personalize your experience, market additional products or services to you, and analyze the use of our Services to make them safer and more useful to you. - Interpretation (disclaimed): The clause confirms use of cookies and similar technologies for behavioral targeting and marketing by Anthropic and its service providers, extending data collection beyond core service delivery. - Tier: All - Location: Privacy Policy › “Personal data we receive automatically from your use of the Services” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Cookies%20%26%20Similar%20Technologies.,more%20useful%20to%20you. ### privacy data use — risk medium > To improve the Services and conduct research, including training our models; and - Interpretation (disclaimed): This purpose statement in the lawful-use section anchors Anthropic's legal basis for using personal data in model training and research, reinforcing the training_use clauses. - Tier: All - Location: § 2 - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=To%20improve%20the%20Services,training%20our%20models%3B%20and ### privacy data use — risk medium > We will only collect, use and disclose your personal data with your consent, unless otherwise permitted or required by law. Your consent may be given expressly or implied, depending on the circumstances and the sensitivity of the information involved. You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. - Interpretation (disclaimed): Allowing implied consent lowers the bar for obtaining user agreement to data processing. The caveat that withdrawal is subject to 'contractual restrictions' means ongoing contractual obligations may override a user's desire to stop data use. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Canada” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=We%20will%20only%20collect%2C,restrictions%20and%20reasonable%20notice. ### privacy data use — risk medium > in certain cases we may continue to process and retain data regardless of your request for deletion, objection, blocking or anonymisation, in order to comply with legal, contractual and regulatory obligations, safeguard and exercise rights, including in judicial, administrative and arbitration proceedings and in other cases provided for by law. - Interpretation (disclaimed): This override provision means user rights (deletion, objection, blocking) are not absolute; Anthropic retains broad discretion to continue processing. While legally standard, the breadth of exceptions ('other cases provided for by law') reduces practical enforceability of user rights. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Brazil” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=in%20certain%20cases%20we,provided%20for%20by%20law. ### privacy data use — risk low > Violate privacy rights as defined by applicable privacy laws, such as sharing personal information without consent or accessing private data unlawfully Misuse, collect, solicit, or gain access without permission to private information such as non-public contact details, health data, biometric or neural data (including facial recognition), or confidential or proprietary data - Interpretation (disclaimed): The clause imposes obligations on users not to misuse personal data through the platform but is silent on how Anthropic collects, stores, or shares user data. For a complete privacy risk assessment, a separate privacy policy would need to be reviewed. - Tier: All - Location: Usage Policy › “Do Not Compromise Privacy or Identity Rights” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=Violate%20privacy%20rights%20as,confidential%20or%20proprietary%20data ### privacy data use — risk low > Automated decision-making : Anthropic does not engage in decision making based solely on automated processing or profiling in a manner which produces a legal effect (i.e., impacts your legal rights) or significantly affects you in a similar way (e.g., significantly affects your financial circumstances or ability to access essential goods or services). - Interpretation (disclaimed): The carve-out mirrors GDPR Art. 22 language (legal/similarly significant effects) but does not exclude all automated profiling. Automated moderation flagging of Inputs/Outputs is referenced elsewhere in the document and is not covered by this statement. - Tier: All - Location: § 4 (Rights and Choices) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Automated%20decision-making%20%3A%20Anthropic,essential%20goods%20or%20services). ### privacy data use — risk low > Sale & targeted Anthropic marketing of its products and services . Anthropic does not “sell” your personal data as that term is defined by applicable laws and regulations. You can opt-out of sharing your personal data for targeted advertising to promote our products and services, and we will honor global privacy controls. - Interpretation (disclaimed): Under CCPA/CPRA, 'sharing' for cross-context behavioral advertising is distinct from 'selling' and triggers separate opt-out rights. Anthropic's denial of 'selling' does not preclude 'sharing' as defined under California law, which may still apply. - Tier: All - Location: § 4 (Rights and Choices) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Sale%20%26%20targeted%20Anthropic,honor%20global%20privacy%20controls. ### privacy data use — risk unknown > We use your personal data for the following purposes: To provide, maintain and facilitate any products and services offered to you with respect to your Anthropic account, which are governed by our Terms of Service; To provide, maintain and facilitate optional services and features that enhance platform functionality and user experience; To communicate with you, including to send you information about our Services and events; To create and administer your Anthropic account; To facilitate payments for products and services provided by Anthropic; To prevent and investigate fraud, abuse, and violations of our  Usage Policy , unlawful or criminal activity, unauthorized access to or use of personal data or Anthropic systems and networks, to protect our rights and the rights of others, and to meet legal, governmental and institutional policy obligations; To investigate and resolve disputes; To investigate and resolve security issues; To debug and to identify and repair errors that impair existing functionality To improve the Services and conduct research, including training our models; and To enforce our  Terms of Service  and similar terms and agreements, including our  Usage Policy . We may use your Inputs and Outputs to train our models and improve our Services, unless you opt out through your account settings. Even if you opt-out, we will use Inputs and Outputs for model improvement when: (1) your conversations are flagged for safety review to improve our ability to detect harmful content, enforce our policies, or advance AI safety research, or (2) you've explicitly reported the materials to us (for example via our feedback mechanisms). Please see Section 10 below for details of our legal bases for processing your personal data. - Interpretation (disclaimed): Continues the enumeration of permitted uses of personal data including service improvement, legal compliance, and safety purposes, further defining the lawful bases for Anthropic's data processing activities. - Tier: All - Location: § 2 - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20We%20use%20your,processing%20your%20personal%20data. ### privacy data use — risk unknown > We implement appropriate technical and organizational security measures designed to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. - Interpretation (disclaimed): This segment establishes Anthropic's procedure for updating the Privacy Policy, including obligation to notify users of material changes, update the effective date, and maintain a changelog in the Privacy Center, creating procedural obligations for policy amendment transparency. - Tier: All - Location: Privacy Policy › “Security Controls Relating to our Processing of Personal Data” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20We%20implement%20appropriate,disclosure%2C%20alteration%2C%20or%20destruction. ### privacy data use — risk unknown > Consent (for example for precise device location or for health app integrations) - Interpretation (disclaimed): This segment defines Consent as a legal basis for processing personal data for optional services, providing examples such as precise device location and health app integrations that clarify the scope of consent-based processing. - Tier: All - Location: Privacy Policy › “Technical Information” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Consent%20(for%20example,for%20health%20app%20integrations) ### privacy data use — risk unknown > It is in our legitimate interests to promote our Services and to send direct marketing. To create and administer your Anthropic account Identity and Contact Data - Interpretation (disclaimed): This segment identifies the purpose of creating and administering user accounts, specifying Identity and Contact Data as a processed category and establishing Contract as the legal basis, creating an obligation to process data for account management. - Tier: All - Location: Privacy Policy › “Legitimate Interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > Entrusted Data Name, ID, phone number, email, address, and other information that you may provide to the domestic representative - Interpretation (disclaimed): Defines the categories of personal data (name, ID, phone number, email, address, and other provided information) that are entrusted to the domestic representative, establishing the scope of data subject to the transfer obligation. - Tier: All - Location: Privacy Policy › “Trustees and Contacts Bae, Kim & Lee LLC (02-3404-0001)” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Entrusted%20Data%20Name%2C,the%20domestic%20representative%20 ### privacy data use — risk unknown > This includes using our products or services to: Violate privacy rights as defined by applicable privacy laws, such as sharing personal information without consent or accessing private data unlawfully Misuse, collect, solicit, or gain access without permission to private information such as non-public contact details, health data, biometric or neural data (including facial recognition), or confidential or proprietary data Impersonate a human by presenting results as human-generated, or using results in a manner intended to convince a natural person that they are communicating with a natural person when they are not - Interpretation (disclaimed): This segment specifies prohibited privacy-related activities including violating privacy laws, misusing private information such as health data or biometric data, and impersonating a human to deceive natural persons about the nature of AI-generated communications. - Tier: All - Location: Usage Policy › “Do Not Compromise Privacy or Identity Rights” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,when%20they%20are%20not ### privacy data use — risk unknown > This includes using our products or services to: Violate privacy rights as defined by applicable privacy laws, such as sharing personal information without consent or accessing private data unlawfully Misuse, collect, solicit, or gain access without permission to private information such as non-public contact details, health data, biometric or neural data (including facial recognition), or confidential or proprietary data Impersonate a human by presenting results as human-generated, or using results in a manner intended to convince a natural person that they are communicating with a natural person when they are not - Interpretation (disclaimed): This segment enumerates specific prohibited privacy-related activities, including violating applicable privacy laws, misusing or collecting private information (health, biometric, neural data) without permission, and impersonating humans by presenting AI-generated results as human-generated, establishing specific data-use and identity restrictions. - Tier: All - Location: Usage Policy › “Do Not Compromise Privacy or Identity Rights” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,when%20they%20are%20not ### privacy data use — risk unknown > Please read our Privacy Policy , which describes how we collect and use personal information. - Interpretation (disclaimed): This segment incorporates the Privacy Policy by reference, directing users to a separate document that governs how personal information is collected and used, creating a legally binding cross-reference to data handling obligations. - Tier: All - Location: Terms of Service › “Consumer Terms of Service \ Anthropic” - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Please%20read%20our,and%20use%20personal%20information. ### privacy data use — risk unknown > Anthropic is an AI safety and research company working to build reliable, interpretable, and steerable AI systems. This Privacy Policy explains how we collect, use, disclose, and process your personal data when you use our website and other places where Anthropic acts as a  data controller —for example, when you interact with Claude.ai or other products as a consumer for personal use (" Services ") or when Anthropic operates and provides our commercial customers and their end users with access to our commercial products, such as the Claude Team plan (“ Commercial Services ”). This Privacy Policy does not apply where Anthropic acts as a  data processor  and processes personal data on behalf of commercial customers using Anthropic’s Commercial Services – for example, your employer has provisioned you a Claude for Work account, or you're using an app that is powered on the back-end with Claude. In those cases, the commercial customer is the controller, and you can review their policies for more information about how they handle your personal data. Please see our Non-User Privacy Policy for information on how our large language models are ‘trained’ and how personal data obtained from third party sources, including where others may submit personal data when using our services, may be used when developing or delivering our products and services. This Privacy Policy also describes your privacy rights. More information about your rights, and how to exercise them, is set out in Section 4 (“Rights and Choices”). - Interpretation (disclaimed): This segment defines the scope of the Privacy Policy, identifying Anthropic as data controller and defining the categories of covered services (consumer Services and Commercial Services), establishing foundational definitions that govern all subsequent data processing obligations. - Tier: All - Location: Privacy Policy › “Privacy Policy \ Anthropic” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Anthropic%20is%20an,(%E2%80%9CRights%20and%20Choices%E2%80%9D).%20 ### privacy data use — risk unknown > Identity and Contact Data:  Anthropic collects identifiers, including your name, email address, and phone number when you sign up for an Anthropic account, or to receive information on our Services. We may also collect or generate indirect identifiers (e.g., “USER12345”). Payment Information:  We shall collect your payment information if you choose to purchase access to Anthropic’s products and services. Inputs and Outputs:  You are able to interact with our Services in a variety of formats, including but not limited to chat, coding, and agentic sessions ( “Prompts”  or  "Inputs" ), which generate responses and actions ( “Outputs” ) based on your Inputs. This includes third-party applications you choose to integrate with our Services. If you include personal data or reference external content in your Inputs, we will collect that information and this information may be reproduced in your Outputs. Feedback on your use of our Services:  We appreciate feedback, including ideas and suggestions for improvement or rating an Output in response to an Input (" Feedback "). If you rate an Output in response to an Input—for example, by using the thumbs up/thumbs down icon—we will store the entire related conversation as part of your Feedback. You can learn more about how we use Feedback here . Communication Information:  If you communicate with us, including via our chatbot on our Help site, we collect your name, contact information, and the contents of any messages you send. - Interpretation (disclaimed): This segment defines specific categories of personal data collected directly from users, including identity/contact data, payment information, and Inputs/Outputs (Prompts), establishing the legal definition of 'Prompts' and 'Inputs' as terms used throughout the policy and governing what data Anthropic collects and may process. - Tier: All - Location: Privacy Policy › “Personal data you provide to us directly” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Identity%20and%20Contact,any%20messages%20you%20send. ### privacy data use — risk unknown > When you use the Services, we also receive certain technical data automatically (described below, collectively “ Technical Information ”). This includes: Device and Connection Information.  Consistent with your device or browser permissions, your device or browser automatically sends us information about when and how you install, access, or use our Services. This includes information such as your device type, operating system information, browser information and web page referers, mobile network, connection information, mobile operator or internet service provider (ISP), time zone setting, IP address (including information about the location of the device derived from your IP address), identifiers (including device or advertising identifiers, probabilistic identifiers, and other unique personal or online identifiers), and device location. Usage Information.  We collect information about your use of the Services, such as the dates and times of access, browsing history, search, information about the links you click, pages you view, and other information about how you use the Services, and technology on the devices you use to access the Services. Log and Troubleshooting Information.  We collect information about how our Services are performing when you use them. This information includes log files. If you or your device experiences an error, we may collect information about the error, the time the error occurred, the feature being used, the state of the application when the error occurred, and any communications or content provided at the time the error occurred. - Interpretation (disclaimed): This segment defines 'Technical Information' and enumerates the categories of device and connection data automatically collected from users, establishing the legal scope of automatically collected personal data subject to processing obligations. - Tier: All - Location: Privacy Policy › “Personal data we receive automatically from your use of the Services” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20When%20you%20use,the%20error%20occurred.%20 ### privacy data use — risk unknown > We collect the following categories of personal data: - Interpretation (disclaimed): This segment introduces the enumeration of personal data categories collected by Anthropic, framing the definitional scope of what constitutes collected personal data under the policy. - Tier: All - Location: § 1 (Collection of Personal Data) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20We%20collect%20the,categories%20of%20personal%20data%3A ### privacy data use — risk unknown > To facilitate payments for products and services provided by Anthropic Identity and Contact Data - Interpretation (disclaimed): This segment specifies that Identity and Contact Data is processed under the contract legal basis for the purpose of facilitating payments, establishing an obligation to process this data category in connection with payment transactions for Anthropic products and services. - Tier: All - Location: Privacy Policy › “Contract” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20To%20facilitate%20payments,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > Depending on where you live and the laws that apply in your country of residence, you may enjoy certain rights regarding your personal data, as described further below. However, please be aware that these rights are limited, and that the process by which we may need to action your requests regarding our training dataset are complex. We may also decline a request if we have a lawful reason for doing so. That said, we strive to prioritize the protection of personal data, and comply with all applicable privacy laws. To exercise your rights, you or an authorized agent may submit a request by emailing us at  privacy@anthropic.com . After we receive your request, we may verify it by requesting information sufficient to confirm your identity. You may also have the right to appeal requests that we deny by emailing  privacy@anthropic.com . Anthropic will not discriminate based on the exercising of privacy rights you may have. Set out below is a summary of the rights which you may enjoy, depending on the laws that apply in your country of residence. Right to know:  the right to know what personal data Anthropic processes about you, including the categories of personal data, the categories of sources from which it is collected, the business or commercial purposes for collection, and the categories of third parties to whom we disclose it. Access & data portability: the right to request a copy of the personal data Anthropic processes about you, subject to certain exceptions and conditions. - Interpretation (disclaimed): Establishes that users have legally recognized rights regarding their personal data subject to applicable law, while noting limitations on those rights particularly with respect to training datasets, and provides a procedure for submitting rights requests via email. - Tier: All - Location: § 4 (Rights and Choices) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Depending%20on%20where,exceptions%20and%20conditions.%20 ### privacy data use — risk unknown > When you use the Services, we also receive certain technical data automatically (described below, collectively “ Technical Information ”). This includes: Device and Connection Information.  Consistent with your device or browser permissions, your device or browser automatically sends us information about when and how you install, access, or use our Services. This includes information such as your device type, operating system information, browser information and web page referers, mobile network, connection information, mobile operator or internet service provider (ISP), time zone setting, IP address (including information about the location of the device derived from your IP address), identifiers (including device or advertising identifiers, probabilistic identifiers, and other unique personal or online identifiers), and device location. Usage Information.  We collect information about your use of the Services, such as the dates and times of access, browsing history, search, information about the links you click, pages you view, and other information about how you use the Services, and technology on the devices you use to access the Services. Log and Troubleshooting Information.  We collect information about how our Services are performing when you use them. This information includes log files. If you or your device experiences an error, we may collect information about the error, the time the error occurred, the feature being used, the state of the application when the error occurred, and any communications or content provided at the time the error occurred. - Interpretation (disclaimed): Describes automatic collection of device and connection information from users, constituting an obligation to disclose and a procedural description of data collection practices for device, browser, IP, and usage data. - Tier: All - Location: Privacy Policy › “Personal data we receive automatically from your use of the Services” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20When%20you%20use,the%20error%20occurred.%20 ### privacy data use — risk unknown > If you live in the European Economic Area (EEA), UK or Switzerland (the “European Region”), the data controller responsible for your personal data is Anthropic Ireland, Limited. If you live outside the European Region, the data controller responsible for your personal data is Anthropic PBC. If you have any questions about this Privacy Policy, or have any questions, complaints or requests regarding your personal data, you can contact us as described below: Anthropic PBC with a registered address at 548 Market St, PMB 90375, San Francisco, CA 94104 (United States). Anthropic Ireland, Limited with a registered address at 6th Floor, South Bank House, Barrow Street. Dublin 4, D04 TR29 (Ireland). You can email us at  privacy@anthropic.com  and contact our Data Protection Officer at  dpo@anthropic.com . Please note that under many countries' laws, you have the right to lodge a complaint with the supervisory authority in the place in which you live or work. A full list of EU supervisory authorities’ contact details is available  here . If you live or work in the UK, you have the right to lodge a complaint with the  UK Information Commissioner’s Office . If you live in Brazil, you have the right to lodge a complaint with the  Brazilian Data Protection Authority (ANPD) .If you live in Australia, you have the right to lodge a complaint with the Office of the Australian Information Commissioner . - Interpretation (disclaimed): This segment defines the data controllers responsible for personal data depending on the user's geographic region, establishing the legal entities with obligations under applicable privacy law and providing contact information for privacy-related inquiries. - Tier: All - Location: § 9 (Contact Information) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20If%20you%20live,Australian%20Information%20Commissioner%20. ### privacy data use — risk unknown > To facilitate payments for products and services provided by Anthropic Identity and Contact Data - Interpretation (disclaimed): This segment identifies payment facilitation as a processing purpose, specifying Identity and Contact Data as a processed category and establishing Contract as the legal basis, creating an obligation to process such data for payment transactions. - Tier: All - Location: Privacy Policy › “Contract” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20To%20facilitate%20payments,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > It is in our legitimate interests to maintain continuous functioning of our services and rapid correction of problems to ensure a positive user experience that encourages engagement. To improve the Services and conduct research (excluding model training) Identity and Contact Data - Interpretation (disclaimed): Grants Anthropic permission to process Identity, Contact, Technical, and Feedback data to improve services and conduct research (excluding model training), justified by legitimate interests in service evaluation and AI safety research benefiting users and society. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > To provide, maintain and facilitate any products and services offered to you with respect to your Anthropic account, which are governed by our Terms of Service Identity and Contact Data - Interpretation (disclaimed): This segment identifies the purpose of processing personal data (providing and maintaining services governed by Terms of Service) and the associated data categories, establishing the legal basis for processing as contract performance. - Tier: All - Location: Privacy Policy › “Purpose Type of Data Legal Basis” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20To%20provide%2C%20maintain,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > Anthropic will disclose personal data to the following categories of third parties for the purposes explained in this Policy: Affiliates & corporate partners.  Anthropic discloses the categories of personal data described above between and among its affiliates and related entities. Service providers & business partners.  Anthropic may disclose the categories of personal data described above with service providers and business partners for a variety of business purposes, including website and data hosting, ensuring compliance with industry standards, research, auditing, data processing, and providing you with the services. Anthropic may also disclose personal data in the following circumstances: As part of a significant corporate event.  If Anthropic is involved in a merger, corporate transaction, bankruptcy, or other situation involving the transfer of business assets, Anthropic will disclose your personal data as part of these corporate transactions. Third-Party Websites and Services:  Our Services may involve integrations with, or may direct you to, websites, apps, and services managed by third parties. By interacting with these third parties, you are providing information directly to the third party and not Anthropic and subject to the third party’s privacy policy.If you access third-party services, such as social media sites or other sites linked through the Services (e.g., if you follow a link to our Twitter account), these third-party services will be able to collect personal data about you, including information about your activity on the Services. - Interpretation (disclaimed): This segment introduces the section on individual rights and choices regarding personal data, acknowledging that rights are limited and subject to applicable law, and describing the process for submitting data subject requests, establishing the procedural framework for exercising data subject rights. - Tier: All - Location: § 3 (How We Disclose Personal Data) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Anthropic%20will%20disclose,on%20the%20Services.%20 ### privacy data use — risk unknown > We implement appropriate technical and organizational security measures designed to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. - Interpretation (disclaimed): Establishes Anthropic's obligation to implement appropriate technical and organizational security measures to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, or destruction. - Tier: All - Location: Privacy Policy › “Security Controls Relating to our Processing of Personal Data” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20We%20implement%20appropriate,disclosure%2C%20alteration%2C%20or%20destruction. ### privacy data use — risk unknown > It is in our legitimate interests to fully understand and make reasonable efforts to resolve customer complaints in order to improve user satisfaction. We also have a legal obligation in some cases. - Interpretation (disclaimed): This segment articulates the legitimate interest rationale for processing personal data to investigate and resolve customer complaints, as well as the legal obligation basis in certain cases, justifying the dual legal bases for dispute-related processing. - Tier: All - Location: Privacy Policy › “Legal obligation” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,in%20some%20cases.%20 ### privacy data use — risk unknown > It is in our and our users' legitimate interests to expand our product features and deliver additional services that enhance platform functionality and user experience. To communicate with you and to promote our Services Identity and Contact Data - Interpretation (disclaimed): This segment articulates the legitimate interest rationale for processing personal data to expand product features and deliver additional services, justifying the lawful basis and establishing the processing purpose for optional features. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > It is in our legitimate interests to promote our Services and to send direct marketing. To create and administer your Anthropic account Identity and Contact Data - Interpretation (disclaimed): This segment identifies Identity and Contact Data as processed under the contract legal basis for creating and administering user accounts, establishing an obligation to process this data category in connection with account management under the Terms of Service. - Tier: All - Location: Privacy Policy › “Legitimate Interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > It is in our legitimate interests to maintain continuous functioning of our services and rapid correction of problems to ensure a positive user experience that encourages engagement. To improve the Services and conduct research (excluding model training) Identity and Contact Data - Interpretation (disclaimed): Permits Anthropic to process Identity, Contact, and Technical data to improve Services and conduct research (excluding model training), grounded in legitimate interests, and identifies the categories of data used for this purpose. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > To provide, maintain and facilitate optional services and features that enhance platform functionality and user experience Identity and Contact Data - Interpretation (disclaimed): This segment identifies the purpose of processing personal data for optional services and features, specifying Identity and Contact Data as a processed category and establishing the applicable legal bases including consent and legitimate interests. - Tier: All - Location: Privacy Policy › “Contract” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20To%20provide%2C%20maintain,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > Anthropic is an AI safety and research company working to build reliable, interpretable, and steerable AI systems. This Privacy Policy explains how we collect, use, disclose, and process your personal data when you use our website and other places where Anthropic acts as a  data controller —for example, when you interact with Claude.ai or other products as a consumer for personal use (" Services ") or when Anthropic operates and provides our commercial customers and their end users with access to our commercial products, such as the Claude Team plan (“ Commercial Services ”). This Privacy Policy does not apply where Anthropic acts as a  data processor  and processes personal data on behalf of commercial customers using Anthropic’s Commercial Services – for example, your employer has provisioned you a Claude for Work account, or you're using an app that is powered on the back-end with Claude. In those cases, the commercial customer is the controller, and you can review their policies for more information about how they handle your personal data. Please see our Non-User Privacy Policy for information on how our large language models are ‘trained’ and how personal data obtained from third party sources, including where others may submit personal data when using our services, may be used when developing or delivering our products and services. This Privacy Policy also describes your privacy rights. More information about your rights, and how to exercise them, is set out in Section 4 (“Rights and Choices”). - Interpretation (disclaimed): Defines the scope and purpose of the Privacy Policy, identifying Anthropic as data controller and defining the categories of covered services (Services and Commercial Services), establishing foundational definitional terms that govern subsequent obligations and rights throughout the document. - Tier: All - Location: Privacy Policy › “Privacy Policy \ Anthropic” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Anthropic%20is%20an,(%E2%80%9CRights%20and%20Choices%E2%80%9D).%20 ### privacy data use — risk unknown > Identity and Contact Data:  Anthropic collects identifiers, including your name, email address, and phone number when you sign up for an Anthropic account, or to receive information on our Services. We may also collect or generate indirect identifiers (e.g., “USER12345”). Payment Information:  We shall collect your payment information if you choose to purchase access to Anthropic’s products and services. Inputs and Outputs:  You are able to interact with our Services in a variety of formats, including but not limited to chat, coding, and agentic sessions ( “Prompts”  or  "Inputs" ), which generate responses and actions ( “Outputs” ) based on your Inputs. This includes third-party applications you choose to integrate with our Services. If you include personal data or reference external content in your Inputs, we will collect that information and this information may be reproduced in your Outputs. Feedback on your use of our Services:  We appreciate feedback, including ideas and suggestions for improvement or rating an Output in response to an Input (" Feedback "). If you rate an Output in response to an Input—for example, by using the thumbs up/thumbs down icon—we will store the entire related conversation as part of your Feedback. You can learn more about how we use Feedback here . Communication Information:  If you communicate with us, including via our chatbot on our Help site, we collect your name, contact information, and the contents of any messages you send. - Interpretation (disclaimed): Describes Anthropic's data collection obligation and practice regarding identity, contact, payment information, and user prompts/inputs/outputs, defining the categories of personal data collected and establishing the legal basis for processing such data. - Tier: All - Location: Privacy Policy › “Personal data you provide to us directly” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Identity%20and%20Contact,any%20messages%20you%20send. ### privacy data use — risk unknown > To provide, maintain and facilitate any products and services offered to you with respect to your Anthropic account, which are governed by our Terms of Service Identity and Contact Data - Interpretation (disclaimed): This segment specifies the purpose of processing Identity and Contact Data — to provide, maintain and facilitate products and services governed by the Terms of Service — establishing a legal basis (contract) and an obligation to process such data in connection with service delivery. - Tier: All - Location: Privacy Policy › “Purpose Type of Data Legal Basis” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20To%20provide%2C%20maintain,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > Where necessary to perform a contract with you, such as processing your contact information to send you a technical announcement about the Services. Your consent when we ask for it to process your personal data for a specific purpose that we communicate to you, such as processing your contact information to send you certain forms of marketing communications. - Interpretation (disclaimed): This segment specifies two legal bases—contract performance and consent—for processing personal data for communication and marketing purposes, establishing conditions under which such processing is lawful. - Tier: All - Location: Privacy Policy › “Technical Information” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Where%20necessary%20to,forms%20of%20marketing%20communications. ### privacy data use — risk unknown > We may process personal data in an aggregated or de-identified form to analyze the effectiveness of our Services, conduct research, study user behavior, and train our AI models as permitted under applicable laws. For instance: When you submit Feedback, we disassociate Inputs and Outputs from your user ID to use them for training and improving our models. If our systems flag Inputs or Outputs for potentially violating our  Usage Policy , we disassociate the content from your user ID to train our trust and safety internal classification and generative models. However, we may re-identify the Inputs or Outputs to enforce our Usage Policy with the responsible user if necessary. To improve user experience, we may analyze and aggregate general user behavior and usage data. This information does not identify individual users. - Interpretation (disclaimed): This segment restricts Anthropic's Services from being directed at children under 18, prohibits knowing collection of their data, and establishes a remedy procedure for reporting and deleting children's data, creating legally operative restrictions and procedural obligations under child privacy law. - Tier: All - Location: Privacy Policy › “Aggregated or De-Identified Information” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20We%20may%20process,not%20identify%20individual%20users. ### privacy data use — risk unknown > Our Services are not directed towards, and we do not knowingly collect, use, disclose, sell, or share any information from children under the age of 18. If you become aware that a child under the age of 18 has provided any personal data to us while using our Services, please email us at  privacy@anthropic.com  and we will investigate the matter and, if appropriate, delete the personal data. - Interpretation (disclaimed): Restricts Anthropic's Services from being directed at children under 18 and prohibits knowing collection, use, or disclosure of their personal data, while establishing a procedure for reporting and deleting children's data if inadvertently collected. - Tier: All - Location: § 7 (Children) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Our%20Services%20are,delete%20the%20personal%20data. ### privacy data use — risk unknown > It is in our legitimate interests to protect user data and our systems from intrusion or compromise through monitoring and swift response. We also have a legal obligation to provide adequate security safeguards. To debug and to identify and repair errors that impair existing functionality Identity and Contact Data - Interpretation (disclaimed): States that Anthropic has a legal obligation to provide adequate security safeguards and a legitimate interest in protecting user data and systems through monitoring; also introduces a new processing purpose (debugging and error repair) with associated data categories, establishing both an obligation and permission to process data for those purposes. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > These supplemental disclosures contain additional information relevant to residents of Canada. This content should be read in conjunction with the rest of our Privacy Policy. In case of conflict between our Privacy Policy and these supplemental disclosures, the supplemental disclosures shall prevail in relation to residents of Canada. Consent. By expressly consenting to this Privacy Policy, you confirm you have read, understand, and consent to the collection, use, processing, and disclosure of your personal data in accordance with this Privacy Policy and understand that, in jurisdictions where it is available, Anthropic also relies on other lawful bases for the foregoing as more fully set out in this policy. We will only collect, use and disclose your personal data with your consent, unless otherwise permitted or required by law. Your consent may be given expressly or implied, depending on the circumstances and the sensitivity of the information involved. You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Cross-jurisdictional Transfers. By providing us with personal data, you acknowledge and agree that your personal data may be transferred or disclosed to other jurisdictions for processing and storage outside of Canada, including to the United States and the countries listed on our  Subprocessor List , where laws regarding the protection of personal data may be less stringent than the laws in your jurisdiction. - Interpretation (disclaimed): Requires Canadian residents to read supplemental disclosures in conjunction with the main Privacy Policy, establishes that supplemental disclosures prevail in case of conflict, and records express consent to the collection, use, processing, and disclosure of personal data in accordance with the policy. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Canada” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20These%20supplemental%20disclosures,in%20your%20jurisdiction.