Last Update: October 30, 2023
Cohere maintains robust data usage and retention practices that recognize and respect our customers’ rights regarding their data.
For Cohere’s commercial customers using our API services, we will:
Defining API Data
API data is data provided or generated by commercial customers when directly calling the API, specifically customer prompt, model output, embeddings, documents, and fine-tune data. For clarity, this does not include data sent through our free services or metadata, such as an aggregate count of input prompt tokens. It also does not include our end-user products, such as the Playground or Coral.
More Details about our Opt-Out Policies
When opted out, commercial customers’ API data is not used for model training and purposes related to improving our models or enhancing Cohere’s offerings. We do not use raw input prompts or model generations to profile how our models are being used. We may use aggregated metadata, such as a count of input prompt tokens, to understand usage and improve our system performance. For up to 30 days, unless required by law or to meet our contractual commitments, we will also retain API data to monitor for compliance with our terms and acceptable use guidelines, e.g., for abuse and misuses of our services.
Additionally, for highly sensitive scenarios, Cohere may grant a zero data retention opt-out after review. This removes our ability to log any data. Contact us at email@example.com for more information.
Opting in to share your data helps improve our models for you. API data undergoes a sanitization process before storage. Before being fed into any training models, our team removes common sources of personal information.
Opt-out flags are managed at an organization level within Cohere’s services. You may have multiple Cohere organizations, and you may manage the opt-out flags independently. Opt out selections made prior to August 10, 2023 will remain the same.
More Information on Personal Information and Privacy
Cohere collects and retains API data up to 30 days, unless required by law or to meet our contractual commitments, to monitor for compliance with our terms and acceptable use guidelines, e.g., for abuse and misuse of our services. After 30 days, commercial customers' API data will be automatically deleted unless requested otherwise. For more information on Cohere’s organizational data retention practices, please contact us at firstname.lastname@example.org.
All of our services are hosted by Google Cloud Platform, which is located in the United States. We only train and host our models in the United States.
Commercial customers’ API data may be opted out of model training and for purposes related to improving our models or enhancing Cohere’s offerings. We may use aggregated metadata, such as a count of input prompt tokens, to understand usage and improve our system performance.
When you are opted in to model training, API data undergoes a sanitization process upon storage. Before being fed into any training models, our team removes common sources of personal information.
All data stored for any purpose is subject to our SOC2 controls regarding storage and processing. You can request a copy of the SOC2 Type II report at our Trust Center.
We only keep your personal information as long as it is operationally or legally necessary. After that, we will either destroy or anonymize the information.
Cohere complies with all applicable privacy laws as they relate to personal information under the company’s control. We also proactively work with our enterprise customers to ensure that we support them with their privacy compliance.