AI Vendor Contract Redline Template: 12 Clauses to Add or Fix (2026)

12 clauses to check before signing any AI vendor contract. Copy the redline language directly into your markup.

Clause 1: No Training on Your Data

What standard contracts say (red flag):

"Provider may use data submitted to the service to improve, develop, and enhance the service and Provider's products."

"Improve the service" is ambiguous and can include model training. This language does not protect you.

What to add:

REDLINE — ADD: "Provider will not use Customer Data, including prompts, completions, uploaded documents, or any data derived from Customer's use of the service, to train, retrain, fine-tune, evaluate, or improve any AI model, foundation model, or machine learning system, whether operated by Provider or any third party. This prohibition applies to data in identifiable, anonymized, or aggregated form."

Acceptable alternative (if above is rejected):

"Provider will not use Customer Data for model training unless Customer has provided explicit written opt-in consent for that specific purpose."

Clause 2: Data Deletion on Termination

What standard contracts say (red flag):

"Upon termination, Provider will delete or return Customer Data upon request."

"Upon request" means you have to ask, remember to ask, and wait. Your data may sit indefinitely if you forget.

What to add:

REDLINE — ADD: "Within thirty (30) days of contract termination or expiration, Provider will permanently delete all Customer Data from Provider's systems and the systems of all sub-processors, and will provide written confirmation of deletion. Customer may request export of Customer Data in machine-readable format at any point during the contract term at no additional charge."

Clause 3: Breach Notification — 72 Hours

What standard contracts say (red flag):

"Provider will notify Customer of any security incident affecting Customer Data in a prompt and timely manner."

"Prompt and timely" is not a timeframe. Under GDPR, you have 72 hours to notify your supervisory authority. If your vendor takes 2 weeks to tell you, you cannot meet that obligation.

What to add:

REDLINE — ADD: "Provider will notify Customer within seventy-two (72) hours of becoming aware of any security incident, unauthorized access, or data breach affecting Customer Data. Notification will include: (a) the nature of the incident, (b) categories and approximate volume of Customer Data affected, (c) contact details for the Provider's data protection officer or security contact, (d) likely consequences of the breach, and (e) measures taken or proposed to remediate the breach."

Clause 4: Sub-Processor List and Approval Rights

What standard contracts say (red flag):

"Provider may engage sub-processors to assist in delivering the service. A list of current sub-processors is available at [URL]."

No approval right means the vendor can add any sub-processor without telling you. Under GDPR Article 28, you have the right to object.

What to add:

REDLINE — ADD: "Provider will maintain a current list of sub-processors at [URL] and will notify Customer at least thirty (30) days before adding or replacing any sub-processor that will process Customer Data. Customer may object to any new sub-processor within fourteen (14) days of notification. If Customer objects and Provider cannot address the objection, Customer may terminate the agreement without penalty."

Clause 5: Model Version Notice

Why this matters: An AI model update can materially change behavior — output format, tone, accuracy, refusals. If you are using AI in a regulated workflow (hiring, credit, healthcare), a surprise model change creates compliance exposure.

What to add:

REDLINE — ADD: "Provider will provide Customer with at least thirty (30) days advance notice before deploying a materially different version of the AI model underlying the service. 'Materially different' includes changes to: the underlying foundation model, safety filters, output format constraints, or any behavior that Provider reasonably expects could affect Customer's use case. Customer may elect to remain on the prior model version for up to ninety (90) days following notice."

Note: Most vendors will not accept this clause in self-serve agreements. It is worth requesting in enterprise negotiations.

Clause 6: Audit Rights

What to add (enterprise tier only):

REDLINE — ADD: "Provider will, upon reasonable notice (not less than thirty (30) days), permit Customer or Customer's designated third-party auditor to conduct an audit of Provider's data processing practices, security controls, and compliance with this Agreement, no more than once per calendar year. Provider will cooperate fully with any such audit and will provide access to relevant personnel, documentation, and systems. In lieu of a full audit, Provider may provide its current SOC 2 Type II report under mutual NDA."