%20 ### privacy data use — risk unknown > Where necessary to perform a contract with you, such as processing your contact information to send you a technical announcement about the Services. Your consent when we ask for it to process your personal data for a specific purpose that we communicate to you, such as processing your contact information to send you certain forms of marketing communications. - Interpretation (disclaimed): This segment defines two legal bases — contractual necessity (e.g., technical announcements) and consent (e.g., marketing communications) — applicable to processing contact information for communication purposes, distinguishing the conditions under which each basis applies. - Tier: All - Location: Privacy Policy › “Technical Information” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Where%20necessary%20to,forms%20of%20marketing%20communications. ### privacy data use — risk unknown > It is in our and our users' legitimate interests to expand our product features and deliver additional services that enhance platform functionality and user experience. To communicate with you and to promote our Services Identity and Contact Data - Interpretation (disclaimed): This segment articulates the legitimate interests rationale for expanding product features and delivering additional services, establishing the legal justification for processing Identity and Contact Data to communicate with users and promote services, and specifying this as an operative basis for processing. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > These supplemental disclosures contain additional information relevant to residents of Brazil. This content should be read in conjunction with the rest of our Privacy Policy. In case of conflict between our Privacy Policy and these supplemental disclosures, the supplemental disclosures shall prevail in relation to residents of Brazil. Legal Bases. Depending on the specific purpose of the processing, we may rely on different grounds than those listed under section 2, where permitted by and in accordance with the Brazilian General Data Protection Law (LGPD). For example, we may rely on the "exercise of legal rights" basis to process personal data associated with customer complaints and to enforce our Terms of Service and similar terms and agreements, including our Usage Policy. Data Subject's Rights. LGPD grants certain rights regarding your personal data, which differ from the ones listed under section 4. We will respond to your requests to exercise your rights below in accordance with applicable law: Confirmation of whether your data is being processed. You have the right to receive a confirmation on whether Anthropic processes your data.Access to your data. You have the right to know what personal data Anthropic processes about you. Correction of incomplete, inaccurate or outdated data. You have the right to request the correction of your data that is incomplete, inaccurate, or outdated. Anonymization, blocking or erasure of data. - Interpretation (disclaimed): Requires Brazilian residents to read supplemental disclosures in conjunction with the main Privacy Policy, establishes conflict-of-laws priority for supplemental disclosures, and specifies that lawful bases for processing may differ under Brazil's LGPD. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Brazil” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20These%20supplemental%20disclosures,erasure%20of%20data.%20 ### privacy data use — risk unknown > Anthropic may update this Privacy Policy from time to time. We will notify you of any material changes to this Privacy Policy, as appropriate, and update the Effective Date at the top of  https://www.anthropic.com/legal/privacy . You can view a summary of privacy policy changes and previous versions in our Privacy Center . - Interpretation (disclaimed): Establishes Anthropic's obligation to notify users of material changes to the Privacy Policy and to update the effective date, while providing a procedure for users to access previous versions, constituting a notification and transparency obligation. - Tier: All - Location: § 8 (Changes to Our Privacy Policy) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Anthropic%20may%20update,our%20Privacy%20Center%20. ### privacy data use — risk unknown > Cookies & Similar Technologies.  We and our service providers use cookies, scripts, or similar technologies (“ Cookies ”) to manage the Services and to collect information about you and your use of the Services. These technologies help us to recognize you, customize or personalize your experience, market additional products or services to you, and analyze the use of our Services to make them safer and more useful to you. For more details about how we use these technologies, and your opt-out controls and other options, please visit our  Cookie Policy . - Interpretation (disclaimed): This segment discloses Anthropic's use of cookies and similar technologies by itself and service providers for purposes including personalization, marketing, and analytics, and references opt-out controls in the Cookie Policy, constituting a procedural and disclosure obligation under applicable privacy law. - Tier: All - Location: Privacy Policy › “Personal data we receive automatically from your use of the Services” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Cookies%20%26%20Similar,our%20Cookie%20Policy%20. ### privacy data use — risk unknown > We collect the following categories of personal data: - Interpretation (disclaimed): Introduces the enumeration of personal data categories collected by Anthropic, serving as a definitional framing clause for the data collection practices described in subsequent segments. - Tier: All - Location: § 1 (Collection of Personal Data) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20We%20collect%20the,categories%20of%20personal%20data%3A ### privacy data use — risk unknown > Anthropic retains your personal data for as long as reasonably necessary for the purposes and criteria outlined in this Privacy Policy and explained further in our  privacy center . When the personal data collected is no longer required by us, we and our service providers will perform the necessary procedures for destroying, deleting, erasing, or converting it into an anonymous form as permitted or required under applicable laws. - Interpretation (disclaimed): This segment imposes an obligation on Anthropic to implement appropriate technical and organizational security measures to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, or destruction. - Tier: All - Location: § 6 (Data Retention, Data Lifecycle, and Security Controls) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Anthropic%20retains%20your,required%20under%20applicable%20laws. ### privacy data use — risk unknown > Cookies & Similar Technologies.  We and our service providers use cookies, scripts, or similar technologies (“ Cookies ”) to manage the Services and to collect information about you and your use of the Services. These technologies help us to recognize you, customize or personalize your experience, market additional products or services to you, and analyze the use of our Services to make them safer and more useful to you. For more details about how we use these technologies, and your opt-out controls and other options, please visit our  Cookie Policy . - Interpretation (disclaimed): Discloses Anthropic's and its service providers' use of cookies and similar tracking technologies to collect user data, manage services, personalize experience, and analyze usage, constituting a processing obligation disclosure with a reference to opt-out controls. - Tier: All - Location: Privacy Policy › “Personal data we receive automatically from your use of the Services” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Cookies%20%26%20Similar,our%20Cookie%20Policy%20. ### privacy data use — risk unknown > Entrusted Data Name, ID, phone number, email, address, and other information that you may provide to the domestic representative - Interpretation (disclaimed): Defines the categories of personal data (name, ID, phone number, email, address) entrusted to the domestic representative, establishing the scope of data subject to the transfer arrangement. - Tier: All - Location: Privacy Policy › “Trustees and Contacts Bae, Kim & Lee LLC (02-3404-0001)” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Entrusted%20Data%20Name%2C,the%20domestic%20representative%20 ### privacy data use — risk unknown > Consent (for example for precise device location or for health app integrations) - Interpretation (disclaimed): This segment defines 'Consent' as a legal basis for optional services and features, providing examples such as precise device location or health app integrations, which establishes the definitional scope of consent-based processing for these specific data categories. - Tier: All - Location: Privacy Policy › “Technical Information” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Consent%20(for%20example,for%20health%20app%20integrations) ### privacy data use — risk unknown > It is in our legitimate interests to fully understand and make reasonable efforts to resolve customer complaints in order to improve user satisfaction. We also have a legal obligation in some cases. - Interpretation (disclaimed): This segment articulates the legitimate interests rationale for dispute processing, stating that it is in Anthropic's legitimate interests to understand and resolve customer complaints to improve user satisfaction, and acknowledging a legal obligation in some cases, thereby providing the operative justification for this processing activity. - Tier: All - Location: Privacy Policy › “Legal obligation” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,in%20some%20cases.%20 ### privacy data use — risk unknown > Restriction: the right to restrict our processing of your personal data in certain circumstances. Withdrawal of consent.  Where Anthropic’s processing of your personal data is based on consent, you have the right to withdraw your consent. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. Automated decision-making : Anthropic does not engage in decision making based solely on automated processing or profiling in a manner which produces a legal effect (i.e., impacts your legal rights) or significantly affects you in a similar way (e.g., significantly affects your financial circumstances or ability to access essential goods or services). Sale & targeted Anthropic marketing of its products and services . Anthropic does not “sell” your personal data as that term is defined by applicable laws and regulations. You can opt-out of sharing your personal data for targeted advertising to promote our products and services, and we will honor global privacy controls. To learn more,  click here . Anthropic gives you access to a variety of tools to help you manage your data. You can access these in your Privacy Settings . - Interpretation (disclaimed): Establishes user rights to restrict processing, withdraw consent (with a limitation that withdrawal does not affect prior lawful processing), and declares that Anthropic does not engage in solely automated decision-making with legal or significant effects, constituting both rights and a restriction disclaimer. - Tier: All - Location: § 4 (Rights and Choices) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Restriction%3A%20the%20right,your%20Privacy%20Settings%20. ### privacy data use — risk unknown > To provide, maintain and facilitate optional services and features that enhance platform functionality and user experience Identity and Contact Data - Interpretation (disclaimed): This segment specifies the purpose of processing Identity and Contact Data for optional services and features that enhance platform functionality and user experience, establishing a permission to process this data under consent and legitimate interests legal bases. - Tier: All - Location: Privacy Policy › “Contract” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20To%20provide%2C%20maintain,Identity%20and%20Contact%20Data ### privacy data use — risk unknown > It is in our legitimate interests to protect user data and our systems from intrusion or compromise through monitoring and swift response. We also have a legal obligation to provide adequate security safeguards. To debug and to identify and repair errors that impair existing functionality Identity and Contact Data - Interpretation (disclaimed): Articulates the legitimate interest rationale for security monitoring and swift response, confirming both a legal obligation for security safeguards and a legitimate interest basis for processing personal data to debug and repair errors impairing functionality. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,Identity%20and%20Contact%20Data ### data retention — risk medium > You also are able to  delete individual conversations , which will be removed immediately from your conversation history and automatically deleted from our back-end within 30 days. - Interpretation (disclaimed): The 30-day back-end deletion window means personal data persists in Anthropic's systems for up to a month after user-initiated deletion. This window interacts with the training-use carve-outs, potentially allowing flagged content to be used for training before deletion is processed. - Tier: All - Location: § 4 (Rights and Choices) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=You%20also%20are%20able,back-end%20within%2030%20days. ### data retention — risk medium > Anthropic retains your personal data for as long as reasonably necessary for the purposes and criteria outlined in this Privacy Policy and explained further in our  privacy center . When the personal data collected is no longer required by us, we and our service providers will perform the necessary procedures for destroying, deleting, erasing, or converting it into an anonymous form as permitted or required under applicable laws. - Interpretation (disclaimed): GDPR Art. 5(1)(e) requires storage limitation with specific periods. 'Reasonably necessary' without defined timeframes is a compliance risk marker and limits user ability to predict how long their data is held. - Tier: All - Location: § 6 (Data Retention, Data Lifecycle, and Security Controls) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Anthropic%20retains%20your%20personal,required%20under%20applicable%20laws. ### data retention — risk unknown > If we terminate your Account due to inactivity, we will provide you with notice before doing so. Upon termination of these Terms, a Subscription, or your access to the Services, we may at our option delete any Materials or other data associated with your Account. Sections 6 (with respect to fees outstanding as of such expiration or termination) and 9 – 12 will survive any expiration or termination of our Terms or a Subscription. Severability.  If a particular Term or portion of these Terms is not valid or enforceable, this will have no effect on any other Terms. No waiver.  Any delay or failure on our part to enforce a provision of these Terms is not a waiver of our right to enforce them later. No assignment. These Terms may not be transferred or assigned by you without our prior written consent, but may be assigned by us without restriction. Use of our brand.  You may not, without our prior written permission, use our name, logos, or other trademarks in connection with products or services other than the Services, or in any other way that implies our affiliation, endorsement, or sponsorship. To seek permission, please email us at marketing@anthropic.com. Export Controls.  You may not export or provide access to the Services into any U.S. embargoed countries or to anyone on (i) the U.S. Treasury Department’s list of Specially Designated Nationals, (ii) any other restricted party lists identified by the Office of Foreign Asset Control, (iii) the U.S. - Interpretation (disclaimed): This segment specifies the procedure for termination due to inactivity (notice required), establishes the platform's discretionary right to delete user Materials and data upon termination, and identifies which contractual sections survive expiration or termination — directly governing data deletion and retention obligations post-termination. - Tier: All - Location: § 12 (General terms) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=If%20we%20terminate%20your,(iii)%20the%20U.S.%20 ### data retention — risk unknown > In certain cases and subject to applicable law, you have the right to port your information. Deletion: the right to request that we delete personal data collected from you when you use our Services, subject to certain exceptions. You also are able to  delete individual conversations , which will be removed immediately from your conversation history and automatically deleted from our back-end within 30 days. Learn more  here . Correction: the right to request that we correct inaccurate personal data Anthropic retains about you, subject to certain exceptions. Please note that we cannot guarantee the factual accuracy of Outputs. If Outputs contain factually inaccurate personal data relating to you, you can submit a correction request and we will make a reasonable effort to correct this information—but due to the technical complexity of our large language models, it may not always be possible for us to do so. Objection: the right to object to processing of your personal data, including profiling conducted on grounds of public or legitimate interest. In places where such a right applies, we will no longer process the personal data in case of such objection unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise or defense of legal claims. If we use your information for direct marketing, you can object and opt out of future direct marketing messages using the unsubscribe link in such communications. - Interpretation (disclaimed): This segment is a section heading introducing the data retention, lifecycle, and security controls section, contextualizing the definitions and obligations regarding retention periods and security measures that follow. - Tier: All - Location: § 4 (Rights and Choices) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=In%20certain%20cases%20and,in%20such%20communications.%20 ### data retention — risk unknown > If we link to a site or service via our Services, you should read their data usage policies or other documentation. Our linking to another site or service doesn’t mean we endorse it or speak for that third party. Pursuant to regulatory or legal requirements, safety, rights of others, and to enforce our rights or our terms.  We may disclose personal data to governmental regulatory authorities as required by law, including for legal, tax or accounting purposes, in response to their requests for such information or to assist in investigations. We may also disclose personal data to third parties in connection with claims, disputes or litigation, when otherwise permitted or required by law, or if we determine its disclosure is necessary to protect the health and safety of you or any other person, to protect against fraud or credit risk, to enforce our legal rights or the legal rights of others, to enforce contractual commitments that you have made, or as otherwise permitted or required by applicable law. With an individual's consent.  Anthropic will otherwise disclose personal data when an individual gives us permission or directs us to disclose this information, including as a part of our Services. You can find information on our  Subprocessor List  about the third parties Anthropic engages to help us process personal data provided to us where Anthropic acts as a data processor, such as with respect to personal data we receive, process, store, or host when you use Anthropic's commercial services. - Interpretation (disclaimed): This segment grants data subjects the right to data portability, the right to deletion of personal data (with a specific 30-day back-end deletion timeline for individual conversations), and the right to correction of inaccurate data, subject to exceptions, establishing enforceable individual rights and associated retention/deletion obligations. - Tier: All - Location: § 3 (How We Disclose Personal Data) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=If%20we%20link%20to,use%20Anthropic%26%23x27%3Bs%20commercial%20services. ### data retention — risk ambiguous > Retention period The period necessary to process your request - Interpretation (disclaimed): Vague retention language ('period necessary') provides no enforceable upper bound on how long the Korean subprocessor retains personal data, creating uncertainty about deletion timelines. - Tier: All - Location: Privacy Policy › “Retention period The period necessary to process your request” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Retention%20period%20The%20period,to%20process%20your%20request ### data retention — risk unknown > In certain cases and subject to applicable law, you have the right to port your information. Deletion: the right to request that we delete personal data collected from you when you use our Services, subject to certain exceptions. You also are able to  delete individual conversations , which will be removed immediately from your conversation history and automatically deleted from our back-end within 30 days. Learn more  here . Correction: the right to request that we correct inaccurate personal data Anthropic retains about you, subject to certain exceptions. Please note that we cannot guarantee the factual accuracy of Outputs. If Outputs contain factually inaccurate personal data relating to you, you can submit a correction request and we will make a reasonable effort to correct this information—but due to the technical complexity of our large language models, it may not always be possible for us to do so. Objection: the right to object to processing of your personal data, including profiling conducted on grounds of public or legitimate interest. In places where such a right applies, we will no longer process the personal data in case of such objection unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise or defense of legal claims. If we use your information for direct marketing, you can object and opt out of future direct marketing messages using the unsubscribe link in such communications. - Interpretation (disclaimed): Establishes user rights to data portability, deletion, and correction of personal data, and specifies a concrete procedure and timeline (removal from conversation history immediately, deletion from back-end within 30 days) for exercising deletion rights, constituting a data retention and deletion procedure. - Tier: All - Location: § 4 (Rights and Choices) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=In%20certain%20cases%20and,in%20such%20communications.%20 ### data retention — risk unknown > Restriction: the right to restrict our processing of your personal data in certain circumstances. Withdrawal of consent.  Where Anthropic’s processing of your personal data is based on consent, you have the right to withdraw your consent. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. Automated decision-making : Anthropic does not engage in decision making based solely on automated processing or profiling in a manner which produces a legal effect (i.e., impacts your legal rights) or significantly affects you in a similar way (e.g., significantly affects your financial circumstances or ability to access essential goods or services). Sale & targeted Anthropic marketing of its products and services . Anthropic does not “sell” your personal data as that term is defined by applicable laws and regulations. You can opt-out of sharing your personal data for targeted advertising to promote our products and services, and we will honor global privacy controls. To learn more,  click here . Anthropic gives you access to a variety of tools to help you manage your data. You can access these in your Privacy Settings . - Interpretation (disclaimed): This segment establishes Anthropic's obligation to retain personal data only as long as reasonably necessary for stated purposes and to destroy, delete, erase, or anonymize data when no longer required, imposing enforceable retention and deletion obligations on Anthropic and its service providers. - Tier: All - Location: § 4 (Rights and Choices) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Restriction%3A%20the%20right,your%20Privacy%20Settings%20. ### data retention — risk unknown > Anthropic retains your personal data for as long as reasonably necessary for the purposes and criteria outlined in this Privacy Policy and explained further in our  privacy center . When the personal data collected is no longer required by us, we and our service providers will perform the necessary procedures for destroying, deleting, erasing, or converting it into an anonymous form as permitted or required under applicable laws. - Interpretation (disclaimed): Establishes Anthropic's obligation to retain personal data only as long as reasonably necessary and to destroy, delete, erase, or anonymize data when no longer required, constituting a binding data retention and deletion obligation for both Anthropic and its service providers. - Tier: All - Location: § 6 (Data Retention, Data Lifecycle, and Security Controls) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Anthropic%20retains%20your,required%20under%20applicable%20laws. ### subprocessors data sharing — risk medium > By providing us with personal data, you acknowledge and agree that your personal data may be transferred or disclosed to other jurisdictions for processing and storage outside of Canada, including to the United States and the countries listed on our  Subprocessor List , where laws regarding the protection of personal data may be less stringent than the laws in your jurisdiction. Furthermore, we may disclose your personal data in these jurisdictions in response to legal processes or where we believe in good faith that disclosure is required or permitted by law. - Interpretation (disclaimed): This clause creates broad consent to cross-border data transfers to jurisdictions potentially lacking equivalent privacy protections, and permits disclosure to authorities on a subjective 'good faith' standard—reducing user control over their data. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Canada” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=By%20providing%20us%20with,or%20permitted%20by%20law. ### subprocessors data sharing — risk medium > You acknowledge that Anthropic is a company based and headquartered in the United States. Any information we hold about you will be transferred to, used, processed, and stored in the United States and other countries and territories, which may not have data privacy or data protection laws equivalent to those in your country or territory. - Interpretation (disclaimed): Transferring personal data to jurisdictions with weaker legal protections exposes users to reduced privacy rights and enforcement options. The explicit acknowledgment of this gap is notable from a risk perspective. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Brazil” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=You%20acknowledge%20that%20Anthropic,your%20country%20or%20territory. ### subprocessors data sharing — risk medium > Affiliates & corporate partners.  Anthropic discloses the categories of personal data described above between and among its affiliates and related entities. Service providers & business partners.  Anthropic may disclose the categories of personal data described above with service providers and business partners for a variety of business purposes, including website and data hosting, ensuring compliance with industry standards, research, auditing, data processing, and providing you with the services. - Interpretation (disclaimed): Broad disclosure authority to affiliates and third-party service providers/business partners with a non-exhaustive list of purposes (including 'research') creates uncertainty about who receives personal data and for what purposes. - Tier: All - Location: § 3 (How We Disclose Personal Data) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Affiliates%20%26%20corporate%20partners.,you%20with%20the%20services. ### subprocessors data sharing — risk medium > As part of a significant corporate event.  If Anthropic is involved in a merger, corporate transaction, bankruptcy, or other situation involving the transfer of business assets, Anthropic will disclose your personal data as part of these corporate transactions. - Interpretation (disclaimed): Standard M&A data transfer clause; however, combined with the breadth of data collected (inputs, outputs, usage data), the volume and sensitivity of data transferable without user consent is notable. - Tier: All - Location: § 3 (How We Disclose Personal Data) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=As%20part%20of%20a,of%20these%20corporate%20transactions. ### subprocessors data sharing — risk medium > Standard contractual clauses.   The European Commission has approved contractual clauses under Article 46 GDPR that allows companies in the EEA to transfer data outside the EEA. These (and their approved equivalent for the UK and Switzerland) are called standard contractual clauses. We rely on standard contractual clauses to transfer information as described in “Collection of Personal Data” to certain affiliates and third parties in countries without an adequacy decision. - Interpretation (disclaimed): SCCs are a recognized GDPR Art. 46 transfer mechanism but require a Transfer Impact Assessment post-Schrems II. The policy does not specify which countries or sub-processors receive the data, limiting user ability to assess risk. - Tier: All - Location: § 5 (Data Transfers) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Standard%20contractual%20clauses.%20The,without%20an%20adequacy%20decision. ### subprocessors data sharing — risk low > You can find information on our  Subprocessor List  about the third parties Anthropic engages to help us process personal data provided to us where Anthropic acts as a data processor, such as with respect to personal data we receive, process, store, or host when you use Anthropic's commercial services. - Interpretation (disclaimed): The policy references an external subprocessor list rather than enumerating subprocessors. While common practice, it limits users' ability to assess data-sharing scope from this document alone. - Tier: All - Location: § 3 (How We Disclose Personal Data) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=You%20can%20find%20information,use%20Anthropic%26%23x27%3Bs%20commercial%20services. ### subprocessors data sharing — risk low > Trustees and Contacts Bae, Kim & Lee LLC (02-3404-0001) Entrusted Data Name, ID, phone number, email, address, and other information that you may provide to the domestic representative Purpose Assisting with the domestic representative duties Recipient Location South Korea Retention period The period necessary to process your request Times and methods of transfer Telephone, text, or email - Interpretation (disclaimed): Korean law (PIPA) requires disclosure of domestic data processing trustees. The clause is a compliance disclosure rather than a risk-generating provision, and the data shared is limited to contact/representative-related data. - Tier: All - Location: Privacy Policy › “Trustees and Contacts Bae, Kim & Lee LLC (02-3404-0001)” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Trustees%20and%20Contacts%20Bae%2C,Telephone%2C%20text%2C%20or%20email ### subprocessors data sharing — risk unknown > If you live in the European Economic Area (EEA), UK or Switzerland (the “European Region”), the data controller responsible for your personal data is Anthropic Ireland, Limited. If you live outside the European Region, the data controller responsible for your personal data is Anthropic PBC. If you have any questions about this Privacy Policy, or have any questions, complaints or requests regarding your personal data, you can contact us as described below: Anthropic PBC with a registered address at 548 Market St, PMB 90375, San Francisco, CA 94104 (United States). Anthropic Ireland, Limited with a registered address at 6th Floor, South Bank House, Barrow Street. Dublin 4, D04 TR29 (Ireland). You can email us at  privacy@anthropic.com  and contact our Data Protection Officer at  dpo@anthropic.com . Please note that under many countries' laws, you have the right to lodge a complaint with the supervisory authority in the place in which you live or work. A full list of EU supervisory authorities’ contact details is available  here . If you live or work in the UK, you have the right to lodge a complaint with the  UK Information Commissioner’s Office . If you live in Brazil, you have the right to lodge a complaint with the  Brazilian Data Protection Authority (ANPD) .If you live in Australia, you have the right to lodge a complaint with the Office of the Australian Information Commissioner . - Interpretation (disclaimed): This segment defines the data controllers responsible for processing personal data depending on the user's geographic region (EEA/UK/Switzerland vs. outside), establishing the legal identity of the responsible entity and providing contact details for privacy inquiries, which is a foundational definition for data processing accountability obligations. - Tier: All - Location: § 9 (Contact Information) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20If%20you%20live,Australian%20Information%20Commissioner%20. ### subprocessors data sharing — risk unknown > Email: [anthropicprivacy@bkl.co.kr] Data Processors: - Interpretation (disclaimed): Introduces the category 'Data Processors' for Korean residents, defining the class of third-party entities that process personal data on Anthropic's behalf and initiating required disclosures under Korean data protection law. - Tier: All - Location: Privacy Policy › “Telephone: [+82-2-6252-2080]” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Email%3A%20%5Banthropicprivacy%40bkl.co.kr%5D%0A%20Data%20Processors%3A ### subprocessors data sharing — risk unknown > If we link to a site or service via our Services, you should read their data usage policies or other documentation. Our linking to another site or service doesn’t mean we endorse it or speak for that third party. Pursuant to regulatory or legal requirements, safety, rights of others, and to enforce our rights or our terms.  We may disclose personal data to governmental regulatory authorities as required by law, including for legal, tax or accounting purposes, in response to their requests for such information or to assist in investigations. We may also disclose personal data to third parties in connection with claims, disputes or litigation, when otherwise permitted or required by law, or if we determine its disclosure is necessary to protect the health and safety of you or any other person, to protect against fraud or credit risk, to enforce our legal rights or the legal rights of others, to enforce contractual commitments that you have made, or as otherwise permitted or required by applicable law. With an individual's consent.  Anthropic will otherwise disclose personal data when an individual gives us permission or directs us to disclose this information, including as a part of our Services. You can find information on our  Subprocessor List  about the third parties Anthropic engages to help us process personal data provided to us where Anthropic acts as a data processor, such as with respect to personal data we receive, process, store, or host when you use Anthropic's commercial services. - Interpretation (disclaimed): Discloses that personal data may be shared with governmental authorities pursuant to legal requirements, safety concerns, or enforcement of rights, establishing legal compulsion and rights-enforcement as legitimate bases for third-party disclosure, including limiting Anthropic's liability for third-party linked sites. - Tier: All - Location: § 3 (How We Disclose Personal Data) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=If%20we%20link%20to,use%20Anthropic%26%23x27%3Bs%20commercial%20services. ### subprocessors data sharing — risk unknown > Email: [anthropicprivacy@bkl.co.kr] Data Processors: - Interpretation (disclaimed): Introduces 'Data Processors' as a section label for Korea-specific disclosure of subprocessors or data processors, beginning the enumeration of entities that process personal data on Anthropic's behalf as required under Korean data protection law. - Tier: All - Location: Privacy Policy › “Telephone: [+82-2-6252-2080]” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Email%3A%20%5Banthropicprivacy%40bkl.co.kr%5D%0A%20Data%20Processors%3A ### subprocessors data sharing — risk unknown > Furthermore, we may disclose your personal data in these jurisdictions in response to legal processes or where we believe in good faith that disclosure is required or permitted by law. Contact. If you have any questions or comments about our processing of your personal data, or to exercise your rights as outlined in Section 4. (“Rights and Choices”), please contact us at privacy@anthropic.com. - Interpretation (disclaimed): Permits Anthropic to disclose Canadian residents' personal data to third jurisdictions in response to legal processes or where disclosure is required or permitted by law, and provides a contact mechanism for exercising privacy rights. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Canada” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Furthermore%2C%20we%20may%20disclose,contact%20us%20at%20privacy%40anthropic.com. ### subprocessors data sharing — risk unknown > International Data Transfers. You acknowledge that Anthropic is a company based and headquartered in the United States. Any information we hold about you will be transferred to, used, processed, and stored in the United States and other countries and territories, which may not have data privacy or data protection laws equivalent to those in your country or territory. For the proper operation of the Services, Anthropic needs to carry out international transfers of personal data. In the case of Brazil, we will rely on standard contractual clauses (SCCs) for our data transfers where required and in instances where they are not covered by an adequacy decision. These SCCs have been approved by the Brazilian Data Protection Authority (ANPD), which is the "competent supervisory authority" for these transfers, as governed by Brazilian Data Protection Laws. You can view the SCCs adopted by the ANPD here . - Interpretation (disclaimed): Discloses that personal data of Brazilian residents will be transferred to and stored in the United States and other countries, and obligates Anthropic to rely on Standard Contractual Clauses (SCCs) for international data transfers where required under Brazilian law, establishing a transfer mechanism obligation. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Brazil” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20International%20Data%20Transfers.,the%20ANPD%20here%20. ### subprocessors data sharing — risk unknown > We use your personal data for the following purposes: To provide, maintain and facilitate any products and services offered to you with respect to your Anthropic account, which are governed by our Terms of Service; To provide, maintain and facilitate optional services and features that enhance platform functionality and user experience; To communicate with you, including to send you information about our Services and events; To create and administer your Anthropic account; To facilitate payments for products and services provided by Anthropic; To prevent and investigate fraud, abuse, and violations of our  Usage Policy , unlawful or criminal activity, unauthorized access to or use of personal data or Anthropic systems and networks, to protect our rights and the rights of others, and to meet legal, governmental and institutional policy obligations; To investigate and resolve disputes; To investigate and resolve security issues; To debug and to identify and repair errors that impair existing functionality To improve the Services and conduct research, including training our models; and To enforce our  Terms of Service  and similar terms and agreements, including our  Usage Policy . We may use your Inputs and Outputs to train our models and improve our Services, unless you opt out through your account settings. Even if you opt-out, we will use Inputs and Outputs for model improvement when: (1) your conversations are flagged for safety review to improve our ability to detect harmful content, enforce our policies, or advance AI safety research, or (2) you've explicitly reported the materials to us (for example via our feedback mechanisms). Please see Section 10 below for details of our legal bases for processing your personal data. - Interpretation (disclaimed): This segment discloses the categories of third parties to whom Anthropic discloses personal data, including affiliates, service providers, and business partners, and the purposes for such disclosures, establishing Anthropic's data sharing framework and obligations regarding third-party disclosures. - Tier: All - Location: § 2 - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20We%20use%20your,processing%20your%20personal%20data. ### subprocessors data sharing — risk unknown > Anthropic will disclose personal data to the following categories of third parties for the purposes explained in this Policy: Affiliates & corporate partners.  Anthropic discloses the categories of personal data described above between and among its affiliates and related entities. Service providers & business partners.  Anthropic may disclose the categories of personal data described above with service providers and business partners for a variety of business purposes, including website and data hosting, ensuring compliance with industry standards, research, auditing, data processing, and providing you with the services. Anthropic may also disclose personal data in the following circumstances: As part of a significant corporate event.  If Anthropic is involved in a merger, corporate transaction, bankruptcy, or other situation involving the transfer of business assets, Anthropic will disclose your personal data as part of these corporate transactions. Third-Party Websites and Services:  Our Services may involve integrations with, or may direct you to, websites, apps, and services managed by third parties. By interacting with these third parties, you are providing information directly to the third party and not Anthropic and subject to the third party’s privacy policy.If you access third-party services, such as social media sites or other sites linked through the Services (e.g., if you follow a link to our Twitter account), these third-party services will be able to collect personal data about you, including information about your activity on the Services. - Interpretation (disclaimed): Identifies categories of third parties to whom Anthropic discloses personal data, including affiliates and service providers/business partners, and specifies the business purposes for such disclosures, establishing the legal framework for third-party data sharing and subprocessor relationships. - Tier: All - Location: § 3 (How We Disclose Personal Data) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Anthropic%20will%20disclose,on%20the%20Services.%20 ### subprocessors data sharing — risk unknown > International Data Transfers. You acknowledge that Anthropic is a company based and headquartered in the United States. Any information we hold about you will be transferred to, used, processed, and stored in the United States and other countries and territories, which may not have data privacy or data protection laws equivalent to those in your country or territory. For the proper operation of the Services, Anthropic needs to carry out international transfers of personal data. In the case of Brazil, we will rely on standard contractual clauses (SCCs) for our data transfers where required and in instances where they are not covered by an adequacy decision. These SCCs have been approved by the Brazilian Data Protection Authority (ANPD), which is the "competent supervisory authority" for these transfers, as governed by Brazilian Data Protection Laws. You can view the SCCs adopted by the ANPD here . - Interpretation (disclaimed): Discloses that personal data of Brazilian residents will be transferred to and processed in the United States and other countries, acknowledges potential lack of equivalent data protection laws, and specifies reliance on standard contractual clauses (SCCs) as the transfer mechanism where required. