This is AI Law, on Terms.Law Radio. One oh one point three on the dial. Tonight I am auditing one sentence, the sentence every AI vendor's sales page now recites: quote, we do not train on your data, unquote. My job tonight is to show you why that sentence, standing alone, tells you almost nothing, and what the four definitions buried underneath it actually say. Start with the audit method. When a vendor talks about your data, the agreement almost never treats it as one thing. It splits your relationship into streams, defines each stream separately, and gives each stream different rules. Four streams show up again and again, and the training promise usually covers only the first. Stream one: content. Sometimes called customer content, sometimes inputs and outputs. Your prompts, your uploaded files, what the model returns. This is the stream the sales page is talking about. When the no training sentence appears, read the definition it points to, because content is often defined narrowly, and everything that falls outside the definition falls outside the promise. Stream two: feedback. The thumbs up. The thumbs down. The little box that asks how the model did. Here is the trap, and I see it constantly. Feedback clauses commonly grant the vendor a broad, perpetual, irrevocable license to use whatever you submit, for any purpose, including improving the models. So the same paragraph of confidential text, pasted into a chat window, may be protected content. Pasted into a feedback form, it can become the vendor's raw material forever. The words you type do not change. The definitional bucket they land in changes everything. Stream three: telemetry, sometimes labeled usage data or service data. How often you log in, which features you touch, performance logs, metadata about your files rather than the files themselves. Agreements frequently define this stream as belonging to the vendor outright, and the training restriction rarely reaches it. Usually that is tolerable. But metadata about a business can be revealing, and de-identified is a word that carries more weight in these clauses than the underlying technique always deserves. Stream four: abuse and safety monitoring. Even vendors that advertise zero retention typically carve out a window, often measured in days or weeks, where inputs can be stored, flagged, and reviewed, sometimes by human beings, to police misuse. I am not telling you that carve-out is illegitimate. Safety review exists for real reasons. I am telling you it exists, that your most sensitive prompt may sit in that window with human eyes available to it, and that the window's length and handling rules are negotiable at the enterprise level and invisible at the consumer level. So when someone tells you the vendor does not train on your data, the auditor's question is: which of the four streams does that sentence actually cover? Content only? Content and feedback? Does it say anything about telemetry, or about what happens inside the safety window? One sentence, four possible meanings, and the difference is your confidential information. This is AI Law, on Terms.Law Radio. Second segment: the tier problem, and this one is quietly responsible for most of the real world exposure I see. The same vendor typically runs at least three different legal regimes at once. A consumer tier, where training on your conversations is often the default, sometimes with a settings toggle to turn it off. A business or enterprise tier, where training is typically off by default, because procurement departments demanded it. And an API tier with its own separate terms, which often look more like the enterprise posture than the consumer one. Same company. Same model. Three different sets of promises. Which means the governing question is not what does this vendor do with data. It is: which agreement are my people actually under, account by account. The enterprise contract your company signed protects the accounts issued under it. It does nothing for the employee who hit a usage limit, opened a personal account on a personal card, and kept working with the same client files. That personal account is a consumer account, governed by consumer terms, with consumer defaults. Your negotiated protections do not follow your data into it. If you audit only one thing after this episode, audit that: list the accounts your team actually uses, and match each one to the agreement that actually governs it. Third segment: opt-outs and what to demand in writing. Opt-out mechanics have three structural weaknesses you should assume until proven otherwise. First, opt-outs are prospective. They stop future use. What was already used to improve a model stays used, because model weights do not unlearn. The practical consequence: exercise opt-outs on day one, not after the pilot. Second, opt-outs have exceptions, and the exceptions live in the same fine print: de-identified or aggregated data often remains fair game, the safety window usually survives, legal compliance always survives, and feedback frequently sits outside the opt-out entirely. Third, a settings toggle is not a contract. A toggle can move, a page can be rewritten. A signed agreement binds. So here is what I ask for in a data processing agreement or an addendum, in plain terms. One: a no training commitment that names all the streams, content, outputs, feedback, and fine-tuning, not just the defined term the vendor prefers. Two: stated retention periods and deletion timelines, including backups, in numbers of days rather than adjectives like promptly. Three: the safety review window described concretely, how long, who can see it, what happens after. Four: a current subprocessor list and notice before new ones are added, because your data's promises are only as good as the least careful company in the chain. Five: survival, meaning the commitments outlive the subscription, since your data does not evaporate the day you cancel. A vendor serious about the enterprise market has heard every one of these requests before. Silence or evasion on any of them is itself an answer, and you should treat it as one. Before your team adopts the tool, upload the agreement to the free Terms.Law analyst and check the data, ownership, liability, and exit provisions. It is at terms dot law. That is AI Law for tonight. The fine print: this is general commentary and education, not legal advice about your company, and listening does not create an attorney client relationship. AI law moves fast, and vendor data terms move faster, so verify the current documents before you rely on them. The analysis belongs to Sergei Tokmakov, California attorney. Trust the definitions, not the slogan. Good night.