Clause 7: Data Processing Location

For EU data — what to add if vendor processes in the US:

REDLINE — ADD: "Provider processes Customer Data in [location]. For transfers of personal data from the European Economic Area to countries without an EU adequacy decision, the parties agree to be bound by the Standard Contractual Clauses for the transfer of personal data to third countries (Module Two: Controller to Processor) as adopted by the European Commission, which are incorporated by reference into this Agreement."

Verify this is actually in the DPA — most reputable vendors already include SCCs.

Clause 8: Output Ownership

What to verify (usually already covered — but check):

CONFIRM IS PRESENT: "As between Provider and Customer, Customer owns all output generated by the service in response to Customer's prompts ('Customer Output'). Provider claims no intellectual property rights in Customer Output."

If this language is not explicit, request it. Some vendors claim a license to use outputs for service improvement — this is different from ownership but can be a concern.

Clause 9: Confidentiality of Prompts

What to add:

REDLINE — ADD: "Provider will treat all Customer prompts and completions as Customer Confidential Information and will implement access controls ensuring that Provider personnel can access Customer prompts only as necessary to provide support services explicitly requested by Customer, investigate security incidents, or comply with legal obligations. Provider will maintain a log of any employee access to Customer prompts and will provide that log to Customer upon request."

Clause 10: Liability Cap

What standard contracts say (red flag):

"Provider's total liability under this agreement will not exceed the fees paid by Customer in the twelve months preceding the claim."

If you pay $50/month, Provider's liability is capped at $600 regardless of harm. For enterprise contracts, negotiate this up.

What to request:

REDLINE — NEGOTIATE: "Provider's total liability under this agreement will not exceed the greater of: (a) fees paid by Customer in the twelve months preceding the claim, or (b) [amount negotiated based on risk — typically 2-5x annual fees for high-risk use cases]."

Clause 11: SLA with Financial Remedy

What to add (only enforceable in enterprise contracts):

REDLINE — ADD: "Provider guarantees [X]% monthly uptime for the core service ('SLA'). In the event of any calendar month in which uptime falls below the SLA, Customer will receive a service credit equal to [Y]% of monthly fees for each percentage point below the SLA. Service credits are Customer's sole remedy for uptime failures."

Clause 12: Data Portability and Export

What to add:

REDLINE — ADD: "At any time during the contract term and for thirty (30) days following termination, Customer may export all Customer Data, including prompts, completions, uploaded files, and configuration data, in a machine-readable format (JSON or CSV). Provider will not charge additional fees for this export. Provider will maintain the export capability in functional condition throughout the contract term."

How to Use This Template

Step 1: Copy the redline language for each applicable clause.

Step 2: Check your vendor's current DPA and terms against each clause. Many vendors already cover clauses 1, 3, 7, and 8 in their standard terms.

Step 3: For clauses that are missing, send the redline language to your legal contact or directly to the vendor's contract team.

Step 4: Document which clauses are covered, which were accepted, and which were rejected — with the risk acceptance decision for each rejection.

Step 5: Add the completed contract review to your AI tool register for that vendor.

Which Clauses Are Non-Negotiable vs. Worth Accepting the Gap

Fight for these (non-negotiable for high-risk use):

• Clause 1 (no training) — if missing, your data is model training material
• Clause 2 (deletion on termination) — your data's post-contract fate is undefined
• Clause 3 (72-hour breach notification) — you cannot meet GDPR without it
• Clause 4 (sub-processor approval) — required under GDPR Article 28

Request these but accept standard terms if rejected:

• Clause 5 (model version notice) — nice-to-have, rarely negotiable
• Clause 9 (prompt confidentiality) — usually covered by general confidentiality terms
• Clause 12 (portability) — important but often has workarounds

Enterprise-only — don't bother requesting on self-serve:

• Clause 6 (audit rights)
• Clause 10 (liability cap increase)
• Clause 11 (SLA with financial remedy)

References

• GDPR Article 28: Processor obligations and sub-processor requirements
• GDPR Article 33: 72-hour breach notification requirement
• GDPR Article 20: Data portability right
• EU AI Act Article 26: Obligations of deployers of high-risk AI systems
• Related: AI Vendor DPA Tracker — check which vendors already cover these clauses
• Related: AI Vendor Due Diligence Checklist