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Brazil” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20International%20Data%20Transfers.,the%20ANPD%20here%20. ### subprocessors data sharing — risk unknown > Furthermore, we may disclose your personal data in these jurisdictions in response to legal processes or where we believe in good faith that disclosure is required or permitted by law. Contact. If you have any questions or comments about our processing of your personal data, or to exercise your rights as outlined in Section 4. (“Rights and Choices”), please contact us at privacy@anthropic.com. - Interpretation (disclaimed): Grants Anthropic permission to disclose personal data of Canadian residents to foreign jurisdictions in response to legal processes or where disclosure is required or permitted by law, and provides a contact mechanism for exercising rights, establishing both a disclosure permission and a procedural right. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Canada” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Furthermore%2C%20we%20may%20disclose,contact%20us%20at%20privacy%40anthropic.com. ### audit rights dpa residency — risk medium > When you access our website or Services, your personal data may be transferred to our servers in the US, or to other countries outside the European Economic Area ( “EEA” ) and the UK. This may be a direct provision of your personal data to us, or a transfer that we or a third party make. - Interpretation (disclaimed): EEA/UK users have no stated option to keep data within their jurisdiction. US storage subjects data to US government access laws (e.g., CLOUD Act, FISA 702), which is a risk factor under GDPR adequacy assessments. - Tier: All - Location: § 5 (Data Transfers) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=When%20you%20access%20our,a%20third%20party%20make. ### audit rights dpa residency — risk low > In the case of Brazil, we will rely on standard contractual clauses (SCCs) for our data transfers where required and in instances where they are not covered by an adequacy decision. These SCCs have been approved by the Brazilian Data Protection Authority (ANPD), which is the "competent supervisory authority" for these transfers, as governed by Brazilian Data Protection Laws. - Interpretation (disclaimed): Use of SCCs approved by the Brazilian data protection authority (ANPD) is a standard LGPD compliance mechanism for international transfers; this is a positive safeguard for Brazilian residents. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Brazil” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=In%20the%20case%20of,Brazilian%20Data%20Protection%20Laws. ### audit rights dpa residency — risk unknown > Depending on where you live and the laws that apply in your country of residence, you may enjoy certain rights regarding your personal data, as described further below. However, please be aware that these rights are limited, and that the process by which we may need to action your requests regarding our training dataset are complex. We may also decline a request if we have a lawful reason for doing so. That said, we strive to prioritize the protection of personal data, and comply with all applicable privacy laws. To exercise your rights, you or an authorized agent may submit a request by emailing us at  privacy@anthropic.com . After we receive your request, we may verify it by requesting information sufficient to confirm your identity. You may also have the right to appeal requests that we deny by emailing  privacy@anthropic.com . Anthropic will not discriminate based on the exercising of privacy rights you may have. Set out below is a summary of the rights which you may enjoy, depending on the laws that apply in your country of residence. Right to know:  the right to know what personal data Anthropic processes about you, including the categories of personal data, the categories of sources from which it is collected, the business or commercial purposes for collection, and the categories of third parties to whom we disclose it. Access & data portability: the right to request a copy of the personal data Anthropic processes about you, subject to certain exceptions and conditions. - Interpretation (disclaimed): This segment describes the mechanisms by which Anthropic ensures adequate protection for cross-border personal data transfers outside the EEA and UK, including adequacy decisions under GDPR Article 45, establishing procedural and compliance obligations for international data transfers. - Tier: All - Location: § 4 (Rights and Choices) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20Depending%20on%20where,exceptions%20and%20conditions.%20 ### audit rights dpa residency — risk unknown > You have the right to request the anonymisation, blocking or erasure of data that is unnecessary, excessive or processed in non-compliance with the provisions of the law. Portability of personal data to a third party. You have the right to request portability of your data to a third-party, as long as this does not infringe on our trade secrets. Information of public and private entities with which we shared data. You have the right to request information of public and private entities with which we have shared your data. Information about the possibility to refuse to provide consent and the respective consequences, when applicable. Withdrawal of your consent. You have the right to withdraw your consent. This procedure will be carried out free of charge. Request a review of decisions made solely based on automated processing of personal data. Please keep in mind that these rights are not absolute and may not apply in certain circumstances. For example, in certain cases we may continue to process and retain data regardless of your request for deletion, objection, blocking or anonymisation, in order to comply with legal, contractual and regulatory obligations, safeguard and exercise rights, including in judicial, administrative and arbitration proceedings and in other cases provided for by law. - Interpretation (disclaimed): Grants Brazilian residents specific LGPD rights including anonymisation, blocking or erasure of unnecessary or excessive data, data portability to third parties (subject to trade secret limits), information about entities with whom data was shared, and information about the right to refuse consent, establishing enforceable data subject rights. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Brazil” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=You%20have%20the%20right,provided%20for%20by%20law. ### audit rights dpa residency — risk ambiguous > You can find information on our  Subprocessor List  about the third parties Anthropic engages to help us process personal data provided to us where Anthropic acts as a data processor, such as with respect to personal data we receive, process, store, or host when you use Anthropic's commercial services. - Interpretation (disclaimed): The policy is silent on user or customer audit rights, formal DPA arrangements, and data residency controls. This is a gap relevant especially to enterprise customers and regulated-industry users. - Tier: All - Location: § 3 (How We Disclose Personal Data) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=You%20can%20find%20information,use%20Anthropic%26%23x27%3Bs%20commercial%20services. ### audit rights dpa residency — risk unknown > These supplemental disclosures contain additional information relevant to residents of Canada. This content should be read in conjunction with the rest of our Privacy Policy. In case of conflict between our Privacy Policy and these supplemental disclosures, the supplemental disclosures shall prevail in relation to residents of Canada. Consent. By expressly consenting to this Privacy Policy, you confirm you have read, understand, and consent to the collection, use, processing, and disclosure of your personal data in accordance with this Privacy Policy and understand that, in jurisdictions where it is available, Anthropic also relies on other lawful bases for the foregoing as more fully set out in this policy. We will only collect, use and disclose your personal data with your consent, unless otherwise permitted or required by law. Your consent may be given expressly or implied, depending on the circumstances and the sensitivity of the information involved. You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Cross-jurisdictional Transfers. By providing us with personal data, you acknowledge and agree that your personal data may be transferred or disclosed to other jurisdictions for processing and storage outside of Canada, including to the United States and the countries listed on our  Subprocessor List , where laws regarding the protection of personal data may be less stringent than the laws in your jurisdiction. - Interpretation (disclaimed): Requires Canadian residents to expressly consent to the collection, use, processing, and disclosure of their personal data in accordance with the Privacy Policy, establishing a consent obligation and noting that the supplemental disclosures prevail over the main policy in case of conflict. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Canada” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20These%20supplemental%20disclosures,in%20your%20jurisdiction.%20 ### audit rights dpa residency — risk unknown > When you access our website or Services, your personal data may be transferred to our servers in the US, or to other countries outside the European Economic Area ( “EEA” ) and the UK. This may be a direct provision of your personal data to us, or a transfer that we or a third party make. Where information is transferred outside the EEA or the UK, we ensure it benefits from an adequate level of data protection by relying on: Adequacy decisions.   These are decisions from the European Commission under Article 45 GDPR (or equivalent decisions under other laws) where they recognise that a country outside of the EEA offers an adequate level of data protection. We transfer your information as described in “Collection of Personal Data” to some countries with adequacy decisions, such as the countries listed  here ; or Standard contractual clauses.   The European Commission has approved contractual clauses under Article 46 GDPR that allows companies in the EEA to transfer data outside the EEA. These (and their approved equivalent for the UK and Switzerland) are called standard contractual clauses. We rely on standard contractual clauses to transfer information as described in “Collection of Personal Data” to certain affiliates and third parties in countries without an adequacy decision. In certain situations, we rely on derogations provided for under applicable data protection law to transfer information to a third country. - Interpretation (disclaimed): Discloses that personal data may be transferred to the US or countries outside the EEA/UK and identifies the legal mechanisms (adequacy decisions under Article 45 GDPR) relied upon to ensure adequate data protection for international transfers, constituting a compliance obligation under data protection law. - Tier: All - Location: § 5 (Data Transfers) - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20When%20you%20access,to%20a%20third%20country. ### audit rights dpa residency — risk unknown > The domestic representative of Anthropic PBC for data protection and related regulatory purposes under Article 31-2 of the Personal Information Protection Act and Article 32-5 of the Act on Promotion of Information and Communications Network Utilization and Data Protection, Etc. in the Republic of Korea is as follows: Entity Name and Representative: Anthropic Korea, Limited (Representative Patrick Azubike Ekeruo) Registered Address: (Yeoksam-dong), 41F, 152 Teheran-ro, Gangnam-gu, Seoul, South Korea - Interpretation (disclaimed): Identifies Anthropic Korea, Limited as the mandatory domestic representative under Article 31-2 of Korea's Personal Information Protection Act and Article 32-5 of the Network Act, disclosing the entity name, representative, and registered address to satisfy Korean legal compliance obligations. - Tier: All - Location: Privacy Policy › “Domestic Representative in the Republic of Korea” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20The%20domestic%20representative,Gangnam-gu%2C%20Seoul%2C%20South%20Korea ### audit rights dpa residency — risk unknown > These supplemental disclosures contain additional information relevant to residents of Brazil. This content should be read in conjunction with the rest of our Privacy Policy. In case of conflict between our Privacy Policy and these supplemental disclosures, the supplemental disclosures shall prevail in relation to residents of Brazil. Legal Bases. Depending on the specific purpose of the processing, we may rely on different grounds than those listed under section 2, where permitted by and in accordance with the Brazilian General Data Protection Law (LGPD). For example, we may rely on the "exercise of legal rights" basis to process personal data associated with customer complaints and to enforce our Terms of Service and similar terms and agreements, including our Usage Policy. Data Subject's Rights. LGPD grants certain rights regarding your personal data, which differ from the ones listed under section 4. We will respond to your requests to exercise your rights below in accordance with applicable law: Confirmation of whether your data is being processed. You have the right to receive a confirmation on whether Anthropic processes your data.Access to your data. You have the right to know what personal data Anthropic processes about you. Correction of incomplete, inaccurate or outdated data. You have the right to request the correction of your data that is incomplete, inaccurate, or outdated. Anonymization, blocking or erasure of data. - Interpretation (disclaimed): Establishes that processing of Brazilian residents' data will rely on legal bases permitted under the LGPD, which may differ from those stated in the main policy, creating a legal obligation to comply with Brazilian data protection law and prevail over conflicting policy terms. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Brazil” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20These%20supplemental%20disclosures,erasure%20of%20data.%20 ### audit rights dpa residency — risk unknown > If you are located in Canada, Brazil, or the Republic of Korea, please read the relevant Regional Supplemental Disclosure which applies to you. If you are located in Washington or a state with similar consumer health data laws, please read our Consumer Health Data Privacy Policy which applies to you if you integrate third party health applications with Claude. - Interpretation (disclaimed): This segment incorporates by reference Regional Supplemental Disclosures for Canada, Brazil, and South Korea, as well as a Consumer Health Data Privacy Policy, directing affected users to additional legally operative supplemental documents that impose jurisdiction-specific obligations. - Tier: All - Location: Privacy Policy › “Privacy Policy \ Anthropic” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20If%20you%20are,health%20applications%20with%20Claude. ### audit rights dpa residency — risk unknown > The domestic representative of Anthropic PBC for data protection and related regulatory purposes under Article 31-2 of the Personal Information Protection Act and Article 32-5 of the Act on Promotion of Information and Communications Network Utilization and Data Protection, Etc. in the Republic of Korea is as follows: Entity Name and Representative: Anthropic Korea, Limited (Representative Patrick Azubike Ekeruo) Registered Address: (Yeoksam-dong), 41F, 152 Teheran-ro, Gangnam-gu, Seoul, South Korea - Interpretation (disclaimed): Identifies Anthropic Korea, Limited (representative Patrick Azubike Ekeruo) as the designated domestic representative under Article 31-2 of the Personal Information Protection Act and Article 32-5 of the Act on Promotion of Information and Communications Network Utilization, fulfilling a mandatory legal obligation under Korean data protection law. - Tier: All - Location: Privacy Policy › “Domestic Representative in the Republic of Korea” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20The%20domestic%20representative,Gangnam-gu%2C%20Seoul%2C%20South%20Korea ### audit rights dpa residency — risk unknown > If you are located in Canada, Brazil, or the Republic of Korea, please read the relevant Regional Supplemental Disclosure which applies to you. If you are located in Washington or a state with similar consumer health data laws, please read our Consumer Health Data Privacy Policy which applies to you if you integrate third party health applications with Claude. - Interpretation (disclaimed): Incorporates by reference Regional Supplemental Disclosures for Canada, Brazil, and Republic of Korea, and the Consumer Health Data Privacy Policy for Washington-state users, making those external documents operative parts of the privacy framework for applicable individuals. - Tier: All - Location: Privacy Policy › “Privacy Policy \ Anthropic” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20If%20you%20are,health%20applications%20with%20Claude. ### audit rights dpa residency — risk unknown > You have the right to request the anonymisation, blocking or erasure of data that is unnecessary, excessive or processed in non-compliance with the provisions of the law. Portability of personal data to a third party. You have the right to request portability of your data to a third-party, as long as this does not infringe on our trade secrets. Information of public and private entities with which we shared data. You have the right to request information of public and private entities with which we have shared your data. Information about the possibility to refuse to provide consent and the respective consequences, when applicable. Withdrawal of your consent. You have the right to withdraw your consent. This procedure will be carried out free of charge. Request a review of decisions made solely based on automated processing of personal data. Please keep in mind that these rights are not absolute and may not apply in certain circumstances. For example, in certain cases we may continue to process and retain data regardless of your request for deletion, objection, blocking or anonymisation, in order to comply with legal, contractual and regulatory obligations, safeguard and exercise rights, including in judicial, administrative and arbitration proceedings and in other cases provided for by law. - Interpretation (disclaimed): Grants Brazilian residents the right to request anonymisation, blocking, or erasure of unnecessary or excessive data; portability to third parties subject to trade secret protection; and information about entities with whom their data has been shared, as well as information about consent refusal consequences. - Tier: All - Location: Privacy Policy › “Supplemental Disclosures for Residents of Brazil” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=You%20have%20the%20right,provided%20for%20by%20law. ### indemnity liability — risk high > You agree that (a) no adequate remedy exists at law if you breach Section 3 (Use of Our Services); (b) it would be difficult to determine the damages resulting from such breach, and any such breach would cause irreparable harm; and (c) a grant of injunctive relief provides the best remedy for any such breach. You waive any opposition to such injunctive relief, as well as any demand that we prove actual damage or post a bond or other security in connection with such injunctive relief. - Interpretation (disclaimed): This clause is a pre-agreed stipulation for injunctive relief. By accepting these Terms, users concede irreparable harm and waive procedural safeguards (proof of actual damage, bond requirement) that courts would otherwise impose before granting an injunction. This materially weakens user defenses in any enforcement action related to acceptable use. - Tier: All - Location: § 13 (In case of disputes) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=You%20agree%20that%20(a),with%20such%20injunctive%20relief. ### indemnity liability — risk unknown > Our team works hard to provide great services, and we’re continuously working on improvements. However, there are certain aspects we can’t guarantee. We are using ALL CAPS to explain this, to make sure that you see it. YOUR USE OF THE SERVICES, MATERIALS, AND ACTIONS IS SOLELY AT YOUR OWN RISK. THE SERVICES, OUTPUTS, AND ACTIONS ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS AND, TO THE FULLEST EXTENT PERMISSIBLE UNDER APPLICABLE LAW, ARE PROVIDED WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY. WE AND OUR PROVIDERS EXPRESSLY DISCLAIM ANY AND ALL WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, TITLE, MERCHANTABILITY, ACCURACY, AVAILABILITY, RELIABILITY, SECURITY, PRIVACY, COMPATIBILITY, NON-INFRINGEMENT, AND ANY WARRANTY IMPLIED BY COURSE OF DEALING, COURSE OF PERFORMANCE, OR TRADE USAGE. TO THE FULLEST EXTENT PERMISSIBLE UNDER APPLICABLE LAW, IN NO EVENT WILL WE, OUR PROVIDERS, OR OUR OR THEIR RESPECTIVE AFFILIATES, INVESTORS, DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, SUCCESSORS OR ASSIGNS (COLLECTIVELY, THE “ANTHROPIC PARTIES”), BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR OTHER DAMAGES ARISING OUT OF OR IN ANY WAY RELATED TO THE SERVICES, THE MATERIALS, THE ACTIONS, OR THESE TERMS, WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR OTHER THEORY, EVEN IF ANY ANTHROPIC PARTIES HAVE BEEN ADVISED OF THE POSSIBILITY OF DAMAGES, AND EVEN IF THE DAMAGES ARE FORESEEABLE. - Interpretation (disclaimed): This segment disclaims all warranties—express, implied, and statutory—with respect to the Services, Outputs, and Actions, placing all risk of use on the user and explicitly disclaiming fitness for purpose warranties on behalf of Anthropic and its Providers. - Tier: All - Location: § 11 (Disclaimer of warranties, limitations of liability, and indemnity) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Our%20team%20works,DAMAGES%20ARE%20FORESEEABLE.%20 ### indemnity liability — risk unknown > TO THE FULLEST EXTENT PERMISSIBLE UNDER APPLICABLE LAW, THE ANTHROPIC PARTIES’ TOTAL AGGREGATE LIABILITY TO YOU FOR ALL DAMAGES, LOSSES AND CAUSES OF ACTION ARISING OUT OF OR IN ANY WAY RELATED TO THE SERVICES, THE MATERIALS, THE ACTIONS, OR THESE TERMS, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE, WILL NOT EXCEED THE GREATER OF THE AMOUNT YOU PAID TO US FOR ACCESS TO OR USE OF THE SERVICES (IF ANY) IN THE SIX MONTHS PRECEDING THE DATE SUCH DAMAGES, LOSSES, AND CAUSES OF ACTION FIRST AROSE, AND $100. THE FOREGOING LIMITATIONS ARE ESSENTIAL TO THESE TERMS, AND WE WOULD NOT OFFER THE SERVICES TO YOU UNDER THESE TERMS WITHOUT THESE LIMITATIONS. YOU AGREE TO INDEMNIFY AND HOLD HARMLESS THE ANTHROPIC PARTIES FROM AND AGAINST ANY AND ALL LIABILITIES, CLAIMS, DAMAGES, EXPENSES (INCLUDING REASONABLE ATTORNEYS’ FEES AND COSTS), AND OTHER LOSSES ARISING OUT OF OR RELATED TO YOUR BREACH OR ALLEGED BREACH OF THESE TERMS; YOUR ACCESS TO, USE OF, OR ALLEGED USE OF THE SERVICES, THE MATERIALS, OR THE ACTIONS; YOUR FEEDBACK; ANY PRODUCTS OR SERVICES THAT YOU DEVELOP, OFFER, OR OTHERWISE MAKE AVAILABLE USING OR OTHERWISE IN CONNECTION WITH THE SERVICES; YOUR VIOLATION OF APPLICABLE LAW OR ANY THIRD-PARTY RIGHT; AND ANY ACTUAL OR ALLEGED FRAUD, INTENTIONAL MISCONDUCT, GROSS NEGLIGENCE, OR CRIMINAL ACTS COMMITTED BY YOU OR YOUR EMPLOYEES OR AGENTS. WE RESERVE THE RIGHT TO ENGAGE SEPARATE COUNSEL AND PARTICIPATE IN OR ASSUME THE EXCLUSIVE DEFENSE AND CONTROL OF ANY MATTER OTHERWISE SUBJECT TO INDEMNIFICATION BY YOU HEREUNDER, IN WHICH CASE YOU AGREE TO COOPERATE WITH US AND SUCH SEPARATE COUNSEL AS WE REASONABLY REQUEST. - Interpretation (disclaimed): This segment caps Anthropic's aggregate liability to the greater of fees paid in the preceding six months or $100, covering all causes of action related to the Services, Materials, Actions, or Terms, constituting a material limitation of liability essential to the contract. - Tier: All - Location: § 11 (Disclaimer of warranties, limitations of liability, and indemnity) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20TO%20THE%20FULLEST,WE%20REASONABLY%20REQUEST.%20 ### indemnity liability — risk unknown > THE LAWS OF SOME JURISDICTIONS DO NOT ALLOW THE DISCLAIMER OF IMPLIED WARRANTIES OR CERTAIN TYPES OF DAMAGES, SO SOME OR ALL OF THE DISCLAIMERS AND LIMITATIONS OF LIABILITY IN THESE TERMS MAY NOT APPLY TO YOU. OUR PROVIDERS ARE INTENDED THIRD PARTY BENEFICIARIES OF THE WARRANTY DISCLAIMERS AND LIMITATIONS OF LIABILITY CONTAINED IN THIS SECTION 11. - Interpretation (disclaimed): This segment creates a jurisdictional exception to the warranty disclaimers and liability limitations where local law prohibits them, and designates Providers as intended third-party beneficiaries of the disclaimer and limitation provisions, qualifying the scope of Section 11's restrictions. - Tier: All - Location: § 11 (Disclaimer of warranties, limitations of liability, and indemnity) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20THE%20LAWS%20OF,IN%20THIS%20SECTION%2011. ### indemnity liability — risk unknown > Our Services may use or be used in connection with third-party content (" Third-Party Content "), services, or integrations. We do not control or accept responsibility for any loss or damage that may arise from your use of any Third-Party Content, services, and integrations, for which we make no representations or warranties. Your use of any Third-Party Content, services, and integrations is at your own risk and subject to any terms, conditions, or policies (including privacy policies) applicable to such third-party content, services, and integrations. - Interpretation (disclaimed): This segment disclaims Anthropic's responsibility for third-party content, services, and integrations, places risk of use on the user, and subjects third-party use to external terms and privacy policies, functioning as a liability disclaimer limiting Anthropic's exposure from third-party integrations. - Tier: All - Location: § 7 (Third-party services and links) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Our%20Services%20may,content%2C%20services%2C%20and%20integrations. ### governing law disputes — risk medium > Our Terms will be governed by, and construed and interpreted in accordance with, the laws of the State of California without giving effect to conflict of law principles. You and Anthropic agree that any disputes arising out of or relating to these Terms will be resolved exclusively in the state or federal courts located in San Francisco, California, and you and Anthropic submit to the personal and exclusive jurisdiction of those courts. By accessing our Services, you waive any claims that may arise under the laws of other jurisdictions. - Interpretation (disclaimed): This clause mandates California law and exclusive venue in San Francisco for all disputes, with an express waiver of other jurisdictional claims. Non-US users or users in jurisdictions with mandatory consumer-protection laws may find this clause unenforceable or disadvantageous, as it forces them to litigate far from home and potentially forfeits local law protections. - Tier: All - Location: § 13 (In case of disputes) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=Our%20Terms%20will%20be,laws%20of%20other%20jurisdictions. ### governing law disputes — risk unknown > Equitable relief.  You agree that (a) no adequate remedy exists at law if you breach Section 3 (Use of Our Services); (b) it would be difficult to determine the damages resulting from such breach, and any such breach would cause irreparable harm; and (c) a grant of injunctive relief provides the best remedy for any such breach. You waive any opposition to such injunctive relief, as well as any demand that we prove actual damage or post a bond or other security in connection with such injunctive relief. Governing law and exclusive jurisdiction.  Our Terms will be governed by, and construed and interpreted in accordance with, the laws of the State of California without giving effect to conflict of law principles. You and Anthropic agree that any disputes arising out of or relating to these Terms will be resolved exclusively in the state or federal courts located in San Francisco, California, and you and Anthropic submit to the personal and exclusive jurisdiction of those courts. By accessing our Services, you waive any claims that may arise under the laws of other jurisdictions. - Interpretation (disclaimed): This segment establishes the platform's right to seek equitable/injunctive relief for breaches of the use-of-services section without needing to prove actual damages or post a bond, and includes a user waiver of opposition to such relief. It also begins establishing governing law and exclusive jurisdiction for disputes under the Terms. - Tier: All - Location: § 13 (In case of disputes) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Equitable%20relief.%20You,laws%20of%20other%20jurisdictions. ### governing law disputes — risk unknown > When using our Services, you agree to comply with any applicable guidelines, rules, or supplemental terms that may be posted on the Services from time to time (“Supplemental Terms”). If these Terms conflict with Supplemental Terms, the Supplemental Terms will govern for the applicable Service. Entire agreement.  These Terms and any other terms expressly incorporated by reference form the entire agreement between you and us regarding the subject matter of our Terms. Termination.  You may stop accessing the Services at any time. We may suspend or terminate your access to the Services (including any Subscriptions) at any time without notice to you if we believe that you have breached these Terms, or if we must do so in order to comply with law. If we terminate your access to the Services due to a violation of these Terms and you have a Subscription, you will not be entitled to any refund. In addition, if you have a Subscription, we may terminate the Subscription at any time for any other reason. If we exercise this right and you purchased the subscription via our website, we will refund you, on a pro rata basis, the fees you paid for the remaining portion of your Subscription after termination. Any refunds for Subscriptions purchased via an App Distributor are subject to the App Distributor’s terms and not these terms. We may also terminate your Account if you have been inactive for over a year and you do not have a paid Account. - Interpretation (disclaimed): This segment incorporates Supplemental Terms by reference, establishes that Supplemental Terms govern in cases of conflict, and defines the entire agreement scope. It also grants the platform a right to suspend or terminate user access to Services, which constitutes a procedural and rights-bearing clause affecting the user's continued use. - Tier: All - Location: § 12 (General terms) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=When%20using%20our%20Services%2C,a%20paid%20Account.%20 ### moderation enforcement — risk high > We may comply with governmental, court, and law enforcement requests or requirements relating to provision or use of the Services, or to information provided to or collected under our Terms. We reserve the right, at our sole discretion, to report information from or about you, including but not limited to Inputs, Outputs, or Actions to law enforcement. - Interpretation (disclaimed): The clause goes beyond passive compliance with lawful process: Anthropic explicitly reserves the right to voluntarily and proactively disclose user content (Inputs, Outputs, Actions) to law enforcement at its sole discretion. This creates significant privacy and due-process risk for users, as there is no requirement of a court order or other legal compulsion before disclosure. - Tier: All - Location: § 12 (General terms) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=We%20may%20comply%20with,Actions%20to%20law%20enforcement. ### moderation enforcement — risk high > he creation of a new account, use of an existing account, or providing access to a person or entity that was previously banned Access or facilitate account or API access to Claude to persons, entities, or users in violation of our Supported Regions Policy - Interpretation (disclaimed): This clause imposes affirmative compliance obligations on operators to enforce Anthropic's ban list and supported regions policy. Failure to do so creates breach-of-contract exposure. The geographic access restriction may also implicate export control laws and OFAC sanctions compliance. - Tier: All - Location: Usage Policy › “Do Not Abuse our Platform” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=he%20creation%20of%20a,our%20Supported%20Regions%20Policy ### moderation enforcement — risk high > Do Not Generate Sexually Explicit Content This includes using our products or services to: Depict or request sexual intercourse or sex acts Generate content related to sexual fetishes or fantasies Facilitate, promote, or depict incest or bestiality Engage in erotic chats - Interpretation (disclaimed): This is a categorical, non-waivable content restriction. Any product design that could foreseeably lead to such outputs places the operator in breach. Operators should implement content filters and user-facing terms that explicitly prohibit this use to reduce downstream liability. - Tier: All - Location: Usage Policy › “Do Not Generate Sexually Explicit Content” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=Do%20Not%20Generate%20Sexually,Engage%20in%20erotic%20chats ### moderation enforcement — risk medium > Materials flagged for safety, security, or policy review - Interpretation (disclaimed): Flagged content is both a basis for enforcement action and a training data source, meaning moderation triggers permanent training use regardless of user opt-out preferences. - Tier: All - Location: Privacy Policy › “Materials flagged for safety, security, or policy review” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=Materials%20flagged%20for%20safety%2C%20security%2C%20or%20policy%20review ### moderation enforcement — risk medium > All consumer-facing chatbots, including any external-facing or interactive AI agent, must disclose to users that they are interacting with AI rather than a human. This disclosure must be provided at a minimum at the beginning of each chat session. - Interpretation (disclaimed): This is an absolute, non-negotiable disclosure obligation for any external-facing deployment. Non-compliance constitutes a breach of the usage policy and may also violate consumer protection laws prohibiting deceptive practices (e.g., FTC Act Section 5, EU consumer law). Operators must build this into their UX flows. - Tier: All - Location: Usage Policy › “Additional Use Case Guidelines” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=All%20consumer-facing%20chatbots%2C%20including,of%20each%20chat%20session. ### moderation enforcement — risk medium > Coordinate malicious activity across multiple accounts to avoid detection or circumvent product guardrails or generating identical or similar inputs that otherwise violate our Usage Policy Utilize automation in account creation or to engage in spammy behavior Circumvent a ban through the use of a different account, such as the creation of a new account, use of an existing account, or providing access to a person or entity that was previously banned Access or facilitate account or API access to Claude to persons, entities, or users in violation of our Supported Regions Policy - Interpretation (disclaimed): The clause extends enforcement reach beyond the banned account to any facilitating account, creating vicarious liability risk for organizations. The phrase 'providing access to a person or entity that was previously banned' is particularly broad and could inadvertently ensnare third parties. - Tier: All - Location: Usage Policy › “Do Not Abuse our Platform” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=Coordinate%20malicious%20activity%20across,our%20Supported%20Regions%20Policy ### moderation enforcement — risk medium > Agentic use cases must still comply with the Usage Policy. We provide examples of Usage Policy prohibitions in the context of agentic use in this Help Center article . - Interpretation (disclaimed): This clause closes a potential loophole where operators might argue that agentic use cases fall outside normal policy scope. By explicitly incorporating the full Usage Policy for agentic use, Anthropic retains enforcement authority over automated, multi-step AI workflows. Operators must review the referenced Help Center article to understand specific agentic prohibitions. - Tier: All - Location: Usage Policy › “Additional Use Case Guidelines” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=Agentic%20use%20cases%20must,Help%20Center%20article%20. ### moderation enforcement — risk medium > Intentionally bypass capabilities, restrictions, or guardrails established within our products for the purposes of instructing the model to produce harmful outputs (e.g., jailbreaking or prompt injection) without prior authorization from Anthropic - Interpretation (disclaimed): This clause exposes users to suspension/termination risk for prompt engineering that Anthropic unilaterally deems as 'bypassing guardrails.' The lack of a defined authorization process creates legal uncertainty for security researchers and developers conducting legitimate adversarial testing. - Tier: All - Location: Usage Policy › “Do Not Abuse our Platform” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=Intentionally%20bypass%20capabilities%2C%20restrictions%2C,prior%20authorization%20from%20Anthropic ### moderation enforcement — risk low > To prevent and investigate fraud, abuse, and violations of our  Usage Policy , unlawful or criminal activity, unauthorized access to or use of personal data or Anthropic systems and networks, to protect our rights and the rights of others, and to meet legal, governmental and institutional policy obligations; - Interpretation (disclaimed): Anthropic reserves the right to use personal data for enforcement and investigation purposes. This is a standard clause but signals that user data may be reviewed in connection with policy enforcement without specific notice. - Tier: All - Location: § 2 - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=To%20prevent%20and%20investigate,and%20institutional%20policy%20obligations%3B ### moderation enforcement — risk low > Model Context Protocol (MCP) servers listed in our Connector Directory must comply with our Directory Policy . - Interpretation (disclaimed): This clause incorporates by reference a separate Directory Policy for MCP server operators. Non-compliance could result in removal from the directory or broader policy enforcement actions. Operators should review the Directory Policy independently before listing. - Tier: API - Location: Usage Policy › “Additional Use Case Guidelines” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=Model%20Context%20Protocol%20(MCP),our%20Directory%20Policy%20. ### moderation enforcement — risk unknown > Our Usage Policy (also referred to as our “Acceptable Use Policy” or “AUP”) applies to anyone who can submit inputs to Anthropic’s products and/or services, including via any authorized resellers or passthrough access, all of whom we refer to as “users.” The Usage Policy is intended to help our users stay safe and promote the responsible use of our products and services. The Usage Policy is categorized according to who can use our products and for what purposes. We will update our policy as our technology and the associated risks evolve or as we learn about unanticipated risks. Universal Usage Standards: Our Universal Usage Standards apply to all users and use cases. High-Risk Use Case Requirements: Our High-Risk Use Case Requirements apply to specific consumer-facing use cases that pose an elevated risk of harm. Additional Use Case Guidelines: Our Additional Use Case Guidelines apply to certain other use cases, including consumer-facing chatbots, products serving minors, agentic use, and Model Context Protocol servers. Anthropic’s Safeguards Team will implement detection and monitoring to enforce our Usage Policy, so please review this policy carefully before using our products or services. If we learn that you have violated our Usage Policy, we may throttle, suspend, or terminate your access to our products and services. We may also block or modify model outputs when inputs violate our Usage Policy. If you believe that our model outputs are potentially inaccurate, biased or harmful, please notify us at usersafety@anthropic.com, or report it directly in our product through the “report issues” thumbs down button or similar feedback features (where available). - Interpretation (disclaimed): This segment defines the scope of the Usage Policy, identifies who qualifies as a 'user,' states the policy's purpose of promoting safe and responsible use, and signals that the policy will be updated as risks evolve — establishing the foundational definitional and scope provisions that govern enforcement of platform rules. - Tier: All - Location: Usage Policy › “Usage Policy \ Anthropic” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Our%20Usage%20Policy,features%20(where%20available).%20 ### moderation enforcement — risk unknown > You can read more about our Safeguards practices and recommendations in our Safeguards Support Center . This Usage Policy is calibrated to strike an optimal balance between enabling beneficial uses and mitigating potential harms. Anthropic may enter into contracts with certain governmental customers that tailor use restrictions to that customer’s public mission and legal authorities if, in Anthropic’s judgment, the contractual use restrictions and applicable safeguards are adequate to mitigate the potential harms addressed by this Usage Policy. - Interpretation (disclaimed): This segment carves out an exception to the standard Usage Policy by permitting Anthropic to enter tailored contracts with governmental customers that modify use restrictions, subject to Anthropic's judgment that safeguards are adequate — creating a conditional exception to universal enforcement standards. - Tier: All - Location: Usage Policy › “Usage Policy \ Anthropic” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=You%20can%20read%20more,this%20Usage%20Policy.