Is Salesforce Einstein safe with your data?
Salesforce Einstein
Salesforce
Good disclosure · high confidence
Salesforce Einstein earns a B (65/100) because it discloses most of its data practices.
#26
of 211 apps ranked
65
score · Enterprise copilot avg 49
+16
vs category average
Salesforce Einstein discloses zero-retention for customer prompts, customer data ownership, opt-out mechanisms for sharing/ads, and named international transfer safeguards, but lacks specificity on deletion timelines, breach notification, and granular access/portability procedures.
What Salesforce Einstein's privacy policy and terms of service say about your data
Zero-Retention Policy
Prompts and generated responses are never stored or used to train the underlying third-party large language models; data masking replaces PII with non-identifiable tokens before the prompt is sent to the LLM.
Data Ownership & Control
Data belongs to the customer; data remains exclusively the customer's property. Customers remain in control of their data and models at all times.
Government Disclosure Standard
Shares data with government authorities only where based on good-faith belief that disclosure is reasonably necessary to comply with law, prevent harm, detect fraud, or enforce rights (vague standard lacking specificity).
Children's Protections
No knowing collection of Personal Data from children under 13; for ages 13–18 only with parent/guardian consent or separate agreement.
What the policy is silent or vague on
- Not stated: a way to opt out of training
- Not stated: whether training use differs by plan
- Not stated: a deletion timeline after closure or request
- Not stated: a sub-processor list or data processing agreement
Salesforce Einstein privacy rating
Details
- Category
- Enterprise copilot
- Modalities
- text
- Processes biometrics
- No
- Policy last updated
- 2026-05-19
- Region scored
- Global / US-default
- Last assessed
- 2026-07-08
Documents examined
Other enterprise copilot apps
Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.