All apps

Is Chroma safe with your data?

F
Chroma icon

Chroma

22/100

Poor disclosure · low confidence

Chroma earns an F (22/100) because it discloses little about its data practices.

#202

of 211 apps ranked

22

score · Data platform avg 45

-23

vs category average

Grade scaleA · 70–100B · 60–69C · 48–59D · 35–47F · 0–34

Chroma prohibits training on customer data unless explicitly permitted, but provides no opt-out mechanism and grants itself sublicensable content rights.

What Chroma's privacy policy and terms of service say about your data

Training: Opt-In Only, No Opt-Out

Unless expressly permitted by Customer, Chroma will not use Customer Data to train the artificial intelligence or machine learning models.

Sublicensable Content Rights

Customer grants Chroma the non-exclusive, worldwide, sublicensable right to use, copy, store, disclose, transmit, transfer, publicly display, modify, and create derivative works from Customer Data

Discretionary Post-Termination Deletion

After that 30 day period, Chroma will be under no obligation to store or retain the applicable Customer Data and may delete the applicable Customer Data at any time in our sole discretion.

Subprocessor Transparency

maintain a current list of Subprocessors at trychroma.com/subprocessors

What the policy is silent or vague on

  • Not stated: keeping user inputs out of model training
  • Not stated: a way to opt out of training
  • Not stated: whether training use differs by plan
  • Not stated: your ownership of generated outputs

Chroma privacy rating

Training-data use0 of 4 disclosed
Keeps user inputs out of model training, or makes training opt-inSilent
Names a way to opt out of or into trainingSilent
Says whether training use differs by plan or tierSilent
Lets the user keep ownership of generated outputsAdverse
Data-subject rights0 of 5 disclosed
Grants a right to access your dataSilent
Grants a right to delete your dataSilent
Offers data portability in a usable formatSilent
Grants a right to correct your dataSilent
Grants a way to object to or opt out of processingSilent
Retention and deletion0 of 4 disclosed
States a retention period for your dataPartial
States a deletion timeline after closure or requestPartial
Sets a shorter retention for AI conversation logsSilent
Commits to collecting only the data it needsSilent
Third-party sharing2 of 5 disclosed
Lists the categories of third parties it shares withDisclosed
References a sub-processor list or data processing agreementDisclosed
Does not sell or share data for advertising, or offers opt-outSilent
Names a safeguard for international data transfersPartial
States a standard for government and law-enforcement accessPartial
Transparency2 of 4 disclosed
Discloses that you are interacting with AISilent
Marks AI-generated or synthetic outputNot applicable
Enumerates the categories of data it collectsDisclosed
Maps processing purposes to legal basesSilent
Is versioned and dated, with change noticeDisclosed
Sensitive data and children1 of 2 disclosed
Discloses automated decisions and a human-review pathNot applicable
Limits the use of special-category dataPartial
Governs biometric data specificallyNot applicable
States protections for children's dataDisclosed
Security and accountability0 of 3 disclosed
Describes its security safeguardsSilent
Commits to breach notificationSilent
Names a certification or a privacy contactSilent
DisclosedPartialSilentAdverseNot applicable

Details

Category
Data platform
Modalities
text
Processes biometrics
No
Policy last updated
2024-10-02
Region scored
Global / US-default
Last assessed
2026-07-08

Documents examined

Other data platform apps

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.

Is Chroma safe with your data? Grade F | AI App Trust & Transparency Index