%20 ### moderation enforcement — risk unknown > Infringe, misappropriate, or violate the intellectual property rights of a third party - Interpretation (disclaimed): This segment restricts users from infringing, misappropriating, or violating third-party intellectual property rights through use of the platform, imposing an IP-related compliance obligation on users. - Tier: All - Location: Usage Policy › “Engage in or facilitate human trafficking or prostitution” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Infringe%2C%20misappropriate%2C%20or,of%20a%20third%20party ### moderation enforcement — risk unknown > Synthesize, or otherwise develop, high-yield explosives or biological, chemical, radiological, or nuclear weapons or their precursors, including modifications to evade detection or medical countermeasures - Interpretation (disclaimed): This segment restricts users from synthesizing or developing high-yield explosives or biological, chemical, radiological, or nuclear weapons or their precursors, including modifications to evade detection or countermeasures. - Tier: All - Location: Usage Policy › “Circumvent regulatory controls to acquire weapons or their precursors” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Synthesize%2C%20or%20otherwise,detection%20or%20medical%20countermeasures ### moderation enforcement — risk unknown > This includes using our products or services to: Incite, facilitate, or promote violent extremism, terrorism, or hateful behavior Provide material support for organizations or individuals associated with violent extremism, terrorism, or hateful behavior Facilitate or promote any act of violence or intimidation targeting individuals, groups, animals, or property Promote discriminatory practices or behaviors against individuals or groups on the basis of one or more protected attributes such as race, ethnicity, religion, national origin, gender, sexual orientation, or any other identifying trait - Interpretation (disclaimed): This segment enumerates specific prohibited activities including facilitating violent extremism, terrorism, hateful behavior, material support for such organizations, acts of violence or intimidation, and discriminatory practices based on protected attributes. - Tier: All - Location: Usage Policy › “Do Not Incite Violence or Hateful Behavior” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,any%20other%20identifying%20trait ### moderation enforcement — risk unknown > Promote, trivialize, or depict graphic violence or gratuitous gore, including sexual violence Develop a new product or service, or support an existing product or service that employs or facilitates deceptive techniques with the intent of causing emotional harm - Interpretation (disclaimed): This segment restricts users from promoting or depicting graphic violence, gratuitous gore, or sexual violence, and from developing products or services that employ deceptive techniques intended to cause emotional harm. - Tier: All - Location: Usage Policy › “Generate content depicting animal cruelty or abuse” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Promote%2C%20trivialize%2C%20or,of%20causing%20emotional%20harm ### moderation enforcement — risk unknown > This includes using our products or services to: Create or disseminate deceptive or misleading information about, or with the intention of targeting, a group, entity or person Create or disseminate deceptive or misleading information about laws, regulations, procedures, practices, standards established by an institution, entity or governing body Create or disseminate conspiratorial narratives meant to target a specific group, individual or entity Impersonate real entities or create fake personas to falsely attribute content or mislead others about its origin without consent or legal right Provide false or misleading information related to medical, health or science issues - Interpretation (disclaimed): This segment enumerates specific misinformation-related prohibitions including creating deceptive information about groups or entities, misleading information about laws or institutions, conspiratorial narratives, impersonation of real entities, and fake personas for false attribution. - Tier: All - Location: Usage Policy › “Do Not Create or Spread Misinformation” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,health%20or%20science%20issues ### moderation enforcement — risk unknown > Do Not Undermine Democratic Processes or Engage in Targeted Campaign Activities This includes using our products or services to: Engage in personalized vote or campaign targeting based on individual profiles or data Create artificial or deceptive political movements in which the source, scale or nature of the campaign or activities is misrepresented Generate automated communications to public officials or voters at scale that conceal their artificial origin, or engage in systematic vote solicitation that could undermine election integrity Create political content designed to deceive or mislead voters, including synthetic media of political figures Generate or disseminate false or misleading information in political and electoral contexts, including about candidates, parties, policies, voting procedures, or election security Engage in political lobbying or grassroots advocacy using false or fabricated information, or create lobbying or advocacy materials containing demonstrably false claims about facts, data, or events Incite, glorify or facilitate the disruption of electoral or civic processes, including interference with voting systems, vote counting, or certification processes Create content designed to suppress voter turnout or discourage legitimate political participation through deception or intimidation - Interpretation (disclaimed): This segment establishes a categorical restriction prohibiting users from undermining democratic processes or engaging in targeted campaign activities, and enumerates specific prohibited activities including personalized vote targeting, artificial political movements, automated deceptive communications to officials or voters, and creation of politically deceptive content. - Tier: All - Location: Usage Policy › “Do Not Create or Spread Misinformation” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Do%20Not%20Undermine,through%20deception%20or%20intimidation ### moderation enforcement — risk unknown > This includes using our products or services to: Coordinate malicious activity across multiple accounts to avoid detection or circumvent product guardrails or generating identical or similar inputs that otherwise violate our Usage Policy Utilize automation in account creation or to engage in spammy behavior Circumvent a ban through the use of a different account, such as the creation of a new account, use of an existing account, or providing access to a person or entity that was previously banned Access or facilitate account or API access to Claude to persons, entities, or users in violation of our Supported Regions Policy Intentionally bypass capabilities, restrictions, or guardrails established within our products for the purposes of instructing the model to produce harmful outputs (e.g., jailbreaking or prompt injection) without prior authorization from Anthropic Utilization of inputs and outputs to train an AI model (e.g., “model scraping” or “model distillation”) without prior authorization from Anthropic - Interpretation (disclaimed): This clause restricts users from coordinating malicious multi-account activity, using automation to create accounts or spam, circumventing bans via new or alternate accounts, and facilitating API access to banned persons or entities — all of which are prohibited uses enforceable under the platform's moderation and enforcement framework. - Tier: All - Location: Usage Policy › “Do Not Abuse our Platform” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,prior%20authorization%20from%20Anthropic ### moderation enforcement — risk unknown > This includes using our products or services to: - Interpretation (disclaimed): This introductory clause signals that the following enumerated items constitute specific prohibited uses falling under the sexually explicit content restriction, serving as an incorporation clause for the subsequent list of prohibited behaviors. - Tier: All - Location: Usage Policy › “Do Not Generate Sexually Explicit Content” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,products%20or%20services%20to%3A ### moderation enforcement — risk unknown > Some use cases pose an elevated risk of harm because they influence domains that are vital to public welfare and social equity. For these use cases, given potential risks to individuals and consumers, we believe that relevant human expertise should be integrated and that end-users should be aware when AI has been involved in producing outputs. As such, for the “High-Risk Use Cases” described below, we require that you implement these additional safety measures: Human-in-the-loop: When using our products or services to provide advice, recommendations, or in subjective decision-making directly affecting individuals or consumers , a qualified professional in that field must review the content or decision prior to dissemination or finalization. You or your organization are responsible for the accuracy and appropriateness of that information. Disclosure: If model outputs are presented directly to individuals or consumers , you must disclose to them that you are using AI to help produce your advice, decisions, or recommendations. This disclosure must be provided at a minimum at the beginning of each session. “High-Risk Use Cases” include: Legal: Use cases related to legal interpretation, legal guidance, or decisions with legal implications Healthcare: Use cases related to healthcare decisions, medical diagnosis, patient care, therapy, mental health, or other medical guidance. Wellness advice (e.g., advice on sleep, stress, nutrition, exercise, etc.) does not fall under this category Insurance: Use cases related to health, life, property, disability, or other types of insurance underwriting, claims processing, or coverage decisions Finance: Use cases related to financial decisions, including investment advice, loan approvals, and determining financial eligibility or - Interpretation (disclaimed): This clause imposes affirmative obligations on operators deploying high-risk use cases, specifically requiring integration of human expertise ('human-in-the-loop') and disclosure to end-users of AI involvement, establishing mandatory safety measures for domains affecting public welfare and social equity. - Tier: All - Location: Usage Policy › “High-Risk Use Case Requirements” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Some%20use%20cases,determining%20financial%20eligibility%20or ### moderation enforcement — risk unknown > This includes using our products or services to: Facilitate the destruction or disruption of critical infrastructure such as power grids, water treatment facilities, medical devices, telecommunication networks, or air traffic control systems Obtain unauthorized access to critical systems such as voting machines, healthcare databases, and financial markets Interfere with the operation of military bases and related infrastructure - Interpretation (disclaimed): This segment enumerates specific prohibited activities under the critical infrastructure restriction, including facilitating destruction of power grids and water facilities, gaining unauthorized access to voting machines and healthcare databases, and interfering with military infrastructure operations. - Tier: All - Location: Usage Policy › “Do Not Compromise Critical Infrastructure” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,bases%20and%20related%20infrastructure ### moderation enforcement — risk unknown > This includes using our products or services to: Facilitate, promote, or glamorize any form of suicide or self-harm, including disordered eating and unhealthy or compulsive exercise Engage in behaviors that promote unhealthy or unattainable body image or beauty standards, such as using the model to critique anyone’s body shape or size Shame, humiliate, intimidate, bully, harass, or celebrate the suffering of individuals - Interpretation (disclaimed): This segment enumerates specific prohibited psychologically harmful activities, including facilitating suicide or self-harm, promoting unhealthy body image, and shaming, humiliating, bullying, or harassing individuals. - Tier: All - Location: Usage Policy › “Do Not Create Psychologically or Emotionally Harmful Content” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,the%20suffering%20of%20individuals ### moderation enforcement — risk unknown > It is in our legitimate interests and in the interest of Anthropic users to evaluate the use of the Services and adoption of new features to inform the development of future features and improve direction and development of the Services. Our research also benefits the AI industry and society: it investigates the safety, inner workings, and societal impact of AI models so that artificial intelligence has a positive impact on society as it becomes increasingly advanced and capable. To enforce our Terms of Service  and similar terms and agreements, including our Usage Policy . Identity and Contact Data - Interpretation (disclaimed): Grants Anthropic permission to process Identity, Contact, and related data to enforce its Terms of Service, Usage Policy, and similar agreements, relying on contract and legitimate interests as legal bases, and explains the rationale of maintaining platform safety and intended functionality. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,Identity%20and%20Contact%20Data ### moderation enforcement — risk unknown > In certain circumstances outside of the performance of our contract with you, we may rely on legitimate interests. It is in our legitimate interests to enforce the rules and policies governing use of our services, to maintain intended functionality and value for users. We aim to provide a safe, useful platform. - Interpretation (disclaimed): Clarifies that outside of contract performance Anthropic may rely on legitimate interests to enforce platform rules and policies, granting a permission to process data for enforcement purposes and articulating the rationale of maintaining a safe, functional platform. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20In%20certain%20circumstances,safe%2C%20useful%20platform.%20 ### moderation enforcement — risk unknown > You may access and use our Services only in compliance with our Terms, including our  Acceptable Use Policy , the policy governing the countries and regions Anthropic currently supports ("Supported Regions Policy"), and any guidelines or supplemental terms we may post on the Services (the “ Permitted Use ”). You are responsible for all activity under the account through which you access the Services. You may not access or use, or help another person to access or use, our Services in the following ways: In any manner that violates any applicable law or regulation—including, without limitation, any laws about exporting data or software to and from the United States or other countries. To develop any products or services that compete with our Services, including to develop or train any artificial intelligence or machine learning algorithms or models or resell the Services. To decompile, reverse engineer, disassemble, or otherwise reduce our Services to human-readable form, except when these restrictions are prohibited by applicable law. To crawl, scrape, or otherwise harvest data or information from our Services other than as permitted under these Terms. To use our Services, the Materials, or the Actions to obtain unauthorized access to any system or information, or to deceive any person. To infringe, misappropriate, or violate intellectual property or other legal rights (including the rights of publicity or privacy). - Interpretation (disclaimed): This segment restricts how users may access and use the Services, requiring compliance with the Acceptable Use Policy, Supported Regions Policy, and other guidelines, and holds users responsible for all account activity, imposing binding usage restrictions enforceable against the user. - Tier: All - Location: § 3 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20You%20may%20access,publicity%20or%20privacy).%20 ### moderation enforcement — risk unknown > creditworthiness Employment and housing: Use cases related to decisions about the employability of individuals, resume screening, hiring tools, or other employment determinations or decisions regarding eligibility for housing, including leases and home loans Academic testing, accreditation and admissions: Use cases related to standardized testing companies that administer school admissions (including evaluating, scoring or ranking prospective students), language proficiency, or professional certification exams; agencies that evaluate and certify educational institutions Media or professional journalistic content: Use cases related to using our products or services to automatically generate content and publish it for external consumption - Interpretation (disclaimed): This segment defines specific categories of 'High-Risk Use Cases,' including creditworthiness, employment and housing decisions, academic testing and admissions, and media or professional contexts, thereby establishing the scope of applications subject to heightened compliance obligations. - Tier: All - Location: Usage Policy › “High-Risk Use Case Requirements” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20creditworthiness%20Employment%20and,it%20for%20external%20consumption ### moderation enforcement — risk unknown > This includes using our products or services to: Produce, modify, design, or illegally acquire weapons, explosives, dangerous materials or other systems designed to cause harm to or loss of human life Design or develop weaponization and delivery processes for the deployment of weapons - Interpretation (disclaimed): This segment enumerates specific prohibited activities under the weapons restriction, including producing, modifying, designing, or illegally acquiring weapons or dangerous materials, and designing weaponization and deployment processes. - Tier: All - Location: Usage Policy › “Do Not Develop or Design Weapons” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,the%20deployment%20of%20weapons ### moderation enforcement — risk unknown > This includes using our products or services to: Coordinate malicious activity across multiple accounts to avoid detection or circumvent product guardrails or generating identical or similar inputs that otherwise violate our Usage Policy Utilize automation in account creation or to engage in spammy behavior Circumvent a ban through the use of a different account, such as the creation of a new account, use of an existing account, or providing access to a person or entity that was previously banned Access or facilitate account or API access to Claude to persons, entities, or users in violation of our Supported Regions Policy Intentionally bypass capabilities, restrictions, or guardrails established within our products for the purposes of instructing the model to produce harmful outputs (e.g., jailbreaking or prompt injection) without prior authorization from Anthropic Utilization of inputs and outputs to train an AI model (e.g., “model scraping” or “model distillation”) without prior authorization from Anthropic - Interpretation (disclaimed): This clause restricts users from coordinating malicious multi-account activity, using automation for spammy behavior, circumventing bans via new or alternate accounts, and facilitating API access to banned persons or entities, thereby imposing enforceable prohibitions on platform misuse. - Tier: All - Location: Usage Policy › “Do Not Abuse our Platform” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,prior%20authorization%20from%20Anthropic ### moderation enforcement — risk unknown > This includes using our products or services to: Create or disseminate deceptive or misleading information about, or with the intention of targeting, a group, entity or person Create or disseminate deceptive or misleading information about laws, regulations, procedures, practices, standards established by an institution, entity or governing body Create or disseminate conspiratorial narratives meant to target a specific group, individual or entity Impersonate real entities or create fake personas to falsely attribute content or mislead others about its origin without consent or legal right Provide false or misleading information related to medical, health or science issues - Interpretation (disclaimed): This segment enumerates specific prohibited misinformation-related activities, including creating or disseminating deceptive information targeting groups or persons, spreading false information about laws and institutions, creating conspiratorial narratives, and impersonating real entities or creating fake personas to mislead about content origin. - Tier: All - Location: Usage Policy › “Do Not Create or Spread Misinformation” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,health%20or%20science%20issues ### moderation enforcement — risk unknown > This includes using our products or services to: Facilitate the destruction or disruption of critical infrastructure such as power grids, water treatment facilities, medical devices, telecommunication networks, or air traffic control systems Obtain unauthorized access to critical systems such as voting machines, healthcare databases, and financial markets Interfere with the operation of military bases and related infrastructure - Interpretation (disclaimed): This segment enumerates specific prohibited activities under the critical infrastructure restriction, including disruption of power grids, water facilities, medical devices, voting machines, financial markets, and military infrastructure. - Tier: All - Location: Usage Policy › “Do Not Compromise Critical Infrastructure” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,bases%20and%20related%20infrastructure ### moderation enforcement — risk unknown > This includes using our products or services to: Facilitate the production, acquisition, or distribution of counterfeit or illicitly acquired goods - Interpretation (disclaimed): This segment restricts users from facilitating the production, acquisition, or distribution of counterfeit or illicitly acquired goods, constituting a specific enumerated prohibition under the fraud/abuse restriction. - Tier: All - Location: Usage Policy › “Do Not Engage in Fraudulent, Abusive, or Predatory Practices” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,or%20illicitly%20acquired%20goods ### moderation enforcement — risk unknown > Our Usage Policy (also referred to as our “Acceptable Use Policy” or “AUP”) applies to anyone who can submit inputs to Anthropic’s products and/or services, including via any authorized resellers or passthrough access, all of whom we refer to as “users.” The Usage Policy is intended to help our users stay safe and promote the responsible use of our products and services. The Usage Policy is categorized according to who can use our products and for what purposes. We will update our policy as our technology and the associated risks evolve or as we learn about unanticipated risks. Universal Usage Standards: Our Universal Usage Standards apply to all users and use cases. High-Risk Use Case Requirements: Our High-Risk Use Case Requirements apply to specific consumer-facing use cases that pose an elevated risk of harm. Additional Use Case Guidelines: Our Additional Use Case Guidelines apply to certain other use cases, including consumer-facing chatbots, products serving minors, agentic use, and Model Context Protocol servers. Anthropic’s Safeguards Team will implement detection and monitoring to enforce our Usage Policy, so please review this policy carefully before using our products or services. If we learn that you have violated our Usage Policy, we may throttle, suspend, or terminate your access to our products and services. We may also block or modify model outputs when inputs violate our Usage Policy. If you believe that our model outputs are potentially inaccurate, biased or harmful, please notify us at usersafety@anthropic.com, or report it directly in our product through the “report issues” thumbs down button or similar feedback features (where available). - Interpretation (disclaimed): This segment defines who qualifies as a 'user' subject to the AUP (anyone submitting inputs, including via resellers or passthrough access), states the policy's purpose of promoting safety and responsible use, and signals that the policy will be updated as risks evolve, establishing the scope and applicability of enforcement obligations. - Tier: All - Location: Usage Policy › “Usage Policy \ Anthropic” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Our%20Usage%20Policy,features%20(where%20available).%20 ### moderation enforcement — risk unknown > Some use cases pose an elevated risk of harm because they influence domains that are vital to public welfare and social equity. For these use cases, given potential risks to individuals and consumers, we believe that relevant human expertise should be integrated and that end-users should be aware when AI has been involved in producing outputs. As such, for the “High-Risk Use Cases” described below, we require that you implement these additional safety measures: Human-in-the-loop: When using our products or services to provide advice, recommendations, or in subjective decision-making directly affecting individuals or consumers , a qualified professional in that field must review the content or decision prior to dissemination or finalization. You or your organization are responsible for the accuracy and appropriateness of that information. Disclosure: If model outputs are presented directly to individuals or consumers , you must disclose to them that you are using AI to help produce your advice, decisions, or recommendations. This disclosure must be provided at a minimum at the beginning of each session. “High-Risk Use Cases” include: Legal: Use cases related to legal interpretation, legal guidance, or decisions with legal implications Healthcare: Use cases related to healthcare decisions, medical diagnosis, patient care, therapy, mental health, or other medical guidance. Wellness advice (e.g., advice on sleep, stress, nutrition, exercise, etc.) does not fall under this category Insurance: Use cases related to health, life, property, disability, or other types of insurance underwriting, claims processing, or coverage decisions Finance: Use cases related to financial decisions, including investment advice, loan approvals, and determining financial eligibility or - Interpretation (disclaimed): This clause imposes affirmative obligations on operators using high-risk use cases to implement human-in-the-loop safeguards and to disclose AI involvement to end-users, requiring specific procedural and transparency measures to mitigate elevated harm risk. - Tier: All - Location: Usage Policy › “High-Risk Use Case Requirements” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Some%20use%20cases,determining%20financial%20eligibility%20or ### moderation enforcement — risk unknown > Generate content for fraudulent activities, schemes, scams, phishing, or malware that can result in direct financial or psychological harm Create falsified documents including fake IDs, licenses, currency, or other government documents Develop, promote, or otherwise facilitate the sale or distribution of fraudulent or deceptive products Generate deceptive or misleading digital content such as fake reviews, comments, or media Engage in or facilitate multi-level marketing, pyramid schemes, or other deceptive business models that use high-pressure sales tactics or exploit participants Promote or facilitate payday loans, title loans, or other high-interest, short-term lending practices that exploit vulnerable individuals Engage in deceptive or abusive practices that exploit individuals based on age, disability or a specific social or economic situation Promote or facilitate the use of abusive or harassing debt collection practices Develop a product or support an existing service that deploys subliminal, manipulative, or deceptive techniques to distort behavior by impairing decision-making Engage in actions or behaviors that circumvent the guardrails or terms of other platforms or services Plagiarize or submit AI-assisted work without proper permission or attribution - Interpretation (disclaimed): This segment enumerates additional fraudulent and predatory practice prohibitions including generating content for scams or phishing, creating falsified documents, developing fraudulent products, generating fake reviews, facilitating pyramid schemes, and other deceptive business practices. - Tier: All - Location: Usage Policy › “Promote or facilitate the generation or distribution of spam” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Generate%20content%20for,proper%20permission%20or%20attribution ### moderation enforcement — risk unknown > This includes using our products or services to: Create, distribute, or promote child sexual abuse material (“CSAM”), including AI-generated CSAM Facilitate the trafficking, sextortion, or any other form of exploitation of a minor Facilitate minor grooming, including generating content designed to impersonate a minor Facilitate child abuse of any form, including instructions for how to conceal abuse Promote or facilitate pedophilic relationships, including via roleplay with the model Fetishize or sexualize minors, including in fictional settings or via roleplay with the model Note: We define a minor or child to be any individual under the age of 18 years old, regardless of jurisdiction. When we detect CSAM (including AI-generated CSAM), or coercion or enticement of a minor to engage in sexual activities, we will report to relevant authorities. - Interpretation (disclaimed): This segment enumerates specific prohibited activities related to child safety, including creating or distributing CSAM (including AI-generated), facilitating child trafficking or exploitation, grooming, abuse, pedophilic relationships, and sexualizing minors, and begins a definition of minor-related terms. - Tier: All - Location: Usage Policy › “Do Not Compromise Children’s Safety” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,to%20relevant%20authorities.%20 ### moderation enforcement — risk unknown > This includes using our products or services to: Incite, facilitate, or promote violent extremism, terrorism, or hateful behavior Provide material support for organizations or individuals associated with violent extremism, terrorism, or hateful behavior Facilitate or promote any act of violence or intimidation targeting individuals, groups, animals, or property Promote discriminatory practices or behaviors against individuals or groups on the basis of one or more protected attributes such as race, ethnicity, religion, national origin, gender, sexual orientation, or any other identifying trait - Interpretation (disclaimed): This segment enumerates specific prohibited activities under the violence/hate restriction, including inciting violent extremism or terrorism, providing material support for extremist groups, facilitating violence or intimidation, and promoting discriminatory practices against protected groups. - Tier: All - Location: Usage Policy › “Do Not Incite Violence or Hateful Behavior” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,any%20other%20identifying%20trait ### moderation enforcement — risk unknown > This includes using our products or services to: Discover or exploit vulnerabilities in systems, networks, or applications without authorization of the system owner Gain unauthorized access to systems, networks, applications, or devices through technical attacks or social engineering Create or distribute malware, ransomware, or other types of malicious code - Interpretation (disclaimed): This segment specifies prohibited activities under the computer/network systems restriction, including unauthorized vulnerability exploitation, unauthorized access, and creation or distribution of malware or ransomware. - Tier: All - Location: Usage Policy › “Do Not Compromise Computer or Network Systems” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,types%20of%20malicious%20code ### moderation enforcement — risk unknown > Do Not Undermine Democratic Processes or Engage in Targeted Campaign Activities This includes using our products or services to: Engage in personalized vote or campaign targeting based on individual profiles or data Create artificial or deceptive political movements in which the source, scale or nature of the campaign or activities is misrepresented Generate automated communications to public officials or voters at scale that conceal their artificial origin, or engage in systematic vote solicitation that could undermine election integrity Create political content designed to deceive or mislead voters, including synthetic media of political figures Generate or disseminate false or misleading information in political and electoral contexts, including about candidates, parties, policies, voting procedures, or election security Engage in political lobbying or grassroots advocacy using false or fabricated information, or create lobbying or advocacy materials containing demonstrably false claims about facts, data, or events Incite, glorify or facilitate the disruption of electoral or civic processes, including interference with voting systems, vote counting, or certification processes Create content designed to suppress voter turnout or discourage legitimate political participation through deception or intimidation - Interpretation (disclaimed): This segment establishes a categorical prohibition against using Anthropic's products or services to undermine democratic processes or engage in targeted campaign activities, and enumerates specific prohibited activities including personalized vote targeting, artificial political movements, automated communications concealing artificial origin, and political content designed to deceive voters. - Tier: All - Location: Usage Policy › “Do Not Create or Spread Misinformation” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Do%20Not%20Undermine,through%20deception%20or%20intimidation ### moderation enforcement — risk unknown > This includes using our products or services to: Create, distribute, or promote child sexual abuse material (“CSAM”), including AI-generated CSAM Facilitate the trafficking, sextortion, or any other form of exploitation of a minor Facilitate minor grooming, including generating content designed to impersonate a minor Facilitate child abuse of any form, including instructions for how to conceal abuse Promote or facilitate pedophilic relationships, including via roleplay with the model Fetishize or sexualize minors, including in fictional settings or via roleplay with the model Note: We define a minor or child to be any individual under the age of 18 years old, regardless of jurisdiction. When we detect CSAM (including AI-generated CSAM), or coercion or enticement of a minor to engage in sexual activities, we will report to relevant authorities. - Interpretation (disclaimed): This segment enumerates specific prohibitions protecting children, including creating CSAM, facilitating trafficking or exploitation of minors, grooming, child abuse facilitation, pedophilic relationships, and sexualization of minors including in fictional contexts. - Tier: All - Location: Usage Policy › “Do Not Compromise Children’s Safety” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,to%20relevant%20authorities.%20 ### moderation enforcement — risk unknown > Synthesize, or otherwise develop, high-yield explosives or biological, chemical, radiological, or nuclear weapons or their precursors, including modifications to evade detection or medical countermeasures - Interpretation (disclaimed): This segment restricts users from synthesizing or developing high-yield explosives or CBRN weapons or their precursors, including modifications to evade detection or medical countermeasures, constituting a specific enumerated prohibition under the weapons restriction. - Tier: All - Location: Usage Policy › “Circumvent regulatory controls to acquire weapons or their precursors” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Synthesize%2C%20or%20otherwise,detection%20or%20medical%20countermeasures ### moderation enforcement — risk unknown > This includes using our products or services to: - Interpretation (disclaimed): This segment introduces and incorporates the list of specific prohibited activities that fall under the preceding restriction heading, serving as a cross-reference connector for the enumerated prohibitions. - Tier: All - Location: Usage Policy › “Do Not Violate Applicable Laws or Engage in Illegal Activity” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,products%20or%20services%20to%3A ### moderation enforcement — risk unknown > Infringe, misappropriate, or violate the intellectual property rights of a third party - Interpretation (disclaimed): This segment restricts users from using Anthropic's products or services to infringe, misappropriate, or violate third-party intellectual property rights, imposing a specific IP-related usage prohibition. - Tier: All - Location: Usage Policy › “Engage in or facilitate human trafficking or prostitution” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Infringe%2C%20misappropriate%2C%20or,of%20a%20third%20party ### moderation enforcement — risk unknown > Do Not Use for Criminal Justice, Censorship, Surveillance, or Prohibited Law Enforcement Purposes This includes using our products or services to: Make determinations on criminal justice applications, including making decisions about or determining eligibility for parole or sentencing Target or track a person’s physical location, emotional state, or communication without their consent, including using our products for facial recognition, battlefield management applications or predictive policing Utilize models to assign scores or ratings to individuals based on an assessment of their trustworthiness or social behavior without notification or their consent Build or support emotional recognition systems or techniques that are used to infer emotions of a natural person, except for medical or safety reasons Analyze or identify specific content to censor on behalf of a government organization Utilize models as part of any biometric categorization system for categorizing people based on their biometric data to infer their race, political opinions, trade union membership, religious or philosophical beliefs, sex life or sexual orientation Utilize models as part of any law enforcement application that violates or impairs the liberty, civil liberties, or human rights of natural persons - Interpretation (disclaimed): This segment prohibits use of the platform for certain criminal justice applications, surveillance, censorship, or prohibited law enforcement purposes, including parole/sentencing determinations, unauthorized tracking of individuals, and social scoring systems. - Tier: All - Location: Usage Policy › “Do Not Create or Spread Misinformation” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Do%20Not%20Use,rights%20of%20natural%20persons ### moderation enforcement — risk unknown > This includes using our products or services to: Discover or exploit vulnerabilities in systems, networks, or applications without authorization of the system owner Gain unauthorized access to systems, networks, applications, or devices through technical attacks or social engineering Create or distribute malware, ransomware, or other types of malicious code - Interpretation (disclaimed): This segment enumerates specific prohibited activities under the computer/network systems restriction, including unauthorized vulnerability exploitation, unauthorized system access via technical or social engineering attacks, and creating or distributing malware or ransomware. - Tier: All - Location: Usage Policy › “Do Not Compromise Computer or Network Systems” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,types%20of%20malicious%20code ### moderation enforcement — risk unknown > Create tools designed to intercept communications or monitor devices without authorization of the system owner Develop persistent access tools designed to operate below normal system security levels, including firmware modifications or hardware implants Create automated tools designed to compromise multiple systems at scale for malicious purposes Bypass security controls such as authenticated systems, endpoint protection, or monitoring tools - Interpretation (disclaimed): This segment enumerates additional prohibited cybersecurity activities including unauthorized communication interception tools, persistent access tools, firmware or hardware implants, large-scale automated compromise tools, and security control bypass, all restricted on the platform. - Tier: All - Location: Usage Policy › “Develop tools for denial-of-service attacks or managing botnets” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Create%20tools%20designed,protection%2C%20or%20monitoring%20tools ### moderation enforcement — risk unknown > This includes using our products or services to: Facilitate the production, acquisition, or distribution of counterfeit or illicitly acquired goods - Interpretation (disclaimed): This segment restricts users from facilitating production, acquisition, or distribution of counterfeit or illicitly acquired goods via the platform. - Tier: All - Location: Usage Policy › “Do Not Engage in Fraudulent, Abusive, or Predatory Practices” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,or%20illicitly%20acquired%20goods ### moderation enforcement — risk unknown > Promote, trivialize, or depict graphic violence or gratuitous gore, including sexual violence Develop a new product or service, or support an existing product or service that employs or facilitates deceptive techniques with the intent of causing emotional harm - Interpretation (disclaimed): This segment restricts users from promoting or depicting graphic violence or gratuitous gore (including sexual violence) and from developing products or services that employ deceptive techniques intended to cause emotional harm, constituting specific enumerated prohibitions under the harmful content restriction. - Tier: All - Location: Usage Policy › “Generate content depicting animal cruelty or abuse” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Promote%2C%20trivialize%2C%20or,of%20causing%20emotional%20harm ### moderation enforcement — risk unknown > creditworthiness Employment and housing: Use cases related to decisions about the employability of individuals, resume screening, hiring tools, or other employment determinations or decisions regarding eligibility for housing, including leases and home loans Academic testing, accreditation and admissions: Use cases related to standardized testing companies that administer school admissions (including evaluating, scoring or ranking prospective students), language proficiency, or professional certification exams; agencies that evaluate and certify educational institutions Media or professional journalistic content: Use cases related to using our products or services to automatically generate content and publish it for external consumption - Interpretation (disclaimed): This segment defines specific categories of 'High-Risk Use Cases'—including creditworthiness, employment, housing, academic testing, and media/professional contexts—establishing the scope of use cases subject to the elevated safety requirements described in the preceding clause. - Tier: All - Location: Usage Policy › “High-Risk Use Case Requirements” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20creditworthiness%20Employment%20and,it%20for%20external%20consumption ### moderation enforcement — risk unknown > Do Not Use for Criminal Justice, Censorship, Surveillance, or Prohibited Law Enforcement Purposes This includes using our products or services to: Make determinations on criminal justice applications, including making decisions about or determining eligibility for parole or sentencing Target or track a person’s physical location, emotional state, or communication without their consent, including using our products for facial recognition, battlefield management applications or predictive policing Utilize models to assign scores or ratings to individuals based on an assessment of their trustworthiness or social behavior without notification or their consent Build or support emotional recognition systems or techniques that are used to infer emotions of a natural person, except for medical or safety reasons Analyze or identify specific content to censor on behalf of a government organization Utilize models as part of any biometric categorization system for categorizing people based on their biometric data to infer their race, political opinions, trade union membership, religious or philosophical beliefs, sex life or sexual orientation Utilize models as part of any law enforcement application that violates or impairs the liberty, civil liberties, or human rights of natural persons - Interpretation (disclaimed): This segment establishes a categorical prohibition against using Anthropic's products or services for criminal justice determinations, censorship, surveillance, or prohibited law enforcement purposes, and enumerates specific prohibited activities including parole/sentencing decisions, unauthorized location or emotion tracking, facial recognition, battlefield management, predictive policing, and social scoring of individuals. - Tier: All - Location: Usage Policy › “Do Not Create or Spread Misinformation” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Do%20Not%20Use,rights%20of%20natural%20persons ### moderation enforcement — risk unknown > This includes using our products or services to: Facilitate, promote, or glamorize any form of suicide or self-harm, including disordered eating and unhealthy or compulsive exercise Engage in behaviors that promote unhealthy or unattainable body image or beauty standards, such as using the model to critique anyone’s body shape or size Shame, humiliate, intimidate, bully, harass, or celebrate the suffering of individuals - Interpretation (disclaimed): This segment enumerates specific prohibited activities including facilitating suicide or self-harm, promoting unhealthy body image standards, and shaming, bullying, or harassing individuals. - Tier: All - Location: Usage Policy › “Do Not Create Psychologically or Emotionally Harmful Content” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,the%20suffering%20of%20individuals ### moderation enforcement — risk unknown > This includes using our products or services to: Produce, modify, design, or illegally acquire weapons, explosives, dangerous materials or other systems designed to cause harm to or loss of human life Design or develop weaponization and delivery processes for the deployment of weapons - Interpretation (disclaimed): This segment specifies that users are prohibited from producing, modifying, designing, or illegally acquiring weapons, explosives, or dangerous materials, or designing weaponization and delivery processes, through use of the platform. - Tier: All - Location: Usage Policy › “Do Not Develop or Design Weapons” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,the%20deployment%20of%20weapons ### moderation enforcement — risk unknown > This includes using our products or services to: - Interpretation (disclaimed): This introductory clause signals that the following enumerated items define specific prohibited activities under the sexually explicit content restriction, giving legal operative context to the list that follows. - Tier: All - Location: Usage Policy › “Do Not Generate Sexually Explicit Content” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,products%20or%20services%20to%3A ### moderation enforcement — risk unknown > This includes using our products or services to: - Interpretation (disclaimed): This segment is an introductory clause that incorporates the specific prohibited activities listed in subsequent segments under the 'Do Not Violate Applicable Laws' restriction, establishing that the following enumerated items are all covered by that prohibition. - Tier: All - Location: Usage Policy › “Do Not Violate Applicable Laws or Engage in Illegal Activity” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20This%20includes%20using,products%20or%20services%20to%3A ### moderation enforcement — risk unknown > You can read more about our Safeguards practices and recommendations in our Safeguards Support Center . This Usage Policy is calibrated to strike an optimal balance between enabling beneficial uses and mitigating potential harms. Anthropic may enter into contracts with certain governmental customers that tailor use restrictions to that customer’s public mission and legal authorities if, in Anthropic’s judgment, the contractual use restrictions and applicable safeguards are adequate to mitigate the potential harms addressed by this Usage Policy. - Interpretation (disclaimed): This segment creates an exception to the standard AUP restrictions, permitting Anthropic to enter contracts with governmental customers that tailor (i.e., modify or relax) use restrictions, conditioned on Anthropic's judgment that safeguards are adequate, thereby carving out a class of users from universal enforcement standards. - Tier: All - Location: Usage Policy › “Usage Policy \ Anthropic” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=You%20can%20read%20more,this%20Usage%20Policy.