OpenAI

Risk Level: Low Risk
Updated: May 6, 2025
Provider Overview

The provider demonstrates strong compliance in security measures, international data transfers, and children’s data protections. However, significant risks persist in user consent mechanisms, cookie management, and transparency governance. Key gaps include unclear consent processes (GDPR), insufficient cookie logging (ePrivacy Directive), and undocumented joint controller roles (GDPR). Automated decision-making lacks explicit safeguards under the EU AI Act, and DPO training programs require strengthening.

Website
Tracked Documents
Terms of Service
May 6, 2025
Privacy Policy
May 6, 2025
Cookie Policy
May 6, 2025
Security & Privacy
May 6, 2025
Enterprise Privacy
May 6, 2025
Customer Privacy
May 6, 2025
Service Terms
May 6, 2025
Data Processing Addendum
May 6, 2025
Approach To Patents
May 6, 2025
Plugin Terms
May 6, 2025
Service Credit Terms
May 6, 2025
Business Terms
May 6, 2025
Usage Policies
May 6, 2025
Creating images and videos
May 6, 2025
Using Operator
May 6, 2025
Sharing & publication policy
May 6, 2025
Coordinated vulnerability disclosure policy
May 6, 2025