AI API Usage Disclosure
Generate a ready-to-use AI policy in seconds. No signup required.
Copy and paste this into your website or app.
✔ No signup required. ✔ Free to use. ✔ Instant copy.
Common Compliance Questions
Q: Why should I disclose AI API usage?
Users have a right to know if their personal data is sent to third-party AI providers for processing.
Q: Which AI API providers should I disclose?
Any external service that receives user input prompts, including OpenAI, Anthropic, Google Gemini, or Cohere.
Q: How does data sharing with AI APIs affect GDPR compliance?
It requires you to sign a Data Processing Agreement (DPA) with the provider and list them in your Privacy Policy.
Q: Can AI API providers use my users' data to train their models?
Many enterprise APIs exclude training by default, but you must verify this in their terms and disclose it to your users.
Q: What is the risk of prompt injection in AI API usage?
Malicious prompts could force the API to leak system data or third-party information, making security disclosures vital.
Q: How do I specify data retention times for AI APIs?
Consult the API provider's security documentation (often 30 days for abuse monitoring) and copy that directly into your disclosure.
Q: Is a separate disclosure needed for free vs paid API tiers?
Yes, as free tiers often reserve rights to use prompts for model training, whereas paid enterprise tiers usually do not.
Q: Should I disclose the geographic location of the AI API servers?
Yes, cross-border data transfer regulations require telling users if their prompts are processed in the US, EU, or other regions.