%20 ### moderation enforcement — risk unknown > Create tools designed to intercept communications or monitor devices without authorization of the system owner Develop persistent access tools designed to operate below normal system security levels, including firmware modifications or hardware implants Create automated tools designed to compromise multiple systems at scale for malicious purposes Bypass security controls such as authenticated systems, endpoint protection, or monitoring tools - Interpretation (disclaimed): This segment enumerates additional specific prohibited activities under the computer/network systems restriction, including unauthorized interception tools, persistent below-OS-level access tools, automated mass-compromise tools, and bypassing security controls. - Tier: All - Location: Usage Policy › “Develop tools for denial-of-service attacks or managing botnets” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Create%20tools%20designed,protection%2C%20or%20monitoring%20tools ### moderation enforcement — risk unknown > Generate content for fraudulent activities, schemes, scams, phishing, or malware that can result in direct financial or psychological harm Create falsified documents including fake IDs, licenses, currency, or other government documents Develop, promote, or otherwise facilitate the sale or distribution of fraudulent or deceptive products Generate deceptive or misleading digital content such as fake reviews, comments, or media Engage in or facilitate multi-level marketing, pyramid schemes, or other deceptive business models that use high-pressure sales tactics or exploit participants Promote or facilitate payday loans, title loans, or other high-interest, short-term lending practices that exploit vulnerable individuals Engage in deceptive or abusive practices that exploit individuals based on age, disability or a specific social or economic situation Promote or facilitate the use of abusive or harassing debt collection practices Develop a product or support an existing service that deploys subliminal, manipulative, or deceptive techniques to distort behavior by impairing decision-making Engage in actions or behaviors that circumvent the guardrails or terms of other platforms or services Plagiarize or submit AI-assisted work without proper permission or attribution - Interpretation (disclaimed): This segment enumerates additional specific prohibited fraudulent activities, including generating content for scams, phishing, or malware causing financial or psychological harm, creating falsified documents, developing deceptive products, generating fake reviews or media, and facilitating pyramid schemes or multi-level marketing with deceptive practices. - Tier: All - Location: Usage Policy › “Promote or facilitate the generation or distribution of spam” - Source: https://www.anthropic.com/legal/aup - Snapshot SHA-256: `14803ef6189dc1d0cd965845b0b6af7e3d3b54622129352f2d302d91dd7d29f0` - Wayback: — - Deep link: https://www.anthropic.com/legal/aup#:~:text=%20Generate%20content%20for,proper%20permission%20or%20attribution ### moderation enforcement — risk unknown > Except when you are accessing our Services via an Anthropic API Key or where we otherwise explicitly permit it, to access the Services through automated or non-human means, whether through a bot, script, or otherwise. To engage in any other conduct that restricts or inhibits any person from using or enjoying our Services, or that we reasonably believe exposes us—or any of our users, affiliates, or any other third party—to any liability, damages, or detriment of any type, including reputational harms. To rely upon the Services, the Materials, or the Actions to buy or sell securities or to provide or receive advice about securities, commodities, derivatives, or other financial products or services, as Anthropic is not a broker-dealer or a registered investment adviser under the securities laws of the United States or any other jurisdiction. - Interpretation (disclaimed): This segment restricts automated access to the Services except via API key, prohibits conduct that restricts other users' enjoyment or exposes Anthropic to liability, and prohibits using Services for securities trading decisions, constituting specific enforceable use restrictions. - Tier: All - Location: § 3 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Except%20when%20you,or%20any%20other%20jurisdiction. ### moderation enforcement — risk unknown > You also must not abuse, harm, interfere with, or disrupt our Services, including, for example, introducing viruses or malware, spamming or DDoSing Services, or bypassing any of our systems or protective measures. - Interpretation (disclaimed): This segment prohibits users from abusing, harming, interfering with, or disrupting the Services including introducing malware, spamming, DDoSing, or bypassing security measures, constituting an enforceable behavioral restriction. - Tier: All - Location: § 3 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20You%20also%20must,systems%20or%20protective%20measures. ### moderation enforcement — risk unknown > Department of Commerce Denied Persons List or Entity List, or (iv) any other restricted party lists. You represent and warrant that you and anyone accessing or using the Services on your behalf, or using your Account credentials, are not such persons or entities and are not located in any such country. Legal Compliance.  We may comply with governmental, court, and law enforcement requests or requirements relating to provision or use of the Services, or to information provided to or collected under our Terms. We reserve the right, at our sole discretion, to report information from or about you, including but not limited to Inputs, Outputs, or Actions to law enforcement. U.S. Government Use.  The Services were developed solely at private expense and are commercial computer software and commercial computer software documentation within the meaning of the applicable Federal Acquisition Regulations and their agency supplements. Accordingly, U.S. Government users of the Services will have only those rights that are granted to all other end users of the Services pursuant to these Terms. - Interpretation (disclaimed): This segment imposes a representation and warranty obligation on the user confirming they are not on restricted party lists, and grants the platform permission to comply with governmental and law enforcement requests and to report user information at its sole discretion, constituting an enforcement and disclosure obligation and permission. - Tier: All - Location: § 12 (General terms) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=Department%20of%20Commerce%20Denied,pursuant%20to%20these%20Terms. ### moderation enforcement — risk unknown > Third-Party Content is the responsibility of the person or entity that provides it to our Services. Anthropic is under no obligation to host or serve Third-Party Content. Third-Party Content may appear in Inputs or Outputs and become part of Materials. If you see any Third-Party Content you believe does not comply with these Terms, including by violating the Acceptable Use Policy or the law, you can report it to us. If we become aware that any Third-Party Content (1) infringes another’s copyright or any other intellectual property or related or neighboring right, (2) is in breach of these Terms or our Acceptable Use Policy, or (3) may cause harm to Anthropic, our users, or third parties, we reserve the right to remove or take down some or all of such Third-Party Content using, where appropriate, algorithmic and human review. You can learn more about our monitoring and enforcement, including how to appeal an account suspension or termination, in our T&S Support Center . - Interpretation (disclaimed): This segment establishes that third-party content responsibility lies with its provider, disclaims Anthropic's obligation to host such content, and creates a procedure for users to report non-compliant third-party content, including copyright-infringing or terms-violating material, enabling Anthropic to take enforcement action. - Tier: All - Location: § 8 (Content Moderation) - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Third-Party%20Content%20is,T%26S%20Support%20Center%20. ### moderation enforcement — risk unknown > It is in our legitimate interests and in the interest of Anthropic users to evaluate the use of the Services and adoption of new features to inform the development of future features and improve direction and development of the Services. Our research also benefits the AI industry and society: it investigates the safety, inner workings, and societal impact of AI models so that artificial intelligence has a positive impact on society as it becomes increasingly advanced and capable. To enforce our Terms of Service  and similar terms and agreements, including our Usage Policy . Identity and Contact Data - Interpretation (disclaimed): Articulates the legitimate interest rationale for research and model training purposes, then establishes a separate processing purpose to enforce Terms of Service and Usage Policy, permitting Anthropic to process Identity, Contact, and other data for policy enforcement against users. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,Identity%20and%20Contact%20Data ### moderation enforcement — risk unknown > To prevent and investigate fraud, abuse, and violations of our Usage Policy , unlawful or criminal activity, unauthorized access to or use of personal data or Anthropic systems and networks, to protect our rights and the rights of others, and to meet legal, governmental and institutional policy obligations Identity and Contact Data - Interpretation (disclaimed): This segment specifies the purpose of processing Identity and Contact Data to prevent and investigate fraud, abuse, and Usage Policy violations, protect Anthropic's rights, and meet legal obligations, establishing both legitimate interests and legal obligation as the bases for this enforcement-related processing activity. - Tier: All - Location: Privacy Policy › “Contract” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20To%20prevent%20and,Identity%20and%20Contact%20Data ### moderation enforcement — risk unknown > It is in our legitimate interests to protect our business, employees and users from illegal activities, inappropriate behavior or violations of terms that would be detrimental. We also have a duty to cooperate with authorities. - Interpretation (disclaimed): This segment articulates the legitimate interest and legal obligation rationale for processing personal data to protect the business, employees, and users from illegal activities and policy violations, justifying the dual legal bases for enforcement-related processing. - Tier: All - Location: Privacy Policy › “Legal obligation” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,cooperate%20with%20authorities.%20 ### moderation enforcement — risk unknown > It is in our legitimate interests to protect our business, employees and users from illegal activities, inappropriate behavior or violations of terms that would be detrimental. We also have a duty to cooperate with authorities. - Interpretation (disclaimed): This segment articulates the legitimate interests rationale for fraud prevention and enforcement processing, stating that it is in Anthropic's legitimate interests to protect its business, employees, and users from illegal activities, and that Anthropic has a duty to cooperate with authorities, thereby justifying the identified processing activities. - Tier: All - Location: Privacy Policy › “Legal obligation” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20It%20is%20in,cooperate%20with%20authorities.%20 ### moderation enforcement — risk unknown > In certain circumstances outside of the performance of our contract with you, we may rely on legitimate interests. It is in our legitimate interests to enforce the rules and policies governing use of our services, to maintain intended functionality and value for users. We aim to provide a safe, useful platform. - Interpretation (disclaimed): Explains that Anthropic may rely on legitimate interests for enforcement activities outside contractual performance, granting permission to use personal data to enforce platform rules and maintain service integrity. - Tier: All - Location: Privacy Policy › “Legitimate interests” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20In%20certain%20circumstances,safe%2C%20useful%20platform.%20 ### moderation enforcement — risk unknown > To prevent and investigate fraud, abuse, and violations of our Usage Policy , unlawful or criminal activity, unauthorized access to or use of personal data or Anthropic systems and networks, to protect our rights and the rights of others, and to meet legal, governmental and institutional policy obligations Identity and Contact Data - Interpretation (disclaimed): This segment identifies fraud prevention, abuse investigation, Usage Policy enforcement, and legal compliance as purposes for processing personal data, specifying Identity and Contact Data as a processed category and establishing the obligation to process such data for security and compliance purposes. - Tier: All - Location: Privacy Policy › “Contract” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=%20To%20prevent%20and,Identity%20and%20Contact%20Data ### tier differences — risk medium > This Privacy Policy explains how we collect, use, disclose, and process your personal data when you use our website and other places where Anthropic acts as a  data controller —for example, when you interact with Claude.ai or other products as a consumer for personal use (" Services ") or when Anthropic operates and provides our commercial customers and their end users with access to our commercial products, such as the Claude Team plan (“ Commercial Services ”). This Privacy Policy does not apply where Anthropic acts as a  data processor  and processes personal data on behalf of commercial customers using Anthropic’s Commercial Services – for example, your employer has provisioned you a Claude for Work account, or you're using an app that is powered on the back-end with Claude. In those cases, the commercial customer is the controller, and you can review their policies for more information about how they handle your personal data. - Interpretation (disclaimed): The policy distinguishes between Anthropic as controller (consumer/Claude.ai users) and Anthropic as processor (enterprise/employer-provisioned users). Enterprise end-users must look to their employer's privacy policy, not Anthropic's, for data rights—creating a potential gap in protections. - Tier: Enterprise - Location: Privacy Policy › “Privacy Policy \ Anthropic” - Source: https://www.anthropic.com/legal/privacy - Snapshot SHA-256: `68d25fe251e6a971fed543610f088cdce07e69d251a0d0a04b16eb114bfeeaf4` - Wayback: — - Deep link: https://www.anthropic.com/legal/privacy#:~:text=This%20Privacy%20Policy%20explains,handle%20your%20personal%20data. ### tier differences — risk unknown > Except as expressly provided in these Terms or where required by law, all payments are non-refundable. Please check your order carefully before confirming it, and see below for additional information about recurring charges for our subscriptions. Additional fees.  We may increase fees for our Services. If we charge additional fees in connection with our Services, we will give you an opportunity to review and accept the additional fees before you are charged. Also, additional fees may apply for additional Services or features of the Services that we may make available. If you do not accept any such additional fees, we may discontinue your access to the Services or features. You agree that we will not be held liable for any errors caused by third-party payment processors used to process fees paid by you to us. Subscriptions.  To access Claude Pro and other subscription services we may make available to individuals, you must sign up for a subscription with us (a “ Subscription ”), first by creating an Account, and then following the subscription procedure on our Services. When you sign up for a Subscription, you agree to these Terms. Subscription content, features, and services.  The content, features, and other services provided as part of your Subscription, and the duration of your Subscription, will be described in the order process. We may change the content, features, and other services from time to time, and we do not guarantee that any particular piece of content, feature, or other service will always be available through the Services. - Interpretation (disclaimed): This segment restricts refund rights by declaring payments non-refundable except as required by law or expressly provided, and establishes Anthropic's right to increase fees with prior notice and user opportunity to review, governing financial terms of paid tiers. - Tier: All - Location: § 6 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=Except%20as%20expressly%20provided,through%20the%20Services.%20 ### tier differences — risk unknown > Subscription term and automatic renewal.  If you sign up for a paid Subscription, we or the App Distributor will automatically charge your Payment Method on each agreed-upon periodic renewal date until you cancel. If your Subscription has a minimum term (the “ Initial Term ”), we will let you know during the order process. Your Subscription will last for the Initial Term and will automatically renew, and your Payment Method will be charged, at the end of the Initial Term for an additional term equal in duration to the Initial Term and will continue to renew and incur charges for additional terms equal in duration to the Initial Term (each such additional term, a “ Renewal Term ”) until you cancel. Subscription cancellation.  If you subscribed via our website, you may cancel your Subscription for any reason by using a method we may provide to you through our products—for example, for Claude Pro, in your customer portal—or by notifying us at support@anthropic.com . If you subscribed via an app, you’ll need to cancel via the App Distributor according to the App Distributor’s terms. Learn more here . To avoid renewal and charges for the next Renewal Term, cancel your subscription at least 24 hours before the last day of the Initial Term or any Renewal Term. For example, if you subscribe on January 25th for a Subscription with a one-month Initial Term, you must cancel the Subscription per the instructions by February 23rd (24 hours before February 24th) to avoid renewal and charges for the next Renewal Term. - Interpretation (disclaimed): This segment establishes automatic renewal obligations for paid subscriptions, requiring periodic charges to the Payment Method until cancellation, and defines Initial Term and Renewal Term duration, creating binding financial obligations for subscription tiers. - Tier: All - Location: § 6 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Subscription%20term%20and,next%20Renewal%20Term.%20 ### tier differences — risk unknown > In the event of a cancellation, your fees will not be refunded, but your access to the Services will continue through the end of the Initial Term or any Renewal Term for which you previously paid fees. Additional cancellation rights. If you are a resident of Brazil, Mexico, South Korea, or Taiwan, you have a legal right to change your mind and cancel the Subscription within 7 days of entering into the Subscription without giving a reason. To exercise the right to cancel in the 7-day cancellation period, you must inform us of your decision to cancel the Subscription by making a clear statement to us of such decision before the cancellation period has expired. The easiest way to do this is by cancelling your subscription in the customer portal, or you may contact us at support@anthropic.com. You may also use the model cancellation form in Appendix 1 of these Terms, but it is not obligatory. For further details on how to cancel, please see support.anthropic.com. We will acknowledge your cancellation, e.g., through our online customer portal or console. If you cancel the Subscription under Section 6(4)(a), we will reimburse you all payments received from you for the cancelled Subscription. We will make the reimbursement without undue delay, and not later than 14 days after the day on which we are informed about your decision to cancel the Subscription. We will make the reimbursement using the same means of payment as you used for the initial transaction; you will not incur any fees as a result of the reimbursement. - Interpretation (disclaimed): This segment grants users in Brazil, Mexico, South Korea, and Taiwan a legal right to cancel subscriptions within 7 days without reason, and establishes that upon cancellation access continues through the paid period without refund, creating jurisdiction-specific tier rights and cancellation procedures. - Tier: All - Location: § 6 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=In%20the%20event%20of,of%20the%20reimbursement.%20 ### tier differences — risk unknown > Evaluation and Additional Services. In some cases, we may permit you to evaluate our Services for a limited time or with limited functionality. Use of our Services for evaluation purposes are for your personal, non-commercial use only. You may need to accept additional terms to use certain Services. These additional terms will supplement our Terms for those Services and may change your rights or obligations for those Services, including your obligations to pay fees. - Interpretation (disclaimed): This segment restricts evaluation-period use to personal, non-commercial purposes only, and notes that additional terms may supplement or modify user rights and obligations for certain services including fee obligations, thereby defining limitations specific to evaluation tiers. - Tier: All - Location: § 2 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Evaluation%20and%20Additional,obligations%20to%20pay%20fees. ### tier differences — risk unknown > Subscription fees.  You will pay the fees, either to us or to the App Distributor, for the Initial Term and each subsequent Renewal Term up front, at the start of that Initial Term or Renewal Term, as applicable. We have the right to make changes to the fees applicable to your Subscription from time to time, although we will not make any change to the fees applicable to your Subscription during the current Initial Term or Renewal Term, as applicable. If these changes result in an increase in the fees payable by you, we will inform you at least 30 days in advance of the change. You agree to the increase in fees payable by you unless you cancel the Subscription, as described in the paragraph (Subscription cancellation) immediately above, before the Renewal Term to which the increase in fees will apply. - Interpretation (disclaimed): This segment imposes obligations on users to pay subscription fees upfront for each term, grants Anthropic the right to change subscription fees with 30 days' notice, and deems continued use after notice as acceptance of new fees, creating binding financial obligations for subscription tiers. - Tier: All - Location: § 6 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Subscription%20fees.%20You,in%20fees%20will%20apply. ### tier differences — risk unknown > If you would like to use the Services during the 7-day cancellation period, you may do so. If you have used the Services during the 7-day cancellation period, and wish to cancel the Subscription, you can still do so by following the process in Section (4)(a) above, but we may retain an amount which is in proportion to what has been provided until you have communicated us your withdrawal from these Terms, in comparison with the full coverage of the Subscription. The 7-day cancellation period will not reset if you change subscription tiers or cancel and then resubscribe, as you have already had an opportunity to test the Services. - Interpretation (disclaimed): This segment establishes the procedure for exercising the 7-day cancellation right during the cancellation period, including proportional retention of fees for Services used, and clarifies that the cancellation period does not reset upon tier changes or resubscription. - Tier: All - Location: § 6 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20If%20you%20would,to%20test%20the%20Services. ### tier differences — risk unknown > Please note: Our Commercial Terms of Service  govern your use of any Anthropic API key, the Anthropic Console , or any other Anthropic offerings that reference the Commercial Terms of Service. For clarity, this does not include Claude.ai or Claude Pro use for individuals or entities. - Interpretation (disclaimed): This segment defines the boundary between consumer and commercial use terms, clarifying that the Commercial Terms of Service govern API key and Console use while excluding Claude.ai and Claude Pro individual use, thereby defining distinct service tiers with different governing documents. - Tier: All - Location: Terms of Service › “Consumer Terms of Service \ Anthropic” - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Please%20note%3A%20Our,individuals%20or%20entities.%20 ### tier differences — risk unknown > Fees and billing.  You may be required to pay us fees to access or use our Services or certain features of our Services. You are responsible for paying any applicable fees listed for the Services on the Model Pricing Page unless otherwise communicated to you by Anthropic in writing. If you purchase access to our Services or features of our Services, you must provide complete and accurate billing information (“ Payment Method ”). You agree that we may charge the Payment Method for any applicable fees listed on our Services and any applicable tax. If the fees for these Services or features are specified to be recurring or based on usage, you agree that we may charge these fees and applicable taxes to the Payment Method on a periodic basis. If you purchase access to our Services through a distributor (e.g. an app store) ( “App Distributor” ), then you will make payment to the App Distributor, and the App Distributor’s terms in relation to payment methods, billing, and refunds will apply instead of these Terms. - Interpretation (disclaimed): This segment imposes obligations on users to pay applicable fees, provide accurate billing information, and authorizes Anthropic to charge the Payment Method for fees and taxes, establishing the financial obligations tied to paid service tiers. - Tier: All - Location: § 6 - Source: https://www.anthropic.com/legal/consumer-terms - Snapshot SHA-256: `302af768945b9867a7fa2a9480b1fdc80d85c227ffaf671e19ee2025428d0705` - Wayback: — - Deep link: https://www.anthropic.com/legal/consumer-terms#:~:text=%20Fees%20and%20billing.,instead%20of%20these%20Terms. --- # GRC Risk Assessment — Grok (xAI) - Platform: **Grok (xAI)** (xai-grok) - Headline risk rating: **MEDIUM** - Website: https://x.ai/grok - Generated: 2026-06-14T10:10:05.481Z - Findings (verified, published): **206** > Every assertion is anchored to a verbatim quote with a SHA-256 snapshot hash and a Wayback archive URL for independent verification. Informational only; not legal advice. ## Control crosswalk (NIST AI RMF 1.0 + ISO/IEC 42001) | Surface | Risk | Confidence | NIST AI RMF | ISO/IEC 42001 | |---|---|---|---|---| | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | medium | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | medium | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | ## Evidence (verbatim, with provenance) ### training use — risk unknown > Using the Service or any Output to develop models or services that compete with xAI, scraping or reselling any Input or Output, or distilling model data - Interpretation (disclaimed): This segment explicitly prohibits using the Service or any Output to develop competing models or services, scraping or reselling any Input or Output, or distilling model data, directly restricting competitive training use and commercial exploitation of AI outputs. - Tier: All - Location: Terms of Service › “Using our Service” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Using%20the%20Service,or%20distilling%20model%20data ### training use — risk unknown > Our Use of User Content. You grant, an irrevocable, perpetual, transferable, sublicensable, royalty-free, and worldwide right to xAI to use, copy, store, modify, distribute, reproduce, publish, display in public forums, list information regarding, make derivative works of, and aggregate your User Content and derivative works thereof for any purpose, including but not limited: (i) to maintain and provide the Service; (ii) to improve our products and the Service and for our other business purposes, such as data analysis, customer and market research, developing new products or features, or identifying or displaying usage or User Content trends; and (iii) to perform such other actions to enforce these Terms, comply with our Privacy Policy, comply with applicable law, or keep our Service safe. - Interpretation (disclaimed): This segment grants xAI an irrevocable, perpetual, transferable, sublicensable, royalty-free, worldwide license to use, copy, store, modify, distribute, reproduce, publish, and make derivative works of User Content for any purpose including maintaining and improving the Service, data analysis, and developing new products or features. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Our%20Use%20of,keep%20our%20Service%20safe. ### training use — risk unknown > Electing whether your User Content is used for product development or model training. When logged into our Service, you can select whether or not you want us to use your User Content to improve our products and services and train our models. Private Chat and User Content that you request to be deleted will be queued for deletion, which may take up to 30 days. Where available, you may access our Service without logging in; when doing so, where permitted, you grant us full rights to use any data you provide to or obtain from our Service for product development and model training purposes. Further details are available in our Privacy Policy and Consumer FAQs . - Interpretation (disclaimed): This segment describes the procedure by which logged-in users may opt in or out of having their User Content used for model training and product development, specifies a deletion queue of up to 30 days, and grants full training rights to xAI for unauthenticated users where permitted. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Electing%20whether%20your,and%20Consumer%20FAQs%20. ### training use — risk unknown > How we may use it: To provide, analyze, and maintain our Service; to provide support and assistance in relation to our Service; to develop and improve our Service and to conduct research; to ensure the security and integrity of our Service; for legal purposes. - Interpretation (disclaimed): Enumerates permitted uses of User Content including service provision, research, development and improvement of the Service, and legal purposes—explicitly authorizing use of prompts and outputs for model training and improvement activities. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,Service%3B%20for%20legal%20purposes. ### training use — risk unknown > How we may use it: To provide, analyze, and maintain our Service; to provide support and assistance in relation to our Service; to develop and improve our Service and to conduct research; to ensure the security and integrity of our Service; for legal purposes. - Interpretation (disclaimed): Enumerates permitted uses of Feedback Data including service improvement, research, and development—authorizing the use of user feedback signals for model training and enhancement purposes. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,Service%3B%20for%20legal%20purposes. ### training use — risk unknown > Publicly Available Data: We use information that is publicly available on the internet to train our models and provide resulting Output. While we do not intentionally seek out personal information, we understand that there is personal information incidentally included in these datasets. For more information on the sources of information used in the development and operation of our large language models, see our Consumer FAQs . - Interpretation (disclaimed): Discloses that publicly available internet data, which may incidentally include personal information, is used to train AI models and generate outputs, and references a Consumer FAQ for further sourcing details, imposing a transparency obligation. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Publicly%20Available%20Data%3A,our%20Consumer%20FAQs%20. ### training use — risk unknown > Google Apps Using Google OAuth : For users who opt to connect to Google Apps via Google OAuth, xAI shall not use any Google Apps content for any of its internal AI or other training purposes (such as training its machine learning models), including developing new products or services based on such content. - Interpretation (disclaimed): Restricts xAI from using any Google Apps content accessed via Google OAuth for internal AI training, machine learning model training, or development of new products or services, creating a categorical prohibition on training use of that data. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Google%20Apps%20Using,based%20on%20such%20content. ### training use — risk unknown > To develop and improve our Service and to conduct research: For example to develop new product features, to train our models, to identify usage trends, to operate and expand our business activities, to identify new customers, and for data analysis. - Interpretation (disclaimed): Explicitly permits use of personal information to train AI models, develop new features, conduct research, identify usage trends, and expand business activities, establishing broad training and development rights. - Tier: All - Location: § 3 (How we may use personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20To%20develop%20and,and%20for%20data%20analysis. ### training use — risk unknown > For more information on your rights with respect to data we use to train our models, please read our Consumer FAQs . - Interpretation (disclaimed): This segment incorporates by reference xAI's Consumer FAQs for information about users' rights with respect to data used for model training, directing users to a separate document for operative rights and obligations in that context. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20For%20more%20information,our%20Consumer%20FAQs%20. ### prompt ownership — risk unknown > You Own Your User Content. You may provide input (e.g., text, audio, images, video, code, files, folders, drives, etc.) to the Service (” Input ”) and receive output from the Service (excluding output from Grokipedia) based on the Input (” Output ”). Collectively, Input and Output are “ User Content .” You are responsible for User Content, including ensuring that it does not violate any applicable law or these Terms. You represent and warrant that you have all rights, licenses, and permissions needed to provide Input to our Service. To the extent permitted by applicable law, and as between you and xAI, you retain your ownership rights to the User Content. You are responsible and accept liability for the User Content. We ask that when using Output, you attribute the Service as having generated the Output, as detailed in our Brand Guidelines . - Interpretation (disclaimed): This segment affirms that users own their User Content and establishes user representations and warranties that they hold all necessary rights to provide Input, while also asserting ownership rights as between the user and xAI to the extent permitted by law. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20You%20Own%20Your,our%20Brand%20Guidelines%20. ### prompt ownership — risk unknown > Feedback. To the extent you provide us any suggestions, recommendations, or other feedback relating to the Service or to any other xAI products or services (collectively, “ Feedback ”), you hereby assign to us all rights (including all intellectual property rights), title, and interest in and to the Feedback. Accordingly, we are free to use the Feedback and any ideas, know-how, concepts, techniques, and/or other intellectual property contained in the Feedback, without providing any attribution or compensation to you, for any purpose whatsoever. We are not required to use any Feedback. - Interpretation (disclaimed): This segment effects a full assignment of all intellectual property rights in user Feedback to xAI, permitting xAI to use Feedback for any purpose without attribution or compensation, and disclaims any obligation to use submitted Feedback. - Tier: All - Location: Terms of Service › “xAI's Intellectual Property Rights” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Feedback.%20To%20the,to%20use%20any%20Feedback. ### prompt ownership — risk unknown > User Content: You may provide personal information in prompts and other content you input, such as files, images, audio, voice, video, and other material (“Input”). Outputs of the Service (“Output”), including responses Grok generates, are based on your Input (together, "User Content"). If you include personal information in Inputs you provide to the Service, this information may be reproduced in the Output. - Interpretation (disclaimed): Defines 'User Content' to encompass Inputs (prompts, files, images, audio, video) and Outputs (Grok responses), and notes that personal information included in Inputs may be reproduced in Outputs, establishing the key definitional scope for user-generated content and its relationship to service outputs. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20User%20Content%3A%20You,reproduced%20in%20the%20Output. ### output ownership — risk unknown > Our Service may provide incomplete, incorrect, or offensive Output that does not represent xAI's views. Outputs are not meant to endorse a person or third-party's views. - Interpretation (disclaimed): This segment disclaims that Output may be incomplete, incorrect, or offensive and does not represent xAI's views, and clarifies that Output does not constitute endorsement of any person's or third party's views. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Our%20Service%20may,person%20or%20third-party's%20views. ### output ownership — risk unknown > Accuracy. Artificial intelligence is rapidly evolving and is probabilistic in nature; therefore, it may sometimes: a) result in Output that contains “hallucinations,” b) be offensive, c) not accurately reflect real people, places or facts, or d) be objectionable, inappropriate, or otherwise not suitable for your intended purpose. - Interpretation (disclaimed): This segment disclaims accuracy of AI-generated Output, warning users that outputs may contain hallucinations, be offensive, fail to reflect facts accurately, or be otherwise unsuitable, thereby limiting xAI's representations about Output quality. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Accuracy.%20Artificial%20intelligence,for%20your%20intended%20purpose. ### output ownership — risk unknown > Similarity of content. Due to the nature of artificial intelligence, outputs may not be unique, and different users may receive similar output from our Service. Your rights to the Output do not extend to other's rights. - Interpretation (disclaimed): This segment limits the user's ownership rights in Output by noting that outputs may not be unique and that a user's rights do not extend to similar outputs received by other users, restricting the scope of any proprietary claim in generated content. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Similarity%20of%20content.,extend%20to%20other's%20rights. ### output ownership — risk unknown > Output may not always be accurate. Output from our services is not professional advice. You should conduct your own thorough research and should not rely on Output as the truth. - Interpretation (disclaimed): This segment disclaims that Output is not professional advice and may be inaccurate, instructing users to conduct independent research, thereby limiting xAI's liability for reliance on generated content. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Output%20may%20not,Output%20as%20the%20truth. ### output ownership — risk unknown > We own our Service. We and our affiliates own all rights, title, and interest in and to the Service. - Interpretation (disclaimed): This segment asserts that xAI and its affiliates own all rights, title, and interest in and to the Service, establishing xAI's proprietary claim over the platform distinct from user-generated content. - Tier: All - Location: Terms of Service › “xAI's Intellectual Property Rights” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20We%20own%20our,and%20to%20the%20Service. ### commercial use — risk unknown > What you can do. Subject to your compliance with these Terms, you may access and use our Service. You must comply with all applicable laws as well as our Acceptable Use Policy and any other documentation, guidelines, or policies we make available to you, including on our website . - Interpretation (disclaimed): This segment grants users a conditional permission to access and use the Service subject to compliance with the Terms, Acceptable Use Policy, applicable laws, and other published guidelines, establishing the scope of the license to use the Service. - Tier: All - Location: Terms of Service › “Using our Service” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20What%20you%20can,on%20our%20website%20. ### commercial use — risk unknown > Modifying, copying, leasing, selling, reselling, distributing, distilling, manipulating, using bots to access, reverse engineering, or decompiling our Service - Interpretation (disclaimed): This segment prohibits users from modifying, copying, leasing, selling, reselling, distributing, distilling, manipulating, using bots to access, reverse engineering, or decompiling the Service, restricting a broad range of commercial and technical exploitation of xAI's platform. - Tier: All - Location: Terms of Service › “Using our Service” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Modifying%2C%20copying%2C%20leasing%2C,or%20decompiling%20our%20Service ### commercial use — risk unknown > Grokipedia License . Grokipedia content and material is designated as Material subject to the xAI Community License Agreement ( https://huggingface.co/xai-org/grok-2/blob/main/LICENSE ). Certain Grokipedia content may also be subject to Creative Commons Attribution-ShareAlike 4.0 International License ("CC BY-SA 4.0"). - Interpretation (disclaimed): This segment incorporates by reference the xAI Community License Agreement and the CC BY-SA 4.0 license as governing terms for Grokipedia content, establishing third-party license obligations that restrict or condition commercial and derivative use. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Grokipedia%20License%20.,License%20(%22CC%20BY-SA%204.0%22). ### commercial use — risk unknown > To use any mobile App, you must have a mobile device that is compatible with such App. xAI does not warrant that any App will be compatible with your mobile device. You may use mobile data in connection with an App and may incur additional charges from your wireless provider in connection with such App. You understand and acknowledge that you are solely responsible for any such charges. Mobile Apps may update automatically to ensure you are using the latest version. We hereby grant you a non-exclusive, limited, non-transferable, and freely revocable license to use a compiled code copy of the App(s) under your User Account on one (1) or more mobile devices owned or controlled solely by you (except to the extent Apple or Google permits any shared access and/or use of the iOS App or Android App (as each of those terms is defined below), respectively), solely in accordance with these Terms. The foregoing license grant is not a sale of any App or of any copy thereof. You consent to such automatic upgrading on your mobile device. - Interpretation (disclaimed): Grants users a non-exclusive, limited, non-transferable, revocable license to use a compiled code copy of the mobile app, while notifying users of their sole responsibility for wireless carrier charges and the app's automatic update behavior. - Tier: All - Location: Terms of Service › “Mobile App Specific Terms” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20To%20use%20any,on%20your%20mobile%20device. ### privacy data use — risk unknown > Please read our Privacy Policy , which describes how we collect, use and disclose personal information. Although it does not form part of these Terms, it is an important document you should read. - Interpretation (disclaimed): This segment directs users to the Privacy Policy, which describes how xAI collects, uses, and discloses personal information; it incorporates that document by reference as an important companion instrument, even while noting it does not form part of these Terms. - Tier: All - Location: Terms of Service › “Welcome to xAI!” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Please%20read%20our,document%20you%20should%20read. ### privacy data use — risk unknown > Logging in through a third-party service. By choosing to login to our Service by using a third-party service, such as Google, Apple, or X, you give us permission to access, use, and store your information from that service, as permitted by that service, which may include log-in credentials and/or access tokens for that service. If connecting to our Service using your X credentials, you may elect (opt-in) to bring your X user profile (including date of birth), X account and location information, X preferences, X post history (your X posts viewable on your X account including posts to and from all accounts (public or protected) that you can view), X usage data, and your Grok in X conversation history to your xAI account. - Interpretation (disclaimed): This segment grants xAI permission to access, use, and store information from third-party login services (Google, Apple, X), including credentials and access tokens, and describes the optional user-initiated opt-in to import X profile data (date of birth, location, preferences, post history), constituting a data collection and use authorization. - Tier: All - Location: Terms of Service › “Registration and Access” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Logging%20in%20through,to%20your%20xAI%20account. ### privacy data use — risk unknown > Usage data relating to our Service. We may collect, or you may provide to us, diagnostic, technical, usage, and/or related information, including information about your computers, mobile devices, systems, and software (collectively, “ Usage Data ”). All Usage Data is and will be owned solely and exclusively by us, and, to the extent any ownership rights in or to the Usage Data vest in you, you hereby assign to us all rights (including intellectual property rights), title, and interest in and to the same. Accordingly, we may use, maintain, and/or process the Usage Data or any portion thereof for any lawful purpose, including, without limitation: (a) to provide and maintain the Service; (b) to improve or develop our products and services; (c) to monitor your usage of the Service; (d) for research and analytics, including, without limitation, data analysis, identifying usage trends, and/or customer or market research; and (e) to share analytics and other derived Usage Data with third-parties. - Interpretation (disclaimed): This segment establishes xAI's exclusive ownership of Usage Data including diagnostic, technical, and usage information collected from users, and effects an assignment of any user ownership interests in such data to xAI, permitting xAI to use, maintain, and process that data. - Tier: All - Location: Terms of Service › “xAI's Intellectual Property Rights” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Usage%20data%20relating,Usage%20Data%20with%20third-parties. ### privacy data use — risk unknown > Privacy. We care about your privacy. By using the Service, you acknowledge that we may collect, use, and disclose your personal information and aggregated, pseudonymized, and/or de-identified data as set forth in our Privacy Policy , and that your personal information will be transferred to, and/or processed in, the United States. - Interpretation (disclaimed): This segment disclaims any guarantee of security against unauthorized access or misuse of user data, places the risk of data provision on the user, and establishes obligations on the user to immediately notify xAI of security breaches and secure their account. - Tier: All - Location: Terms of Service › “Privacy and Data Security” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Privacy.%20We%20care,in%2C%20the%20United%20States. ### privacy data use — risk unknown > We use age assurance measures to determine whether users in Australia are under 18. Until we are able to determine if a user is 18 or over, they may not be able to access 18+ adult content. - Interpretation (disclaimed): Describes xAI's use of age assurance measures for Australian users to determine whether users are under 18, restricting access to 18+ adult content until majority is confirmed, in compliance with Australian online safety age-verification obligations. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20We%20use%20age,access%2018%2B%20adult%20content. ### privacy data use — risk unknown > At X.AI LLC (" xAI ", " our ", " us " or " we "), we value your privacy and are committed to being fair, accountable, and transparent in how we handle your personal information. Our Privacy Policy outlines how we collect, use, and disclose your personal information when you use our websites and applications (the Grok mobile app ( iOS or Android ) or the Grok.com website), and other xAI services (our " Service "). It also describes your privacy rights. - Interpretation (disclaimed): Introductory clause declaring xAI's commitment to fair, accountable, and transparent handling of personal information, and defining the scope of the Privacy Policy including collection, use, and disclosure of personal information across xAI's websites, apps, and services. - Tier: All - Location: Privacy Policy › “Effective: April 4, 2026 ( previous version )” - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20At%20X.AI%20LLC,describes%20your%20privacy%20rights. ### privacy data use — risk unknown > This Privacy Policy does not apply to data that we process on behalf of customers of our business offerings, such as the xAI API, or to any employment-related personal information processed in consideration of employment with xAI. This Privacy Policy also does not apply if you access our Service through a third-party’s service. In that case, the third-party’s privacy policy would apply. For example, your use of X (previously Twitter), including use of Grok on the X platform, is governed by the X Privacy Policy and X Terms , not this xAI Privacy Policy. - Interpretation (disclaimed): Carves out specific categories of data processing from the Privacy Policy's scope—business customer data (e.g., xAI API), employment-related data, and data accessed via third-party services—restricting this policy's application and directing users to applicable third-party policies. - Tier: All - Location: Privacy Policy › “Effective: April 4, 2026 ( previous version )” - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20This%20Privacy%20Policy,this%20xAI%20Privacy%20Policy. ### privacy data use — risk unknown > For details about our use of cookies, please read our Cookie Policy . - Interpretation (disclaimed): Cross-references the Cookie Policy for detailed information on cookie use, incorporating that document by reference into the privacy framework. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20For%20details%20about,our%20Cookie%20Policy%20. ### privacy data use — risk unknown > Monitor, evaluate and optimize the use and operation of our Site and applications; and - Interpretation (disclaimed): Permits use of cookie and tracking data to monitor, evaluate, and optimize the operation of the site and applications. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Monitor%2C%20evaluate%20and,Site%20and%20applications%3B%20and ### privacy data use — risk unknown > We ask that you do NOT include personal information in your prompts and inputs into our Service; however, we cannot control what you provide to us. - Interpretation (disclaimed): Requests that users refrain from including personal information in prompts and acknowledges xAI cannot control what users provide, creating a notice-of-risk obligation and limiting xAI's responsibility for user-submitted personal data. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20We%20ask%20that,provide%20to%20us.%20 ### privacy data use — risk unknown > We may collect personal information from you and about you. Some examples of the information we may collect, how we may collect it, how we may use it, and how we may disclose it are described below. - Interpretation (disclaimed): Introduces the categories of personal information xAI may collect and signals the structure of the disclosure section below, framing the scope of data collection practices. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20We%20may%20collect,it%20are%20described%20below. ### privacy data use — risk unknown > Account Data: If you create an account with us, we collect your name, contact information, account credentials, and date of birth. Also, to access certain features of the Service, we will collect your date of birth before you may proceed. If you log into our Service using a third-party service, such as X, Google, or Apple, that third-party will send your information to us at your direction. For example, if you use your existing X credentials to log into an xAI mobile app or website, you may choose to direct X to share the following information with us: your X public profile (including profile image), X username, numeric X ID, your date of birth, whether you are subscribed to X Premium, and your Grok on X conversation history. - Interpretation (disclaimed): Defines Account Data as a category of personal information collected, specifying the types of data gathered (name, contact info, credentials, date of birth) and the sources including third-party login services such as X, Google, and Apple, establishing xAI's collection practices. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Account%20Data%3A%20If,on%20X%20conversation%20history. ### privacy data use — risk unknown > How we may collect it: Directly from you or from a third-party (ex., X, Google, or Apple). - Interpretation (disclaimed): Specifies the collection method for Account Data (directly from user or via third-party services), providing procedural context for how Account Data is obtained. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,X%2C%20Google%2C%20or%20Apple). ### privacy data use — risk unknown > How we may use it: To provide, analyze, and maintain our Service; to provide support and assistance in relation to our Service; to develop and improve our Service and to conduct research; to communicate with you; to ensure the security and integrity of our Service; for legal purposes. - Interpretation (disclaimed): Enumerates the permitted purposes for which Account Data may be used, including service provision, support, research and development, communications, security, and legal purposes, constituting a grant of permission for those uses. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,Service%3B%20for%20legal%20purposes. ### privacy data use — risk unknown > Payment Data: Where payment is required to access the Service (ex., if you are paying for a subscription), we may have a third-party process payment information, such as payment card information, and details regarding your transactions for us. - Interpretation (disclaimed): Defines Payment Data as a category of personal information and describes how payment processing is handled via third-party processors, establishing the scope and nature of financial data collection. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Payment%20Data%3A%20Where,your%20transactions%20for%20us. ### privacy data use — risk unknown > How we may use it: To provide, analyze, and maintain our Service; to provide support and assistance in relation to our Service; to ensure the security and integrity of our Service; for legal purposes. - Interpretation (disclaimed): Enumerates permitted uses of Payment Data including service provision, support, security, and legal purposes, granting explicit permission for those processing activities. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,Service%3B%20for%20legal%20purposes. ### privacy data use — risk unknown > Communication Data: If you communicate with us, such as by email, by our webpages, or on social media sites, we may collect personal information that you submit to us including your name, user name, email address, any other information you voluntarily choose to provide us, and the contents of messages you send. - Interpretation (disclaimed): Defines Communication Data as a category of personal information collected when users contact xAI, specifying the types of data (name, username, email, message contents) and channels of collection. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Communication%20Data%3A%20If,of%20messages%20you%20send. ### privacy data use — risk unknown > How we may collect it: Directly from you. - Interpretation (disclaimed): States that Communication Data is collected directly from the user, establishing the source and collection method for this data category. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,it%3A%20Directly%20from%20you. ### privacy data use — risk unknown > Analyze traffic on our sites and on third-party sites. - Interpretation (disclaimed): Permits use of cookie and tracking data to analyze traffic on xAI's sites and on third-party sites. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Analyze%20traffic%20on,and%20on%20third-party%20sites. ### privacy data use — risk unknown > How we may use it: To provide, analyze, and maintain our Service; to provide support and assistance in relation to our Service; to develop and improve our Service and to conduct research; to communicate with you; to ensure the security and integrity of our Service; for legal purposes. - Interpretation (disclaimed): Enumerates permitted uses of Communication Data including service provision, research, communications, security, and legal purposes, constituting explicit authorization for those processing activities. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,Service%3B%20for%20legal%20purposes. ### privacy data use — risk unknown > How we may collect it: Directly from you. - Interpretation (disclaimed): States that User Content (Inputs) is collected directly from the user, establishing the source of this data category. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,it%3A%20Directly%20from%20you. ### privacy data use — risk unknown > Feedback Data: Where applicable, we will collect your Feedback (as defined in our Terms of Service). This might arise if, for example, in a given conversation with Grok, you rate an Output using the thumbs-up/thumbs-down icons. - Interpretation (disclaimed): Defines Feedback Data as a category of personal information, referencing the Terms of Service definition and providing an illustrative example (thumbs-up/thumbs-down ratings), establishing scope and linking to contractual definitions. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Feedback%20Data%3A%20Where,using%20the%20thumbs-up%2Fthumbs-down%20icons. ### privacy data use — risk unknown > How we may collect it: Directly from you. - Interpretation (disclaimed): States that Feedback Data is collected directly from the user, establishing the collection method for this data category. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,it%3A%20Directly%20from%20you. ### privacy data use — risk unknown > Social Media Information: We have pages on social media sites like Instagram, Facebook, Medium, X, YouTube, and LinkedIn. When you interact with our social media pages, we collect personal information that you choose to provide to us. In addition, the companies that host our social media pages may provide us with aggregate information and analytics about our social media activity. - Interpretation (disclaimed): Defines Social Media Information as a category of personal information collected through xAI's social media presence, specifying the types of data (user-provided content and aggregate analytics from platform hosts) and collection channels. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Social%20Media%20Information%3A,our%20social%20media%20activity. ### privacy data use — risk unknown > How we may use it: To provide, analyze, and maintain our Service; to provide support and assistance in relation to our Service; to develop and improve our Service and to conduct research; to communicate with you; to ensure the security and integrity of our Service; for legal purposes. - Interpretation (disclaimed): Enumerates permitted uses of Social Media Information including service provision, research, communications, and legal purposes, constituting explicit authorization for those processing activities. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,Service%3B%20for%20legal%20purposes. ### privacy data use — risk unknown > Technical Data: Technical data includes information such as your IP address, device type, country from which you access, analytics information, browser type and version, browser plug-in types and versions, and operating system. This may also include information about your use of the Service and how you interact with the Service, including the types of content you view or engage with, the features you use, pages you view and your Grok conversation history. - Interpretation (disclaimed): Defines Technical Data as a category encompassing IP address, device type, country, analytics, browser information, usage patterns, and conversation history, establishing the scope of automated data collection. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Technical%20Data%3A%20Technical,your%20Grok%20conversation%20history. ### privacy data use — risk unknown > How we may collect it: Automatically when you use or interact with the Service, including through analytics tools. - Interpretation (disclaimed): States that Technical Data is collected automatically through the use of the Service and analytics tools, establishing the automated collection method for this data category. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,including%20through%20analytics%20tools. ### privacy data use — risk unknown > How we may use it: To provide, analyze, and maintain our Service; to provide support and assistance in relation to our Service; to develop and improve our Service and to conduct research; to communicate with you; to ensure the security and integrity of our Service; for legal purposes. - Interpretation (disclaimed): Enumerates permitted uses of Technical Data including service provision, research, development, communications, security, and legal purposes, granting explicit authorization for those processing activities. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,Service%3B%20for%20legal%20purposes. ### privacy data use — risk unknown > Location data: We may determine the general area from which your device accesses our Services based on information like its IP address. Also, you may choose to provide more precise location information, such as your address, your device’s GPS location, or location information from third-party services that you use. We obtain your consent prior to collecting precise location information. - Interpretation (disclaimed): Describes the collection of location data including IP-based general location and precise location (GPS, address), and imposes a consent obligation on xAI prior to collecting precise location information, establishing both the data collection practice and a procedural consent requirement. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Location%20data%3A%20We,collecting%20precise%20location%20information. ### privacy data use — risk unknown > How we may collect it: Directly from you or from third-party services that you use. - Interpretation (disclaimed): Identifies the methods by which personal information is collected — directly from the user or via third-party services — establishing the procedural basis for data collection under the privacy framework. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,services%20that%20you%20use. ### privacy data use — risk unknown > How we may use it: To provide, analyze, and maintain our Service; to provide support and assistance in relation to our Service; to develop and improve our Service and to conduct research; to communicate with you; to ensure the security and integrity of our Service; for legal purposes. - Interpretation (disclaimed): Enumerates the permissible purposes for which collected personal information may be used, including service provision, improvement, research, communications, security, and legal compliance. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,Service%3B%20for%20legal%20purposes. ### privacy data use — risk unknown > How we may collect it: From publicly available resources and providers. - Interpretation (disclaimed): Specifies that publicly available data is collected from publicly available resources and providers, describing the procedural source of that data category. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,available%20resources%20and%20providers. ### privacy data use — risk unknown > How we may use it: To provide, analyze, and maintain our Service; to develop and improve our Service and to conduct research; to ensure the security and integrity of our Service; for legal purposes. - Interpretation (disclaimed): Lists the permissible uses of publicly available data including service provision, improvement, research, security, and legal purposes. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,Service%3B%20for%20legal%20purposes. ### privacy data use — risk unknown > Public X Posts and Internet Search Data: The Service uses public posts shared on X, engagement data such as number of followers, and number of views, likes, reposts, shares, and replies and internet search results. In some instances, this data may include personal information. - Interpretation (disclaimed): Defines the category of 'Public X Posts and Internet Search Data' used by the service, describing its composition (public posts, engagement metrics, search results) and noting it may include personal information. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Public%20X%20Posts,may%20include%20personal%20information. ### privacy data use — risk unknown > How we may collect it: Public X posts are provided by X and internet search data is provided by internet search providers. - Interpretation (disclaimed): Describes the procedural sources of public X posts (from X) and internet search data (from search providers), establishing collection origins for this data category. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,by%20internet%20search%20providers. ### privacy data use — risk unknown > The right to be free from discrimination for exercising the rights afforded to you under applicable privacy laws. - Interpretation (disclaimed): This segment grants users the right to be free from discrimination for exercising their privacy rights under applicable privacy laws, creating a non-retaliation protection. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20The%20right%20to,under%20applicable%20privacy%20laws. ### privacy data use — risk unknown > How we may use it: To provide, analyze, and maintain our Service; to provide support and assistance in relation to our Service; to develop and improve our Service and to conduct research; to ensure the security and integrity of our Service; for legal purposes. - Interpretation (disclaimed): Enumerates the permissible uses of public X posts and internet search data, including service provision, support, improvement, research, security, and legal purposes. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,Service%3B%20for%20legal%20purposes. ### privacy data use — risk unknown > Cookies and Similar Technologies : We and our service providers use cookies and other similar technologies to operate and improve our Services. This data obtained from these cookies and similar technologies may be used for several different purposes, including to: - Interpretation (disclaimed): Grants permission for xAI and its service providers to use cookies and similar tracking technologies to operate and improve services, and introduces the enumerated purposes that follow. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Cookies%20and%20Similar,different%20purposes%2C%20including%20to%3A ### privacy data use — risk unknown > Provide useful features to simplify your experience with our Services; - Interpretation (disclaimed): Permits the use of cookie and tracking data to simplify and enhance user experience features within the service. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Provide%20useful%20features,experience%20with%20our%20Services%3B ### privacy data use — risk unknown > Deliver relevant content and targeted advertising; - Interpretation (disclaimed): Permits use of cookie-derived data to deliver relevant content and targeted advertising to users. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Deliver%20relevant%20content%20and%20targeted%20advertising%3B ### privacy data use — risk unknown > We do not aim to collect sensitive personal information (ex., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometric scans, criminal background, or trade union membership) and ask that you do not provide us with any such information. In addition, in relation to Grok's training, xAI does not process training data for the purposes of inferring or deriving any sensitive or special category data about individuals, and we do not actively seek out data sources that include sensitive or special category data, nor is any uploaded image used for identification purposes. - Interpretation (disclaimed): Restricts xAI from intentionally collecting sensitive personal information and prohibits use of training data to infer or derive sensitive or special category data about individuals, and restricts use of uploaded images for such purposes. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20We%20do%20not,used%20for%20identification%20purposes. ### privacy data use — risk unknown > We may use your personal information for a variety of purposes. Below, you will find examples and additional information regarding how we may use your personal information. - Interpretation (disclaimed): Introductory statement signaling that the following clauses will enumerate the various permitted purposes for using personal information, functioning as a definitional framing clause. - Tier: All - Location: § 3 (How we may use personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20We%20may%20use,use%20your%20personal%20information. ### privacy data use — risk unknown > To provide, analyze, and maintain our Service: For example, to respond to your Inputs (including when you type text prompts or when you give spoken prompts) to Grok or to process payments for subscriptions to our Service. - Interpretation (disclaimed): Permits use of personal information, including text and spoken prompts and payment data, to provide, analyze, and maintain the service, with concrete examples of permissible processing activities. - Tier: All - Location: § 3 (How we may use personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20To%20provide%2C%20analyze%2C,subscriptions%20to%20our%20Service. ### privacy data use — risk unknown > To provide support and assistance in relation to our Service: For example, to troubleshoot problems and to provide customer support. - Interpretation (disclaimed): Permits use of personal information to provide support and customer assistance, including troubleshooting, in relation to the service. - Tier: All - Location: § 3 (How we may use personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20To%20provide%20support,to%20provide%20customer%20support. ### privacy data use — risk unknown > To communicate with you: For example, to send you information about our Service, events, or changes to the Service. This may include sending you non-promotional emails, such as emails about your Grok access, legally required notices, or our ongoing business relations. - Interpretation (disclaimed): Permits use of personal information to communicate with users, including sending non-promotional service emails and legally required notices. - Tier: All - Location: § 3 (How we may use personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20To%20communicate%20with,our%20ongoing%20business%20relations. ### privacy data use — risk unknown > To ensure the security and integrity of our Service: For example, to protect the security of our Services and to detect and prevent fraud, unauthorized use, unlawful activity, and other misuses of our Service. - Interpretation (disclaimed): Permits use of personal information to protect service security and detect and prevent fraud, unauthorized use, and misuse, establishing a security-purpose processing right. - Tier: All - Location: § 3 (How we may use personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20To%20ensure%20the,misuses%20of%20our%20Service. ### privacy data use — risk unknown > For legal purposes: For example, to comply with our legal obligations and to protect the rights, privacy, safety, or property of our users, xAI, or third-parties. This may include detecting what country you are located in so we can comply with relevant legal obligations. - Interpretation (disclaimed): Permits use of personal information for legal compliance purposes, including protecting rights and safety of users and xAI, and determining user location for jurisdictional legal obligations. - Tier: All - Location: § 3 (How we may use personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20For%20legal%20purposes%3A,with%20relevant%20legal%20obligations. ### privacy data use — risk unknown > We may aggregate, pseudoanonymize, or de-identify your information so that it no longer identifies you and use this information for the purposes described above, such as to analyze the way our Service is being used, to improve and add features to them, and to conduct research. We will maintain and use pseudoanonymized or de-identified information in pseudoanonymized or de-identified form and will not attempt to reidentify the information, unless required by law. - Interpretation (disclaimed): Permits aggregation, pseudonymization, or de-identification of personal information for analysis, improvement, and research purposes, and imposes an obligation not to attempt re-identification unless required by law. - Tier: All - Location: § 3 (How we may use personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20We%20may%20aggregate%2C,unless%20required%20by%20law. ### privacy data use — risk unknown > The right to appeal a decision we make about your rights request. - Interpretation (disclaimed): This segment grants users the right to appeal xAI's decisions regarding their privacy rights requests, establishing an internal appeals mechanism. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20The%20right%20to,about%20your%20rights%20request. ### privacy data use — risk unknown > xAI implements commercially reasonable technical, administrative, and organizational measures designed to protect personal information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no security measure or method of data transmission over the internet is 100% secure. In addition, you are solely responsible for protecting your log-in and password, limiting access to your devices, and signing out of websites and accounts after your sessions. - Interpretation (disclaimed): This segment disclaims absolute security guarantees by stating xAI implements 'commercially reasonable' measures but that no method is 100% secure, while also placing responsibility on users to protect their own credentials and access, limiting xAI's liability for security failures. - Tier: All - Location: § 6 (Security of personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20xAI%20implements%20commercially,accounts%20after%20your%20sessions. ### privacy data use — risk unknown > You may have the right to request to access, correct, update or delete your personal information, subject to certain applicable legal exceptions. Please note that we cannot guarantee the factual accuracy of Output from our models. If Output contains factually inaccurate personal information relating to you, you can submit a correction request and we will make reasonable efforts to correct this information — but due to the technical complexity of our models, it may not be feasible for us to do so. - Interpretation (disclaimed): This segment grants users the right to request access, correction, update, or deletion of their personal information subject to legal exceptions, while also establishing a correction request procedure for inaccurate AI-generated output and disclaiming any guarantee of factual accuracy, limiting xAI's obligation to correct model outputs due to technical complexity. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20You%20may%20have,us%20to%20do%20so. ### privacy data use — risk unknown > If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent. - Interpretation (disclaimed): This segment grants users the right to withdraw consent for processing of their personal information at any time, while clarifying that withdrawal does not affect the lawfulness of prior processing or processing conducted on other lawful bases, preserving xAI's ability to continue certain data uses. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20If%20we%20have,grounds%20other%20than%20consent. ### privacy data use — risk unknown > The right to submit certain privacy requests through an Authorized Agent. - Interpretation (disclaimed): This segment grants users the right to submit certain privacy requests through an Authorized Agent, establishing a delegated rights-exercise mechanism under applicable privacy law. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20The%20right%20to,through%20an%20Authorized%20Agent. ### privacy data use — risk unknown > Exercising your rights: Some of these rights may be exercised in the xAI Service but for others you will need to submit a request at https://x.ai/privacy-portal/ and include your full legal name, email address, and city, state/province, and country of residence. Once you have submitted your request, we will respond within the time frame permitted by applicable privacy laws. - Interpretation (disclaimed): This segment establishes the procedure for exercising privacy rights, specifying that some rights can be exercised within the xAI Service while others require submission through a designated portal with specific identifying information, and commits xAI to respond within legally permitted timeframes. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Exercising%20your%20rights%3A,by%20applicable%20privacy%20laws. ### privacy data use — risk unknown > Please note, however, that your personal information may be exempt from such requests in certain circumstances, for example if we need to keep using your information to comply with our own legal obligations or to establish, exercise or defend legal claims. If an exception applies, we will inform you when responding to your request. - Interpretation (disclaimed): This segment establishes exceptions to user privacy rights requests, permitting xAI to retain and use personal information when exemptions apply (e.g., legal obligations, establishing or defending legal claims), and requires xAI to inform users when an exception applies. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Please%20note%2C%20however%2C,responding%20to%20your%20request. ### privacy data use — risk unknown > Verification: In order to protect your personal information, your ability to exercise some of the rights detailed in this Privacy Policy may be subject to your ability to verify that you are the person about whom your request pertains. For example, we may require you to verify your identity by validating your account credentials or submitting additional information to allow us to verify your identity. - Interpretation (disclaimed): This segment establishes identity verification procedures as a condition for exercising privacy rights, requiring users to validate account credentials or submit additional information before xAI will process their rights requests. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Verification%3A%20In%20order,to%20verify%20your%20identity. ### privacy data use — risk unknown > Authorized Agents: To exercise your rights using an Authorized Agent (as defined under applicable law), you must provide your Authorized Agent with written permission to exercise your rights on your behalf, and we may request a copy of this written permission from your Authorized Agent when they make a request on your behalf. We reserve the right to deny a request from an Authorized Agent that does not submit proof that they have been authorized by you to act on your behalf. - Interpretation (disclaimed): This segment establishes the procedure and requirements for exercising privacy rights through an Authorized Agent, including the obligation to provide written authorization, and reserves xAI's right to deny requests from agents who cannot demonstrate proper authorization. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Authorized%20Agents%3A%20To,act%20on%20your%20behalf. ### privacy data use — risk unknown > Appeals: If we refuse to take action on a request within a reasonable period of time after receiving your request, you may appeal our decision via https://x.ai/privacy-portal/ . In such an appeal, you must (1) provide sufficient information to allow us to verify that you are the person about whom the original request pertains and to identify the original request, and (2) provide a description of the basis of your appeal. Please note that your appeal will be subject to your rights and obligations afforded to you under applicable law. We respond to all appeal requests as soon as we reasonably can, and no later than legally required. - Interpretation (disclaimed): This segment establishes the procedure for appealing xAI's refusal or inaction on privacy rights requests, specifying the portal to use, the information required in the appeal, and xAI's obligation to respond to all appeals in a timely manner, subject to applicable law. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Appeals%3A%20If%20we,later%20than%20legally%20required. ### privacy data use — risk unknown > Do Not Track: Please note that because the effect of "Do Not Track" signals remains unclear, and because there continues to be no consistent industry understanding of how to respond to such a signal, we do not alter our privacy practices when we detect a "Do Not Track" signal from your browser. - Interpretation (disclaimed): This segment disclaims any obligation to honor 'Do Not Track' browser signals, stating that xAI does not alter its privacy practices in response to such signals due to the lack of consistent industry standards and unclear effect, limiting user expectations about tracking controls. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Do%20Not%20Track%3A,signal%20from%20your%20browser. ### privacy data use — risk unknown > We may update our Privacy Policy from time to time. When we do, we will publish an updated version and effective date on this page, unless another type of notice is required by applicable law. If you use the Service after any changes to the Privacy Policy have been posted, all of the changes made will apply to your use of the Service. - Interpretation (disclaimed): This segment establishes the procedure for updating the Privacy Policy, requiring xAI to publish an updated version and effective date, and creates a binding incorporation mechanism whereby continued use of the Service after changes constitutes acceptance of the revised policy. - Tier: All - Location: § 10 (Changes to this Privacy Policy) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20We%20may%20update,use%20of%20the%20Service. ### privacy data use — risk unknown > If you have any queries or complaints about our collection, use, or storage of your personal information, or if you wish to exercise any of your rights in relation to your personal information, please contact us at https://x.ai/privacy-portal/ or by the following contact details: - Interpretation (disclaimed): This segment establishes the contact procedure for privacy queries, complaints about data collection/use/storage, and exercise of privacy rights, directing users to a specific portal or contact details and identifying xAI as the responsible entity. - Tier: All - Location: § 12 (How to contact us about privacy requests) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20If%20you%20have,the%20following%20contact%20details%3A ### privacy data use — risk unknown > For the fastest response for world-wide requests and in the USA: x.AI LLC, https://x.ai/privacy-portal/ - Interpretation (disclaimed): This segment identifies x.AI LLC and the privacy portal as the primary contact point for worldwide and USA privacy requests, establishing the operative contact information for the data controller. - Tier: All - Location: § 12 (How to contact us about privacy requests) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20For%20the%20fastest,x.AI%20LLC%2C%20https%3A%2F%2Fx.ai%2Fprivacy-portal%2F%20 ### privacy data use — risk unknown > Other contacts for privacy requests: - Interpretation (disclaimed): This segment introduces additional jurisdiction-specific contact points for privacy requests outside the USA, establishing that different representatives handle requests in different regions. - Tier: All - Location: § 12 (How to contact us about privacy requests) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Other%20contacts%20for%20privacy%20requests%3A%20 ### data retention — risk unknown > For litigation, regulatory or other legal matters (e.g., we would retain your information if there was an ongoing legal claim and the information was relevant to the claim). - Interpretation (disclaimed): This clause establishes an exception to standard data deletion practices, permitting xAI to retain user information for litigation, regulatory, or other legal matters when the information is relevant to an ongoing legal claim. - Tier: All - Location: § 5 (Retention of personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20For%20litigation%2C%20regulatory,relevant%20to%20the%20claim). ### data retention — risk unknown > We retain your personal information where we have an ongoing legitimate business need to do so. In certain circumstances, we will retain your information for legal reasons after our contractual relationship has ended. The specific retention periods depend on the nature of the information and why it is collected and processed and the nature of the legal requirement. For example, we may retain your personal information: - Interpretation (disclaimed): Establishes an obligation to retain personal information only while there is a legitimate ongoing business need, and specifies that retention may continue for legal reasons after the contractual relationship ends, with retention periods determined by the nature of the data and legal requirements. - Tier: All - Location: § 5 (Retention of personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20We%20retain%20your,retain%20your%20personal%20information%3A ### data retention — risk unknown > When we have a legal obligation to do so (e.g., if we receive a court order, we would retain your information for longer than our usual retention periods); - Interpretation (disclaimed): Imposes a retention obligation requiring xAI to keep personal information longer than standard periods when required by a legal obligation such as a court order. - Tier: All - Location: § 5 (Retention of personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20When%20we%20have,our%20usual%20retention%20periods)%3B ### data retention — risk unknown > To address and resolve requests and complaints (e.g., if there is an ongoing complaint about you); - Interpretation (disclaimed): Requires retention of personal information for the duration needed to address and resolve user requests and complaints, extending retention based on ongoing dispute status. - Tier: All - Location: § 5 (Retention of personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20To%20address%20and,ongoing%20complaint%20about%20you)%3B ### data retention — risk unknown > To protect the safety, security, and integrity of our business and the Service, as well as to protect our rights and property and those of others (e.g., if we detect misuse of our Service or otherwise detect unusual activity on your account or in your interactions with us); and - Interpretation (disclaimed): Requires retention of personal information to protect the safety, security, and integrity of the service and xAI's rights and property when misuse or unusual account activity is detected. - Tier: All - Location: § 5 (Retention of personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20To%20protect%20the,interactions%20with%20us)%3B%20and ### data retention — risk unknown > The length of time we retain data may depend on the features or settings you use. For example, when Private Chat is turned on, conversations will not appear in your conversation history and your conversations will be deleted from xAI systems within 30 days unless it is necessary that they be kept longer for legal, compliance, or safety purposes. Further, if you choose to delete any or all of your conversations or if you choose to delete your account, we will delete the data within 30 days unless it is necessary to retain the data for legal, compliance, or safety purposes. - Interpretation (disclaimed): This segment details specific retention periods and deletion procedures tied to feature settings (Private Chat), user-initiated deletions, and account deletion, while carving out exceptions for legal, compliance, or safety purposes, establishing a 30-day deletion window as the operative timeline. - Tier: All - Location: § 5 (Retention of personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20The%20length%20of,compliance%2C%20or%20safety%20purposes. ### subprocessors data sharing — risk unknown > Connecting to third-party services. Certain features of the Service may facilitate your ability to connect to a third-party service, such as X or other companies. If you select a feature that involves sending your User Content to such a third-party service, you are instructing and authorizing xAI to send your User Content out of the Service. Please review the policies of any third-party service providers for additional information about how they may use those materials. - Interpretation (disclaimed): This segment authorizes xAI to transmit User Content to third-party services at the user's instruction when using integrative features, and directs users to review third-party policies, establishing consent for data sharing with external processors. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Connecting%20to%20third-party,may%20use%20those%20materials. ### subprocessors data sharing — risk unknown > How we may disclose it: To our contracted service providers; in connection with business transfers, for legal purposes; to our related companies; and to third-parties with which you interact or share information. - Interpretation (disclaimed): Specifies the parties to whom Account Data may be disclosed—contracted service providers, business transfer parties, related companies, and third parties with whom users interact—establishing permissible data sharing practices. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,interact%20or%20share%20information. ### subprocessors data sharing — risk unknown > How we may collect it: Through a third-party processor (ex., Apple App Store, Google Play Store, or Stripe). - Interpretation (disclaimed): Identifies the collection method for Payment Data as through third-party processors (Apple App Store, Google Play Store, Stripe), establishing the role of subprocessors in data collection. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,Play%20Store%2C%20or%20Stripe). ### subprocessors data sharing — risk unknown > How we may disclose it: To our contracted service providers; in connection with business transfers, and for legal purposes. - Interpretation (disclaimed): Specifies permissible disclosures of Payment Data to contracted service providers, business transfer parties, and for legal purposes, establishing the authorized third-party sharing scope. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,and%20for%20legal%20purposes. ### subprocessors data sharing — risk unknown > How we may disclose it: To our contracted service providers; in connection with business transfers, for legal purposes; and to our related companies. - Interpretation (disclaimed): Specifies parties to whom Communication Data may be disclosed—contracted service providers, business transfer recipients, and related companies—establishing the authorized scope of third-party sharing for this data category. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,to%20our%20related%20companies. ### subprocessors data sharing — risk unknown > How we may disclose it: To our contracted service providers; in connection with business transfers, for legal purposes; and to our related companies. - Interpretation (disclaimed): Specifies parties to whom User Content may be disclosed—contracted service providers, business transfer parties, and related companies—establishing permissible third-party sharing of user prompts and outputs. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,to%20our%20related%20companies. ### subprocessors data sharing — risk unknown > How we may disclose it: To our contracted service providers; in connection with business transfers, for legal purposes; and to our related companies. - Interpretation (disclaimed): Specifies parties to whom Feedback Data may be disclosed—contracted service providers, business transfer parties, and related companies—establishing the permissible sharing scope for feedback information. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,to%20our%20related%20companies. ### subprocessors data sharing — risk unknown > How we may collect it: Directly from you or from companies that host our social media pages. - Interpretation (disclaimed): States that Social Media Information is collected from users directly and from social media platform companies, identifying the role of third-party social platforms as data sources. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,our%20social%20media%20pages. ### subprocessors data sharing — risk unknown > How we may disclose it: To our contracted service providers; in connection with business transfers, for legal purposes; to our related companies; and to third-parties with which you interact or share information. - Interpretation (disclaimed): Specifies parties to whom Social Media Information may be disclosed—contracted service providers, business transfer parties, related companies, and third parties with whom users interact—establishing the authorized sharing scope. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,interact%20or%20share%20information. ### subprocessors data sharing — risk unknown > How we may disclose it: To our contracted service providers; in connection with business transfers, for legal purposes; and to our related companies. - Interpretation (disclaimed): Specifies parties to whom Technical Data may be disclosed—contracted service providers, business transfer parties, and related companies—establishing the permissible third-party sharing scope for technical and usage data. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,to%20our%20related%20companies. ### subprocessors data sharing — risk unknown > How we may disclose it: To our contracted service providers; in connection with business transfers, for legal purposes; to our related companies; and to third-parties with which you interact or share information. - Interpretation (disclaimed): Identifies the categories of third parties to whom personal information may be disclosed, including contracted service providers, related companies, business transfer parties, and third-parties with whom users interact, establishing permissible disclosure channels. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,interact%20or%20share%20information. ### subprocessors data sharing — risk unknown > How we may disclose it: To our contracted service providers; in connection with business transfers, for legal purposes; and to our related companies. - Interpretation (disclaimed): Permits disclosure of publicly available data to contracted service providers, related companies, and in connection with business transfers or legal purposes. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,to%20our%20related%20companies. ### subprocessors data sharing — risk unknown > How we may disclose it: To our contracted service providers; in connection with business transfers, for legal purposes; and to our related companies - Interpretation (disclaimed): Permits disclosure of public X posts and internet search data to contracted service providers, related companies, and in connection with business transfers or legal purposes. - Tier: All - Location: § 2 (Personal information we collect (Notice at collection)) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20How%20we%20may,to%20our%20related%20companies ### subprocessors data sharing — risk unknown > We may disclose your personal information to others. Below, you will find examples and additional information regarding how we may disclose your personal information. - Interpretation (disclaimed): Introductory statement that frames the following clauses as examples of how personal information may be disclosed to others, functioning as a definitional lead-in for the disclosure section. - Tier: All - Location: § 4 (How we may disclose personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20We%20may%20disclose,disclose%20your%20personal%20information. ### subprocessors data sharing — risk unknown > To our contracted service providers: To assist in providing the Service to you or performing business operations, we provide your personal information to service providers including providers of hosting, cloud, analytics, content delivery, support and safety monitoring, payment and transaction, and other technology services, for the purposes described above. - Interpretation (disclaimed): Permits disclosure of personal information to contracted service providers — including hosting, analytics, payment, and safety monitoring vendors — to support service delivery and business operations. - Tier: All - Location: § 4 (How we may disclose personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20To%20our%20contracted,the%20purposes%20described%20above. ### subprocessors data sharing — risk unknown > In connection with business transfers: In connection with or during negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction, or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets to another company. If required by applicable laws, we will use reasonable efforts to notify you of any transfer of personal information to an unaffiliated third-party. - Interpretation (disclaimed): Permits disclosure of personal information in connection with business transfers such as mergers, acquisitions, or bankruptcies, and imposes a reasonable-efforts notification obligation when transferring to unaffiliated third parties as required by law. - Tier: All - Location: § 4 (How we may disclose personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20In%20connection%20with,to%20an%20unaffiliated%20third-party. ### subprocessors data sharing — risk unknown > For legal purposes: To (i) comply with laws or to respond to lawful requests and legal process, (ii) protect the rights and property of xAI and our agents, customers, and others, including to enforce our agreements, policies, and terms of service, (iii) to protect against legal liability, or (iv) to protect the personal safety of xAI, its customers, or any person. - Interpretation (disclaimed): Permits disclosure of personal information for legal compliance, enforcement of agreements and policies, protection against legal liability, and protection of safety of xAI, customers, or any person. - Tier: All - Location: § 4 (How we may disclose personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20For%20legal%20purposes%3A,customers%2C%20or%20any%20person. ### subprocessors data sharing — risk unknown > To our related companies: To our related companies to the extent such sharing is necessary to fulfill a request you have submitted via our Service or for customer management, customer support, technical operations, or the purposes described above. - Interpretation (disclaimed): Permits sharing personal information with related companies to fulfill user requests, support customer management, technical operations, and other stated purposes. - Tier: All - Location: § 4 (How we may disclose personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20To%20our%20related,the%20purposes%20described%20above. ### subprocessors data sharing — risk unknown > To third-parties with which you interact or share information: Certain features may allow you to share information with third-parties, such as through the X platform. Information you share with third-parties is governed by that third-party’s terms and policies. - Interpretation (disclaimed): Permits information sharing with third parties when users interact with them (e.g., via the X platform), and notes that such third-party data use is governed by the third party's own terms and policies, effectively limiting xAI's responsibility for downstream use. - Tier: All - Location: § 4 (How we may disclose personal information) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20To%20third-parties%20with,third-party%E2%80%99s%20terms%20and%20policies. ### subprocessors data sharing — risk unknown > Our Service may contain links to external websites or social media platforms that are not operated by us. Third-party websites and services have their own terms and conditions and privacy policies, and you should read these carefully before you submit any personal information to them. - Interpretation (disclaimed): This segment disclaims xAI's responsibility for third-party websites and social media platforms linked from the service, noting those parties have their own terms and privacy policies, and advises users to review them before submitting personal information. - Tier: All - Location: § 7 (Links to other websites) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Our%20Service%20may,personal%20information%20to%20them. ### audit rights dpa residency — risk unknown > For individuals in the European Economic Area, United Kingdom, and Switzerland (collectively, “Europe”), for Europe-specific additional information not already discussed on this page, please see xAI’s Europe Privacy Policy Addendum . - Interpretation (disclaimed): Incorporates by reference a separate Europe Privacy Policy Addendum for individuals in the EEA, UK, and Switzerland, establishing region-specific legal obligations and rights applicable to those jurisdictions. - Tier: All - Location: Privacy Policy › “Effective: April 4, 2026 ( previous version )” - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20For%20individuals%20in,Privacy%20Policy%20Addendum%20. ### audit rights dpa residency — risk unknown > Depending on where you are located and subject to applicable legal exceptions, you may have certain rights in relation to your personal information. For information on the privacy rights that may be available to you under European privacy laws, please review xAI’s Europe Privacy Policy Addendum . - Interpretation (disclaimed): This segment conditionally grants privacy rights based on user location and applicable law, and incorporates by reference xAI's Europe Privacy Policy Addendum for users subject to European privacy laws, establishing a cross-reference to jurisdiction-specific rights and obligations. - Tier: All - Location: § 9 (Privacy rights and choices) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20Depending%20on%20where,Privacy%20Policy%20Addendum%20. ### audit rights dpa residency — risk unknown > In the UK: Lionheart Squared Limited, FAO x.ai, 17 Glasshouse Studios, Fryern Court Road, Fordingbridge, Hampshire, SP6 1QX United Kingdom xai@lionheartsquared.co.uk - Interpretation (disclaimed): This segment identifies Lionheart Squared Limited as xAI's UK privacy representative with specific contact details, establishing the operative contact and data protection representative for UK-based privacy requests and obligations under UK data protection law. - Tier: All - Location: § 12 (How to contact us about privacy requests) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20In%20the%20UK%3A,United%20Kingdom%20xai%40lionheartsquared.co.uk%20 ### audit rights dpa residency — risk unknown > In the EU: Lionheart Squared (Europe) Ltd, FAO x.ai, 2 Pembroke House, Upper Pembroke Street 28-32, Dublin, D02 EK84, Republic of Ireland xai@lionheartsquared.eu - Interpretation (disclaimed): This segment identifies Lionheart Squared (Europe) Ltd as xAI's EU privacy representative in Dublin, establishing the operative contact and data protection representative for EU-based privacy requests and obligations under GDPR. - Tier: All - Location: § 12 (How to contact us about privacy requests) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20In%20the%20EU%3A,of%20Ireland%20xai%40lionheartsquared.eu%20 ### audit rights dpa residency — risk unknown > In Switzerland: Lionheart Squared Switzerland SarL, FAO x.ai, Blvd George Favon 43, CH-1204 Geneva, Switzerland xai@lionheartsquared.ch - Interpretation (disclaimed): This segment identifies Lionheart Squared Switzerland SarL as xAI's Swiss privacy representative with specific contact details, establishing the operative contact and representative for Swiss-based privacy requests and obligations under Swiss data protection law. - Tier: All - Location: § 12 (How to contact us about privacy requests) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20In%20Switzerland%3A%20Lionheart,Geneva%2C%20Switzerland%20xai%40lionheartsquared.ch%20 ### audit rights dpa residency — risk unknown > You can contact our Data Protection Officer at privacy@x.ai - Interpretation (disclaimed): This segment provides contact information for xAI's Data Protection Officer, establishing the operative channel for DPO communications as required under applicable data protection law (e.g., GDPR Article 37-39). - Tier: All - Location: § 12 (How to contact us about privacy requests) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20You%20can%20contact,Officer%20at%20privacy%40x.ai%20 ### indemnity liability — risk unknown > EST Consequences of Exercising Right of Withdrawal. If you withdraw from this contract and you have signed-up for a paid subscription, we will repay you for payments that we verify have already been received by us from you for the subscription term active at the time of your withdrawal notice, within 14 days from the day on which we received the notification of your withdrawal from this contract. For this repayment, we will use the same means of payment that you used for the original transaction, unless expressly agreed otherwise with you. Please note this does not include X Premium or X Premium+ account charges because that is not part of this Service. Please refer to the X Premium Terms of Use for further details of how to claim a refund for those charges. - Interpretation (disclaimed): Imposes an obligation on xAI to repay verified payments to European-Consumers who exercise the right of withdrawal within 14 days of receiving withdrawal notice, using the original payment method, and clarifies exclusions (X Premium), establishing a financial remedy obligation. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20Consequences%20of,refund%20for%20those%20charges. ### indemnity liability — risk unknown > Third-party services and software. Our Service may include or be integrated with third-party software, products, or services that are subject to their own terms. Our software may include open source software that is governed by its own licenses. - Interpretation (disclaimed): This segment discloses that the Service may integrate third-party software and open source software subject to their own terms and licenses, incorporating those external legal instruments by reference and allocating responsibility for compliance with third-party terms to the user. - Tier: All - Location: Terms of Service › “Taking unauthorized actions on behalf of others” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Third-party%20services%20and,by%20its%20own%20licenses. ### indemnity liability — risk unknown > We continue to add new models and other features, some which may be in beta testing where indicated. You accept that all of our services, including but not limited to such beta technologies, are provided “AS IS” and may contain errors, defects, bugs or inaccuracies that could fail or cause corruption or loss of data and information. You agree that use of any of our technologies is at your own risk. - Interpretation (disclaimed): This segment disclaims warranties for the Service including beta features, stating they are provided 'AS IS' and may contain errors, defects, or bugs, and places the risk of use including data corruption or loss solely on the user. - Tier: All - Location: Terms of Service › “The Service Is Available “As Is”” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20We%20continue%20to,at%20your%20own%20risk. ### indemnity liability — risk unknown > Your use of our Service could cause risk or harm to xAI, our users, or anyone else; or - Interpretation (disclaimed): This segment limits user remedies upon termination by establishing that no refund is owed except where required by law, restricting financial recovery available to terminated or suspended users. - Tier: All - Location: Terms of Service › “Termination, Suspension, Discontinuation” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Your%20use%20of,or%20anyone%20else%3B%20or ### indemnity liability — risk unknown > Appeals. If you believe we have suspended or terminated your account in error, you can file an appeal with us by contacting support@x.ai . - Interpretation (disclaimed): This segment, under the Disclaimer of Warranties heading, provides a broad 'as is' and 'as available' disclaimer of all express and implied warranties including merchantability, fitness for purpose, and non-infringement, placing risk of use on the user and limiting xAI's legal liability to the fullest extent permitted by law. - Tier: All - Location: Terms of Service › “Termination, Suspension, Discontinuation” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Appeals.%20If%20you,by%20contacting%20support%40x.ai%20. ### indemnity liability — risk unknown > Discontinuation. We may decide to discontinue our Service. If we do, we will provide you notice and any applicable refund for prepaid, unused services. - Interpretation (disclaimed): This segment establishes the user's obligation to defend, indemnify, and hold harmless xAI and its affiliates and personnel against all claims, damages, liabilities, and expenses arising from the user's use of the Service and Output, Input, or violation of the Terms, creating a broad contractual indemnity in favor of xAI. - Tier: All - Location: Terms of Service › “Termination, Suspension, Discontinuation” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Discontinuation.%20We%20may,for%20prepaid%2C%20unused%20services. ### indemnity liability — risk unknown > Export Controls. You will comply with all applicable import and export and re-export control and trade and economic sanctions laws and regulations in your use of the Service, including the Export Administration Regulations maintained by the U.S. Department of Commerce, trade and economic sanctions maintained by the U.S. Treasury Department's Office of Foreign Assets Control (“ OFAC ”), and the International Traffic in Arms Regulations maintained by the U.S. State Department. You represent and warrant that you are not, and that no person to whom you make the Service available or that is acting on your behalf, is (a) listed on the List of Specially Designated Nationals and Blocked Persons or on any other list of sanctioned, prohibited, or restricted parties administered by OFAC or by any other governmental entity, or (b) located in, a national or resident of, or a segment of the government of, any country or territory for which the United States maintains trade or economic sanctions or embargoes or that has been designated by the U.S. Government as a “terrorist supporting” region. - Interpretation (disclaimed): Imposes an obligation on users to comply with all applicable import, export, re-export, and trade sanctions laws (including EAR, OFAC, and ITAR) when using the Service, and includes a representation and warranty regarding user and downstream compliance. - Tier: All - Location: Terms of Service › “General Provisions” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Export%20Controls.%20You,a%20%E2%80%9Cterrorist%20supporting%E2%80%9D%20region. ### indemnity liability — risk unknown > TO THE FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT WILL XAI OR ANY XAI INDEMNITEE BE LIABLE (A) FOR ANY INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, OR DATA, OR OTHER INTANGIBLE LOSSES, ARISING OUT OF OR RELATING TO THE USE OF, OR INABILITY TO USE, THE SERVICE OR ANY PORTION THEREOF; AND (B) TO YOU FOR ANY CLAIMS, DAMAGES OR COSTS IN AN AMOUNT EXCEEDING THE AMOUNT YOU PAID TO US HEREUNDER OR ONE HUNDRED U.S. DOLLARS ($100.00), WHICHEVER IS GREATER. THESE LIMITATIONS OF LIABILITY APPLY EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - Interpretation (disclaimed): Limits xAI's liability by excluding indirect, punitive, incidental, special, consequential, and exemplary damages, and caps total liability to the greater of amounts paid or $100, restricting users' ability to recover losses from service use or inability to use. - Tier: All - Location: Terms of Service › “Limitation of Liability” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20TO%20THE%20FULLEST,POSSIBILITY%20OF%20SUCH%20DAMAGE. ### indemnity liability — risk unknown > Some countries and states do not allow the disclaimer of certain warranties or the limitation of certain damages, so some or all of the terms above may not apply to you, and you may have additional rights. - Interpretation (disclaimed): Creates a geographic/jurisdictional exception to the limitation of liability clauses, acknowledging that some users may retain additional rights under local law where disclaimer or damage caps are not permitted. - Tier: All - Location: Terms of Service › “Limitation of Liability” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Some%20countries%20and,may%20have%20additional%20rights. ### indemnity liability — risk unknown > Assignment. These Terms, and any rights and licenses granted hereunder, may not be transferred or assigned by you, but may be assigned by us without restriction. Any attempted transfer or assignment by you in violation hereof will be null and void. - Interpretation (disclaimed): Restricts users from transferring or assigning their rights and licenses under the Terms while granting xAI an unrestricted right of assignment, with any unauthorized user assignment declared null and void. - Tier: All - Location: Terms of Service › “General Provisions” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Assignment.%20These%20Terms%2C,be%20null%20and%20void. ### indemnity liability — risk unknown > Changes to Terms. When we change these Terms in a material manner, we will update the ‘Effective' date at the top of this page. Your continued use of the Service after any change to these Terms constitutes your acceptance of the new Terms of Service. If you do not agree to any part of these Terms or to any future Terms of Service, do not access or use (or continue to access or use) the Service. - Interpretation (disclaimed): Establishes the procedure by which xAI may modify the Terms (updating the effective date) and deems continued service use as acceptance of revised terms, creating a constructive amendment mechanism. - Tier: All - Location: Terms of Service › “General Provisions” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Changes%20to%20Terms.,or%20use)%20the%20Service. ### indemnity liability — risk unknown > Entire Agreement; Severability. These Terms, together with any amendments and any additional written agreements you may enter into with us in connection with the Service, will constitute the entire agreement between you and us concerning the Service. Any statements or comments made between you and any of our employees or representatives are expressly excluded from these Terms and will not apply to you or us, or to your access to or use of the Service. If any provision of these Terms is deemed invalid by a court of competent jurisdiction, the invalidity of such provision will not affect the validity of the remaining provisions of these Terms, which will remain in full force and effect. - Interpretation (disclaimed): Defines the scope of the entire agreement between the parties, explicitly excluding employee/representative statements and establishing a severability rule preserving remaining provisions if any term is found invalid. - Tier: All - Location: Terms of Service › “General Provisions” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Entire%20Agreement%3B%20Severability.,full%20force%20and%20effect. ### indemnity liability — risk unknown > No Waiver. No waiver of any term of these Terms will be deemed a further or continuing waiver of such term or of any other term, and our failure to assert any right or provision under these Terms will not constitute a waiver of such right or provision. - Interpretation (disclaimed): Establishes a non-waiver provision stating that failure to enforce any term does not constitute a waiver of that or any other term, preserving xAI's rights under the Terms at all times. - Tier: All - Location: Terms of Service › “General Provisions” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20No%20Waiver.%20No,such%20right%20or%20provision. ### indemnity liability — risk unknown > iOS App. This paragraph applies to any App you acquire from the Apple App Store (such App, “ iOS App ”). You and xAI understand and acknowledge that these Terms are solely between you and xAI, not Apple, Inc. (“ Apple ”), and that Apple has no responsibility for the iOS App or content thereof. Your access to and use of the iOS App must comply with the usage rules set forth in Apple's then-current Apple Media Services Terms and Conditions and with the applicable Volume Content Terms. You acknowledge that Apple has no obligation whatsoever to furnish any maintenance and support services with respect to the iOS App. In the event of any failure of the iOS App to conform to any applicable warranty, you may notify Apple, and Apple will refund the purchase price (if any) for the iOS App to you; to the maximum extent permitted by applicable law, Apple will have no other warranty obligation whatsoever with respect to the iOS App, and any other claims, losses, liabilities, damages, costs, or expenses attributable to any failure to conform to any warranty will be governed solely by these Terms and any law applicable to xAI as provider of the iOS App. You and xAI acknowledge that Apple is not responsible for addressing any claims of you or any third-party relating to the iOS App or your possession and/or use of the iOS App, including, but not limited to: (a) product liability claims; (b) any claim that the iOS App fails to conform to any applicable legal or regulatory requirement; and (c) claims arising under consumer protection or similar legislation. - Interpretation (disclaimed): Defines the relationship between xAI, the user, and Apple with respect to iOS App usage, incorporating Apple Media Services Terms and Volume Content Terms as applicable usage rules and clarifying that Apple bears no maintenance or support obligations. - Tier: All - Location: Terms of Service › “Mobile App Specific Terms” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20iOS%20App.%20This,or%20similar%20legislation.%20 ### indemnity liability — risk unknown > You acknowledge that, in the event of any third-party claim that the iOS App, or your possession and use of that iOS App, infringes that third-party's intellectual property rights, xAI, not Apple, will be solely responsible for the investigation, defense, settlement, and discharge of any such intellectual property infringement claim, to the extent required by these Terms. You and xAI acknowledge and agree that Apple and Apple's subsidiaries are third-party beneficiaries of these Terms as relates to your license of the iOS App, and that, upon your acceptance of the terms and conditions of these Terms, Apple will have the right (and will be deemed to have accepted the right) to enforce these Terms as relates to your license of the iOS App against you as a third-party beneficiary thereof. - Interpretation (disclaimed): Allocates responsibility for intellectual property infringement claims regarding the iOS App to xAI (not Apple), and acknowledges Apple and its subsidiaries as third-party beneficiaries of the Terms with respect to the iOS App license. - Tier: All - Location: Terms of Service › “Mobile App Specific Terms” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=You%20acknowledge%20that%2C%20in,a%20third-party%20beneficiary%20thereof. ### indemnity liability — risk unknown > Android App. This paragraph applies to any App you acquire from the Google Play Store (such App, “ Android App ”): (a) you acknowledge that these Terms are between you and xAI only, and not Google LLC or any affiliate thereof (collectively, “ Google ”); (b) your access to and use of the Android App must comply with Google's then-current Google Play Terms of Service; (c) Google is only a provider of the Google Play Store where you obtained the Android App; (d) xAI, and not Google, is solely responsible for the Android App; (e) Google has no obligation or liability to you with respect to the Android App or these Terms; and (f) you understand and acknowledge that Google is a third-party beneficiary to these Terms as they relate to the Android App. - Interpretation (disclaimed): Defines the relationship between xAI, the user, and Google for Android App usage, incorporating Google Play Terms of Service, clarifying Google's limited role as distributor, and allocating all responsibility for the Android App to xAI with no liability to Google. - Tier: All - Location: Terms of Service › “Mobile App Specific Terms” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Android%20App.%20This,to%20the%20Android%20App. ### indemnity liability — risk unknown > EST Limitation of Liability. For European-Consumers, provided that we have acted with professional diligence, we do not take responsibility for loss or damage caused by us, unless it is caused by our breach of these Terms or is reasonably foreseeable at the time of entering into these Terms. We do not take responsibility for loss or damage caused by events beyond our control. We do not limit our liability to you where it would be unlawful for us to do so. You have the full protections of the applicable laws and statutory rights. - Interpretation (disclaimed): Limits xAI's liability to European-Consumers by establishing that xAI is not responsible for loss or damage unless caused by its breach of Terms or reasonably foreseeable, while also disclaiming liability for force majeure events and preserving statutory rights that cannot be lawfully excluded. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20Limitation%20of,laws%20and%20statutory%20rights. ### indemnity liability — risk unknown > EST Consumer Guarantee. For European-Consumers, the applicable European consumer laws provide you with a guarantee covering the Service. Questions regarding the Service can be directed to support@x.ai . - Interpretation (disclaimed): Affirms European-Consumers' right to a statutory guarantee under applicable European consumer laws covering the Service, and provides a contact point for service-related questions, preserving statutory consumer protections. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20Consumer%20Guarantee.,directed%20to%20support%40x.ai%20. ### indemnity liability — risk unknown > EST No Release; Indemnity. The Release Section and Indemnity Section of the Terms shall not be applicable to European-Consumers subject to these Europe Specific Terms. - Interpretation (disclaimed): Creates an exception for European-Consumers from the general Release and Indemnity sections of the Terms, restricting xAI's ability to require European-Consumers to release claims or indemnify xAI, in compliance with consumer protection law. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20No%20Release%3B,these%20Europe%20Specific%20Terms. ### governing law disputes — risk unknown > EST Changes to the Terms. With respect to European-Consumers, xAI may unilaterally make changes to these Terms (including the Europe Specific Terms) when it is necessary to do so, particularly as a result of changes of law or to ensure a better functionality of the Service. xAI shall take proportionate measures, if required, to notify Users in advance of such changes to the Terms, such notification may take the form of an in-Service notification or an email for a material change. If you do not agree to the amended Terms, you may object and must discontinue your use of the Service. If you do not object and continue to use the Service, you will be deemed to have acknowledged the amendment and agreed to be bound by it. - Interpretation (disclaimed): Establishes the procedure and conditions under which xAI may unilaterally amend Terms for European-Consumers, including advance notification obligations and the right for users to object and discontinue use, creating a structured change-management obligation under consumer law. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20Changes%20to,be%20bound%20by%20it. ### governing law disputes — risk unknown > These Terms of Service (” Terms ”) apply to your use of Grok, Grokipedia, and xAI's other services for individuals, including associated applications and websites (collectively, the “ Service ”). These Terms form an agreement between you and X.AI LLC, a Nevada company (“ xAI ,” “ we ,” “ our ,” or “ us ”). By using our Service, you acknowledge and agree to these Terms. - Interpretation (disclaimed): This segment defines the scope of the Terms, identifies the contracting parties (user and X.AI LLC, a Nevada company), names the covered services, and states that use of the Service constitutes agreement to the Terms, forming the foundational incorporation clause of the agreement. - Tier: All - Location: Terms of Service › “Welcome to xAI!” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20These%20Terms%20of,agree%20to%20these%20Terms. ### governing law disputes — risk unknown > If you reside in the European Economic Area, United Kingdom, or Switzerland (collectively, “ Europe ”), your use of the Service is governed in part by the Europe Specific Terms (“ EST ”). - Interpretation (disclaimed): This segment identifies a geographic sub-class of users (EEA, UK, Switzerland) whose use is additionally governed by Europe Specific Terms ('EST'), incorporating a separate legal instrument by reference and creating a tier distinction based on residency. - Tier: All - Location: Terms of Service › “Welcome to xAI!” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20If%20you%20reside,Terms%20(%E2%80%9C%20EST%20%E2%80%9D). ### governing law disputes — risk unknown > Class Action and Jury Trial Waiver. BY ENTERING INTO THESE TERMS, YOU AND XAI ARE EACH WAIVING THE RIGHT TO A TRIAL BY JURY OR TO BRING, JOIN, OR PARTICIPATE IN ANY PURPORTED CLASS ACTION, COLLECTIVE ACTION, PRIVATE ATTORNEY GENERAL ACTION, OR OTHER REPRESENTATIVE PROCEEDING OF ANY KIND AS A PLAINTIFF OR CLASS MEMBER. THE FOREGOING APPLIES TO ALL USERS (BOTH NATURAL PERSONS AND ENTITIES), REGARDLESS OF WHETHER YOU HAVE OBTAINED OR USED THE SERVICE FOR PERSONAL, COMMERCIAL, OR OTHER PURPOSES. To the extent permitted by law, you also waive the right to participate as a plaintiff or class member in any purported class action, collective action or representative action proceeding against our corporate affiliates. - Interpretation (disclaimed): Imposes a class action and jury trial waiver, restricting both parties from pursuing jury trials, class actions, collective actions, or representative proceedings, and applies to all users regardless of purpose of use. - Tier: All - Location: Terms of Service › “Dispute Resolution” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Class%20Action%20and,against%20our%20corporate%20affiliates. ### governing law disputes — risk unknown > Governing Law; Jurisdiction and Venue. The laws of the State of Texas, excluding its choice of law provisions, will govern these Terms and any dispute that arises between you and us, notwithstanding any other agreement between you and us to the contrary. Notwithstanding any other agreement to the contrary, all disputes related to these Terms, the Service, or any patents – including without limitation disputes related to or arising from any Content (whether your or others' Content), or your or others' use of the Service or the complete or partial termination thereof – shall be brought and must proceed exclusively in the federal U.S. District Court for the Northern District of Texas or state courts located in Wichita County or Tarrant County, Texas, United States, and you consent to personal jurisdiction in those forums and waive any objection as to inconvenient forum. For the avoidance of doubt, the choice of law and forum selection provisions of this paragraph shall apply regardless of whether a dispute or any claims contained therein are based in contract, tort, statute, common law, or otherwise, and the choice of law and forum selection provisions of this paragraph shall apply to pending and future disputes and shall apply to your dispute regardless of when the conduct relating to the dispute arose or occurred. The choice of law and forum selection provisions of this paragraph shall also extend to disputes involving our U.S. corporate affiliates, who are intended third-party beneficiaries of this paragraph. Without prejudice to the foregoing, you agree that, in its sole discretion, xAI may bring any claim, cause of action, or dispute we have against you in any competent court in the country in which you reside that has jurisdiction and venue over the claim. - Interpretation (disclaimed): Establishes Texas law as the governing law for the Terms and all disputes, and mandates that all disputes related to the Terms, Service, content, or patents be brought in specified venue, creating an exclusive jurisdiction obligation on users. - Tier: All - Location: Terms of Service › “Dispute Resolution” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Governing%20Law%3B%20Jurisdiction,venue%20over%20the%20claim. ### governing law disputes — risk unknown > If you are a federal, state, or local government entity in the United States using the Service in your official capacity and legally unable to accept the controlling law, jurisdiction or venue clauses above, then those clauses do not apply to you. For such U.S. federal government entities, these Terms and any action related thereto will be governed by the laws of the United States of America (without reference to conflict of laws) and, in the absence of federal law and to the extent permitted under federal law, the laws of the State of Texas (excluding choice of law). - Interpretation (disclaimed): Creates an exception for U.S. federal, state, and local government entities that cannot legally accept the governing law, jurisdiction, or venue clauses, substituting federal law (and Texas law subsidiarily) as the applicable legal framework. - Tier: All - Location: Terms of Service › “Dispute Resolution” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20If%20you%20are,(excluding%20choice%20of%20law). ### governing law disputes — risk unknown > Limitations Period. You and xAI agree that you must initiate any proceeding or action asserting a federal claim within one (1) year of the date of the occurrence of the event or facts giving rise to a dispute that is arising out of or related to these Terms or the Service. You and xAI agree that you must initiate any proceeding or action asserting a state law claim within two (2) years of the date of the occurrence of the event or facts giving rise to a dispute that is arising out of or related to these Terms or the Service. Otherwise, to the extent permitted by applicable law, you forever waive the right to pursue any claim or cause of action, of any kind or character, based on such events or facts, and such claims or causes of action are permanently barred. - Interpretation (disclaimed): Imposes a contractual limitations period requiring users to initiate federal claims within one year and state law claims within two years of the triggering event, restricting the timeframe to assert claims and waiving untimely claims to the extent permitted by law. - Tier: All - Location: Terms of Service › “Dispute Resolution” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Limitations%20Period.%20You,action%20are%20permanently%20barred. ### governing law disputes — risk unknown > How to Contact Us. These Terms are with X.AI LLC, a Nevada company. For questions about these Terms, contact xAI at legal@x.ai . If you have any questions about the Service, please contact us at support@x.ai . - Interpretation (disclaimed): Identifies xAI's legal entity (X.AI LLC, a Nevada company) and provides contact information for legal and support inquiries, establishing the contracting party and communication procedure. - Tier: All - Location: Terms of Service › “General Provisions” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20How%20to%20Contact,us%20at%20support%40x.ai%20. ### governing law disputes — risk unknown > California Residents. - Interpretation (disclaimed): Identifies a distinct geographic/legal class of users (California residents) whose rights and obligations under a specific state statute are addressed in the following segment, functioning as a definitional scope marker. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20California%20Residents.%20 ### governing law disputes — risk unknown > The provider of the Service is set forth herein. If you are a California resident, in accordance with Cal. Civ. Code §1789.3, you may report complaints to the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs by contacting it in writing at 1625 North Market Blvd., Suite N 112 Sacramento, CA 95834, or by telephone at (800) 952-5210 or (916) 445-1254. - Interpretation (disclaimed): Grants California residents a specific procedure to report complaints to the California Department of Consumer Affairs under Cal. Civ. Code §1789.3, creating a jurisdictionally-specific dispute or complaint resolution pathway. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20The%20provider%20of,952-5210%20or%20(916)%20445-1254. ### governing law disputes — risk unknown > European Economic Area (EEA), United Kingdom (UK) or Switzerland Residents ("Europe Specific Terms" or “EST”) - Interpretation (disclaimed): Introduces and labels a distinct set of geographic-specific terms (Europe Specific Terms / EST) applicable to residents of the EEA, UK, and Switzerland, functioning as a definitional and scoping provision for the sections that follow. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20European%20Economic%20Area,Terms%22%20or%20%E2%80%9CEST%E2%80%9D)%20 ### governing law disputes — risk unknown > EST Definition of Consumer. For the purposes of these Europe Specific Terms " European Consumers " are individuals with a habitual place of residence in the EEA, UK or Switzerland acting for purposes that are wholly or mainly outside that individual's trade, business, craft or profession. - Interpretation (disclaimed): Defines the term 'European Consumers' for the purposes of the Europe Specific Terms, establishing the scope of persons to whom the EST apply based on habitual residence and non-commercial purpose. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20Definition%20of,business%2C%20craft%20or%20profession. ### governing law disputes — risk unknown > EST Order Process. As a European-Consumer, you are responsible for ensuring that your information is complete and accurate. The order process allows you to check and amend any errors before submitting your registration. Once you submit, we will begin processing it immediately. We will not file a copy of any contract formed between you and us. - Interpretation (disclaimed): Imposes an obligation on European-Consumer users to ensure their information is complete and accurate during the order process, and clarifies that xAI will not retain a copy of the contract formed, affecting contractual formation rights and documentation obligations. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20Order%20Process.,between%20you%20and%20us. ### governing law disputes — risk unknown > EST Governing Law. The Terms above provide the governing law, excluding applicable conflict of laws principles. As a European-Consumer, you will benefit from the applicable mandatory provisions of the law of the country in which you are resident. - Interpretation (disclaimed): Establishes an exception for European-Consumer residents, providing that mandatory consumer protection laws of their country of residence apply in addition to or overriding the general governing law clause, limiting the effect of the general choice-of-law provision. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20Governing%20Law.,which%20you%20are%20resident. ### governing law disputes — risk unknown > EST Venue of Jurisdiction. As a European-Consumer, you may bring a dispute which may arise under these Terms or in connection with the use of the Service, in the applicable courts of the country in which you are habitually resident. - Interpretation (disclaimed): Grants European-Consumers the right to bring disputes in the courts of their country of habitual residence, establishing a jurisdictional right that overrides or supplements the general venue/dispute provisions of the Terms. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20Venue%20of,you%20are%20habitually%20resident. ### governing law disputes — risk unknown > EST Right of Withdrawal.   As a European-Consumer, you have the right to close your account and withdraw from this contract within 14 days of entering into the contract. To exercise your right of withdrawal, you must inform us of your decision to withdraw from this contract by an unequivocal statement sent to support@x.ai . You may use the Model Withdrawal Form below, but it is not obligatory. - Interpretation (disclaimed): Grants European-Consumers a statutory right of withdrawal within 14 days of entering the contract, specifying the procedure for exercising this right by unequivocal statement to xAI, which creates an enforceable cancellation right under European consumer law. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20Right%20of,it%20is%20not%20obligatory. ### governing law disputes — risk unknown > EST Withdrawal Form. If you wish to withdraw from the contract, send an email requesting withdrawal to support@x.ai and include the following information: Full legal name, login/user name (e.g., email and/or X user name), residential address, date of order/subscription, date submitting withdrawal. - Interpretation (disclaimed): Provides the specific procedural form and required information for European-Consumers to exercise their right of withdrawal, establishing the formal steps for completing the withdrawal process. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20Withdrawal%20Form.,order%2Fsubscription%2C%20date%20submitting%20withdrawal. ### governing law disputes — risk unknown > EST Points of Contact for DSA Purposes. For the purposes of the EU Digital Services Act, xAI’s point of contact for recipients is xaidsasupport@x.ai . The point of contact for Member States’ authorities, the Commission and the Board is xaidsa@x.ai . Pursuant to Article 13 of the DSA, X.AI LLC has appointed EDSR, through its representative office in Estonia, as the legal representative. Contact: EDSR at Valukoja 8/2, 2nd floor, Tallinn, Estonia, EE-11415. Email: dsa@edsr.eu . Phone +3726991640 . - Interpretation (disclaimed): Designates xAI's points of contact for EU Digital Services Act purposes and incorporates a legal representative (EDSR in Estonia) pursuant to Article 13 of the DSA, creating legally mandated contact and representation obligations under EU regulation. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20EST%20Points%20of,.%20Phone%20%2B3726991640%20. ### moderation enforcement — risk unknown > Anyone who has been previously removed from the Service. - Interpretation (disclaimed): This segment prohibits previously removed users from using the Service, constituting a permanent exclusion restriction for terminated accounts. - Tier: All - Location: Terms of Service › “Taking unauthorized actions on behalf of others” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Anyone%20who%20has,removed%20from%20the%20Service. ### moderation enforcement — risk unknown > Minimum age. You must be at least 13 years old or the minimum age required in your country to use the Service, and you must confirm that you meet the minimum age requirement. If you are a teenager between the ages of 13 and 17 years old, you must have your parent or legal guardian's permission to use the Service, and they must agree to our Terms of Service. While we have taken measures to limit undesirable training data and outputs, depending on the features that you choose to use, the Service could produce output that is not appropriate for all ages. For instance, if users choose certain features or input suggestive or coarse language, the Service may respond with some dialogue that may involve coarse language, crude humor, sexual situations, or violence. We urge parents to exercise care in monitoring the use of the Service by their teenagers. Parents or guardians who choose to use certain features of the Service to aid in their interactions with their children, including regarding educational, enlightening, or entertaining discussions they have with their children, must make use of the data controls provided in the Service to select the appropriate features for their needs. - Interpretation (disclaimed): This segment imposes minimum age requirements (13 years or country minimum), requires parental consent for minors aged 13–17, and obliges users to confirm age eligibility; it also discloses that certain features may produce age-inappropriate outputs, creating an obligation for underage users to obtain parental permission before accessing the Service. - Tier: All - Location: Terms of Service › “Registration and Access” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Minimum%20age.%20You,features%20for%20their%20needs. ### moderation enforcement — risk unknown > Registration. You must provide accurate and complete information to register for an account to use our Service. You may not share your account credentials or make your account available to anyone else, and are responsible for all activities that occur under your account. If you create an account or use the Service on behalf of another person or entity, you must have the authority to accept these Terms on their behalf. - Interpretation (disclaimed): This segment obligates users to provide accurate and complete registration information, prohibits credential sharing or account transfer, holds users responsible for all account activity, and requires authority to bind third parties when acting on their behalf — collectively establishing account-level compliance obligations. - Tier: All - Location: Terms of Service › “Registration and Access” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Registration.%20You%20must,Terms%20on%20their%20behalf. ### moderation enforcement — risk unknown > Espionage, hacking, defrauding, defamation, scamming, spamming, or phishing - Interpretation (disclaimed): This segment prohibits espionage, hacking, fraud, defamation, scamming, spamming, and phishing via the Service, constituting a broad restriction against criminal and deceptive conduct. - Tier: All - Location: Terms of Service › “The sexualization or exploitation of children” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Espionage%2C%20hacking%2C%20defrauding%2C,scamming%2C%20spamming%2C%20or%20phishing ### moderation enforcement — risk unknown > What you cannot do. Prohibited uses of our Service include any illegal, harmful, or abusive activities, including but not limited to: - Interpretation (disclaimed): This segment introduces the category of prohibited uses by characterizing them as illegal, harmful, or abusive activities, establishing the overarching restriction framework that the following sub-items elaborate upon. - Tier: All - Location: Terms of Service › “Using our Service” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20What%20you%20cannot,but%20not%20limited%20to%3A ### moderation enforcement — risk unknown > Detrimentally impacting the Service, including by: - Interpretation (disclaimed): This segment introduces the sub-category of prohibited conduct that detrimentally impacts the Service, serving as a heading restriction that scopes the specific prohibitions listed underneath. - Tier: All - Location: Terms of Service › “Using our Service” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Detrimentally%20impacting%20the%20Service%2C%20including%20by%3A%20 ### moderation enforcement — risk unknown > Not complying with laws or regulations, including by: - Interpretation (disclaimed): This segment introduces a sub-category of prohibited conduct involving non-compliance with laws or regulations, scoping the legal-compliance restrictions that follow. - Tier: All - Location: Terms of Service › “The sexualization or exploitation of children” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Not%20complying%20with,regulations%2C%20including%20by%3A%20 ### moderation enforcement — risk unknown > Disrupting, interfering with, or unauthorized access to the Service or its safety systems - Interpretation (disclaimed): This segment prohibits disrupting, interfering with, or obtaining unauthorized access to the Service or its safety systems, constituting a security-based use restriction. - Tier: All - Location: Terms of Service › “Using our Service” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Disrupting%2C%20interfering%20with%2C,or%20its%20safety%20systems ### moderation enforcement — risk unknown > Causing harm or engaging in abusive activity, including by: - Interpretation (disclaimed): This segment introduces the sub-category of prohibited conduct involving harm or abusive activity, functioning as a scoping restriction header for the enumerated harmful-use prohibitions that follow. - Tier: All - Location: Terms of Service › “Using our Service” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Causing%20harm%20or,activity%2C%20including%20by%3A%20 ### moderation enforcement — risk unknown > Critically harming or promoting critically harming human life (yours or anyone else's), including pro-terrorist activities - Interpretation (disclaimed): This segment prohibits using the Service to critically harm or promote harming human life, including pro-terrorist activities, constituting a content-based safety restriction on outputs and prompts. - Tier: All - Location: Terms of Service › “Using our Service” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Critically%20harming%20or,else's)%2C%20including%20pro-terrorist%20activities ### moderation enforcement — risk unknown > Operating in a regulated industry without complying with those regulations or in a region where we do not offer Service - Interpretation (disclaimed): This segment prohibits operating in a regulated industry without complying with applicable regulations and using the Service in regions where xAI does not offer Service, constituting a geographic and regulatory compliance restriction. - Tier: All - Location: Terms of Service › “Taking unauthorized actions on behalf of others” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Operating%20in%20a,do%20not%20offer%20Service ### moderation enforcement — risk unknown > Making high-stakes automated decisions that affect a person's safety, legal or material rights, or well-being (such as making financial credit, educational, employment, housing, insurance, legal, medical, or other important decisions about or for them) - Interpretation (disclaimed): This segment prohibits using the Service for high-stakes automated decisions affecting a person's safety, legal rights, or material well-being (financial credit, employment, housing, medical, etc.), constituting a restriction against consequential automated decision-making. - Tier: All - Location: Terms of Service › “Taking unauthorized actions on behalf of others” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Making%20high-stakes%20automated,about%20or%20for%20them) ### moderation enforcement — risk unknown > Misleading others or not being transparent regarding your use of AI - Interpretation (disclaimed): This segment prohibits misleading others or failing to be transparent about the use of AI, constituting a disclosure obligation and deception-based use restriction. - Tier: All - Location: Terms of Service › “Taking unauthorized actions on behalf of others” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Misleading%20others%20or,your%20use%20of%20AI ### moderation enforcement — risk unknown > Who Is Prohibited From Using the Service. - Interpretation (disclaimed): This segment is a heading ('Who Is Prohibited From Using the Service') introducing the categories of prohibited users; it scopes the restriction but has no standalone operative effect. - Tier: All - Location: Terms of Service › “Taking unauthorized actions on behalf of others” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Who%20Is%20Prohibited,Using%20the%20Service.%20 ### moderation enforcement — risk unknown > Anyone who violates these Terms, Acceptable Use Policy , other documentation, guidelines, or policies we make available to you. - Interpretation (disclaimed): This segment prohibits use of the Service by anyone who violates the Terms, Acceptable Use Policy, or other applicable guidelines, establishing that policy violations result in loss of access rights. - Tier: All - Location: Terms of Service › “Taking unauthorized actions on behalf of others” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Anyone%20who%20violates,make%20available%20to%20you. ### moderation enforcement — risk unknown > We reserve the right to decide, at our sole discretion, not to contract with you. If you do not have a valid contract with us, you are prohibited from using our Service. - Interpretation (disclaimed): This segment reserves xAI's sole discretion right to decline to contract with any user and confirms that users without a valid contract are prohibited from using the Service, constituting a gatekeeping and termination right for xAI. - Tier: All - Location: Terms of Service › “Taking unauthorized actions on behalf of others” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20We%20reserve%20the,from%20using%20our%20Service. ### moderation enforcement — risk unknown > Automated systems that analyze your use of the Service and User Content may be used for business, safety, and compliance purposes. A limited number of our authorized personnel may review how you use the Service and your User Content for specific business purposes, including improving product features, investigating security incidents and potential misuse of our Service, and complying with our legal obligations. - Interpretation (disclaimed): This segment discloses that automated systems and authorized personnel may review User Content and usage for business, safety, compliance, security incident investigation, and legal obligation purposes, establishing an operational and compliance-driven review procedure. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Automated%20systems%20that,with%20our%20legal%20obligations. ### moderation enforcement — risk unknown > You are responsible for evaluating the Output for accuracy and appropriateness for your use, including using human review and supervision, before using or sharing Output. - Interpretation (disclaimed): This segment places the obligation on the user to evaluate Output for accuracy and appropriateness, including through human review and supervision, before using or sharing it, creating a user-side duty of care. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20You%20are%20responsible,using%20or%20sharing%20Output. ### moderation enforcement — risk unknown > Price changes. We may adjust subscription prices periodically. If prices increase, we will provide 30 days' notice, and the new price will apply at your next renewal, allowing you to cancel if you disagree with the change. - Interpretation (disclaimed): This heading introduces the section on account termination, suspension, and service discontinuation, contextualizing the procedural and enforcement provisions that follow. - Tier: All - Location: Terms of Service › “Paid Accounts” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Price%20changes.%20We,disagree%20with%20the%20change. ### moderation enforcement — risk unknown > Paid subscriptions through X. Use of Grok on the X platform is not governed by these Terms. To access Grok on X, you must agree to the X Terms of Service . - Interpretation (disclaimed): This segment grants xAI the right to terminate or suspend user access or delete accounts at its sole discretion without notice, and establishes the user's corresponding right to stop using the Service and close their account at any time. - Tier: All - Location: Terms of Service › “Paid Accounts” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Paid%20subscriptions%20through,Terms%20of%20Service%20. ### moderation enforcement — risk unknown > Termination or Suspension. You are free to stop using our Service at any time and close your account. We may terminate or suspend your access to our Service or delete your account at any time without notice to you if we determine, at our sole discretion, that: - Interpretation (disclaimed): This segment identifies legal compliance as a basis for xAI to terminate or suspend user access, establishing that xAI may act to fulfill its legal obligations at the expense of user access. - Tier: All - Location: Terms of Service › “Termination, Suspension, Discontinuation” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Termination%20or%20Suspension.,our%20sole%20discretion%2C%20that%3A ### moderation enforcement — risk unknown > You breached these Terms or our Acceptable Use Policy, guidelines, or other policies; - Interpretation (disclaimed): This segment establishes risk or harm to xAI, its users, or third parties as an independent ground for account termination or suspension, restricting continued access where potential harm is identified. - Tier: All - Location: Terms of Service › “Termination, Suspension, Discontinuation” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20You%20breached%20these,guidelines%2C%20or%20other%20policies%3B ### moderation enforcement — risk unknown > Your account has been inactive for over a year and you do not have a paid account. - Interpretation (disclaimed): This segment provides users with an appeal remedy for erroneous account suspension or termination by directing them to contact xAI support, establishing a procedural right to contest enforcement actions. - Tier: All - Location: Terms of Service › “Termination, Suspension, Discontinuation” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Your%20account%20has,have%20a%20paid%20account. ### moderation enforcement — risk unknown > No refund. Upon Service termination, you will not be entitled to any refund, except where required by law. - Interpretation (disclaimed): This segment establishes the procedure and conditions under which xAI may discontinue the Service, requiring advance notice and providing for refunds of prepaid unused services to affected users. - Tier: All - Location: Terms of Service › “Termination, Suspension, Discontinuation” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20No%20refund.%20Upon,where%20required%20by%20law. ### moderation enforcement — risk unknown > If you believe that your copyrighted work or other right to your work or image has been infringed and is accessible via the Service, you agree to first notify our copyright agent by following these instructions. We may, if feasible, delete or disable content that we believe violates these Terms or is alleged to be infringing and will terminate accounts of repeat infringers at our sole discretion. Written claims concerning copyright infringement must include all of the following information: - Interpretation (disclaimed): Establishes the procedure for reporting copyright infringement, requiring users to notify xAI's copyright agent and listing required elements of a valid claim; also grants xAI discretion to delete/disable infringing content and terminate repeat infringers' accounts. - Tier: All - Location: Terms of Service › “Copyright Complaints” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20If%20you%20believe,of%20the%20following%20information%3A ### moderation enforcement — risk unknown > An electronic or physical signature of a person authorized to act on behalf of the copyright owner - Interpretation (disclaimed): Specifies that a valid copyright infringement notice must include an electronic or physical signature of an authorized representative of the copyright owner, as part of the DMCA-style takedown procedure. - Tier: All - Location: Terms of Service › “Copyright Complaints” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20An%20electronic%20or,of%20the%20copyright%20owner ### moderation enforcement — risk unknown > A description of the copyrighted work that you claim has been infringed upon - Interpretation (disclaimed): Specifies that a valid copyright infringement notice must include a description of the copyrighted work alleged to have been infringed, as part of the required notice elements. - Tier: All - Location: Terms of Service › “Copyright Complaints” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20A%20description%20of,has%20been%20infringed%20upon ### moderation enforcement — risk unknown > A description of where the allegedly infringing material is located on our Service, so we can find it - Interpretation (disclaimed): Specifies that a valid copyright infringement notice must identify the location of the allegedly infringing material on the Service, enabling xAI to locate and act upon it. - Tier: All - Location: Terms of Service › “Copyright Complaints” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20A%20description%20of,we%20can%20find%20it ### moderation enforcement — risk unknown > A statement by you that you have a good-faith belief that the disputed use is not authorized by the copyright owner, its agent, or the law - Interpretation (disclaimed): Specifies that a valid copyright infringement notice must contain a good-faith belief statement that the disputed use is unauthorized, satisfying a statutory requirement of a DMCA takedown notice. - Tier: All - Location: Terms of Service › “Your address, telephone number, and e-mail address” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20A%20statement%20by,agent%2C%20or%20the%20law ### moderation enforcement — risk unknown > A statement by you, made under penalty of perjury, that the above information is accurate, and that you are the copyright owner or are authorized to act on behalf of the copyright owner. - Interpretation (disclaimed): Specifies that a valid copyright infringement notice must include a perjury penalty declaration attesting to the accuracy of the notice and the claimant's authority, as a required procedural and legal element. - Tier: All - Location: Terms of Service › “Your address, telephone number, and e-mail address” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20A%20statement%20by,of%20the%20copyright%20owner. ### moderation enforcement — risk unknown > The above information must be submitted to our Copyright Agent at: Attn: Legal - Copyright Agent, X.AI LLC, legal@x.ai - Interpretation (disclaimed): Designates the specific contact (xAI's Copyright Agent at legal@x.ai) to whom copyright infringement notices must be submitted, completing the DMCA takedown procedure. - Tier: All - Location: Terms of Service › “Your address, telephone number, and e-mail address” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20The%20above%20information,X.AI%20LLC%2C%20legal%40x.ai%20 ### moderation enforcement — risk unknown > Material that promotes, incites or instructs in matters of crime or violence; - Interpretation (disclaimed): Prohibits Australian users from uploading or generating material that promotes, incites, or instructs in crime or violence, reflecting Australian online safety content standards. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Material%20that%20promotes%2C,of%20crime%20or%20violence%3B ### moderation enforcement — risk unknown > You may not upload or attempt to generate any of the following: - Interpretation (disclaimed): Introduces the list of prohibited content categories that Australian users may not upload or attempt to generate, establishing content restrictions specific to Australian law. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20You%20may%20not,any%20of%20the%20following%3A ### moderation enforcement — risk unknown > Child sexual exploitation material; - Interpretation (disclaimed): Prohibits Australian users from uploading or generating child sexual exploitation material, imposing a specific content restriction required under Australian online safety law. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Child%20sexual%20exploitation%20material%3B ### moderation enforcement — risk unknown > Material that advocates carrying out a terrorist act; - Interpretation (disclaimed): Prohibits Australian users from uploading or generating material that advocates carrying out a terrorist act, in compliance with Australian online safety obligations. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Material%20that%20advocates,out%20a%20terrorist%20act%3B ### moderation enforcement — risk unknown > Material that promotes or incites drug-related illegal activities; - Interpretation (disclaimed): Prohibits Australian users from uploading or generating material that promotes or incites drug-related illegal activities, as a region-specific content restriction. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Material%20that%20promotes,incites%20drug-related%20illegal%20activities%3B ### moderation enforcement — risk unknown > Material depicting abhorrent or offensive fetish or fantasy practices, for example, incest. - Interpretation (disclaimed): Prohibits Australian users from uploading or generating material depicting abhorrent or offensive fetish or fantasy practices such as incest, as required under Australian online safety regulations. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Material%20depicting%20abhorrent,practices%2C%20for%20example%2C%20incest. ### moderation enforcement — risk unknown > We may suspend or terminate your account or cease providing you with all or part of the service if you attempt to use Grok for any of these purposes. We may also delete the violative content from the service. - Interpretation (disclaimed): Grants xAI the right to suspend or terminate accounts and delete violative content as a remedy for Australian users who attempt to use Grok in violation of the prohibited content restrictions listed above. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20We%20may%20suspend,content%20from%20the%20service. ### moderation enforcement — risk unknown > We also allow users to limit their access or exposure to media that may contain 18+ adult content in Settings > Data Control . - Interpretation (disclaimed): Grants users the permission to limit their access or exposure to adult content through platform settings, establishing a user right in content moderation controls. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20We%20also%20allow,%3E%20Data%20Control%20. ### moderation enforcement — risk unknown > You can report violative content to xAI directly from Grok by clicking/tapping the three dots and choosing "Report Issue" . - Interpretation (disclaimed): Describes the procedure by which users can report violative content directly within the Grok interface, outlining the specific steps to trigger enforcement action. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20You%20can%20report,choosing%20%22Report%20Issue%22%20. ### moderation enforcement — risk unknown > Alternatively, you can email xAI directly at support@x.ai . - Interpretation (disclaimed): Provides an alternative procedural channel (email) for users to contact xAI directly regarding content or support issues, supplementing the in-app reporting mechanism. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Alternatively%2C%20you%20can,directly%20at%20support%40x.ai%20. ### moderation enforcement — risk unknown > If you would like to submit a complaint about: a) xAI’s handling of reports or b) xAI’s compliance with the Online Safety Act, you may do so by sending an email to support@x.ai . - Interpretation (disclaimed): Establishes the procedure for submitting complaints about xAI's handling of reports or compliance with the Online Safety Act, directing users to a specific contact method and thus creating an enforceable complaint pathway. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20If%20you%20would,email%20to%20support%40x.ai%20. ### moderation enforcement — risk unknown > The Australian eSafety Commissioner is the online safety regulator. You can learn more here . - Interpretation (disclaimed): Identifies the Australian eSafety Commissioner as the online safety regulator and incorporates an external resource link for further information, embedding a regulatory reference into the terms. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20The%20Australian%20eSafety,learn%20more%20here%20. ### moderation enforcement — risk unknown > If you would like to submit a complaint to the eSafety Commissioner, you can do so here . - Interpretation (disclaimed): Provides the procedure for users to submit a complaint to the Australian eSafety Commissioner via an external link, establishing an alternative regulatory complaint pathway. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=If%20you%20would%20like,do%20so%20here%20. ### moderation enforcement — risk unknown > You may also find information about counselling and support services here . - Interpretation (disclaimed): Points users to counselling and support services as an ancillary remedy pathway related to online safety obligations, providing a procedural reference to external support resources. - Tier: All - Location: Terms of Service › “Information about the Australian eSafety Commissioner” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=You%20may%20also%20find,support%20services%20here%20. ### moderation enforcement — risk unknown > As noted in the Terms of Service , our Service is not directed at children or minors under the age of 13 and we do not knowingly collect any personal information from them. While we have taken measures to limit undesirable training data and outputs, Grok could produce output that is not appropriate for all ages. Parents of teenagers between the ages of 13 and 17 years old must agree to the Terms of Service and are urged to exercise care in monitoring the use of this Service by their teenagers. Depending on how a user interacts with the Service, including which modes the user purposely selects, the Service may have content such as some suggestive dialogue, coarse language, crude humor, sexual situations, or violence. If you are a child under the age of 13, please do not attempt to register for or otherwise use our Service. Please contact us here if you are aware that we may have inadvertently collected personal information from a child under the age of 13. - Interpretation (disclaimed): This segment restricts use of the service by children under 13, disclaims knowing collection of their personal information, references Terms of Service for minors, and imposes a parental consent and monitoring obligation for teenagers aged 13–17, while acknowledging that outputs may not be appropriate for all ages despite training data moderation efforts. - Tier: All - Location: § 8 (Children under the age of 13) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20As%20noted%20in,the%20age%20of%2013. ### moderation enforcement — risk unknown > To report child safety issues to us, please contact us here . Residents of Australia can find resources regarding child safety and reporting here . - Interpretation (disclaimed): This segment establishes a procedure for reporting child safety issues to xAI and provides jurisdiction-specific resources for Australian residents, creating an enforcement and reporting channel for child safety matters. - Tier: All - Location: § 11 (Child safety issues) - Source: https://x.ai/legal/privacy-policy - Snapshot SHA-256: `7445b835565da1eb6fd3536f6d5b11d3d212a4ac6951d978a598f41a493dbeba` - Wayback: — - Deep link: https://x.ai/legal/privacy-policy#:~:text=%20To%20report%20child,and%20reporting%20here%20. ### tier differences — risk unknown > Our Enterprise Terms of Service govern the use of our services for developers and businesses, including xAI APIs and PromptIDE. - Interpretation (disclaimed): This segment distinguishes the consumer Terms from the Enterprise Terms of Service governing developers and businesses (including xAI APIs and PromptIDE), thereby defining scope boundaries between service tiers and incorporating a separate governing instrument by reference. - Tier: All - Location: Terms of Service › “Welcome to xAI!” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Our%20Enterprise%20Terms,xAI%20APIs%20and%20PromptIDE. ### tier differences — risk unknown > At our sole discretion, we may implement rate limitations to accommodate system resources or usage needs. - Interpretation (disclaimed): This segment reserves xAI's sole discretion to implement rate limitations based on system resource or usage needs, restricting user access levels and service throughput without prior notice or guaranteed parity. - Tier: All - Location: Terms of Service › “User Content” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20At%20our%20sole,resources%20or%20usage%20needs. ### tier differences — risk unknown > Security. We care about the security of your personal information. However, we cannot guarantee that unauthorized third-parties will never be able to defeat our security measures or to use your data for improper purposes. You acknowledge that you provide your data at your own risk. You will notify us immediately of any breach of security or unauthorized use of your User Account, and you will immediately take action to secure your account, including by changing your password. - Interpretation (disclaimed): This segment establishes payment obligations, billing information requirements, auto-renewal mechanics, tax obligations, consequences of payment failure including account downgrade or suspension, and a non-refundable cancellation policy for paid subscriptions. - Tier: All - Location: Terms of Service › “Privacy and Data Security” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Security.%20We%20care,by%20changing%20your%20password. ### tier differences — risk unknown > Fees; Payments; Cancellation. If you purchase any aspect of the Service, you must provide complete and accurate billing information, including a valid payment method. For paid subscriptions, we will automatically charge your payment method on each periodic renewal until you cancel. We will charge tax when required. If your payment is not successful, we may downgrade your account or suspend your access to the Service until payment is received. You can cancel your paid subscription at any time; however, payments already made are non-refundable, except where required by law. For questions regarding payments or cancellation, please contact support@x.ai . - Interpretation (disclaimed): This segment excludes Grok on the X platform from the scope of these Terms and incorporates the X Terms of Service as the governing agreement for that access, creating a tier distinction between xAI's direct service and platform-specific access. - Tier: All - Location: Terms of Service › “Paid Accounts” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20Fees%3B%20Payments%3B%20Cancellation.,please%20contact%20support%40x.ai%20. ### tier differences — risk unknown > We must do so to comply with the law; - Interpretation (disclaimed): This segment restricts continued access for accounts inactive for over a year without a paid subscription, creating a distinction between free and paid tier users with respect to account retention. - Tier: All - Location: Terms of Service › “Termination, Suspension, Discontinuation” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20We%20must%20do,comply%20with%20the%20law%3B ### tier differences — risk unknown > In Australia, your use of Grok is subject to the terms and conditions as set out in xAI's Terms of Service and Acceptable Use Policy , as well as the terms set out and referred to on this page. In case of inconsistency, these Australia Online Safety Terms shall prevail with respect to Australian users, and will govern your use of Grok. - Interpretation (disclaimed): Incorporates xAI's general Terms of Service and Acceptable Use Policy for Australian users while establishing that the Australia Online Safety Terms prevail in the event of inconsistency, creating a hierarchy of applicable terms for Australian users. - Tier: All - Location: Terms of Service › “Australian Residents: Online Safety Terms and Information” - Source: https://x.ai/legal/terms-of-service - Snapshot SHA-256: `affb0b2cd0bceab1efb37c4a3fd11a306a30cbc5b62914fb0049a8371516174c` - Wayback: — - Deep link: https://x.ai/legal/terms-of-service#:~:text=%20In%20Australia%2C%20your,your%20use%20of%20Grok.