Mistral AI vs GitHub Copilot

The service says you can export your data from your account and delete your account at any time, with a Help Center procedure for deleting data and digital assets. That makes it easier to leave and take your data with you.

Paid subscriptions renew automatically until you cancel, so you need to actively manage billing to avoid unwanted charges. Failed payments can also lead to suspension or downgrade.

Mistral may use your input, output, and feedback to train its models in certain cases, including free subscriptions and feedback submissions. If you do not opt out where available, your prompts and outputs may help improve the model.

Mistral says you own your outputs, which is good if you want to reuse, publish, or commercialize what the model generates. It also says you retain ownership of your inputs.

Mistral says you can object to the use of your input and output data for model training from account settings. That gives users a meaningful control over one of the most sensitive uses of their content.

For EEA consumers, you can bring claims in the courts of your country of residence, and your home-country substantive law applies. That is more user-friendly than forcing a distant forum or foreign law.

Le Chat conversations stay until you delete them, API inputs and outputs may be kept for 30 days for abuse monitoring, and some records are retained much longer, including invoices for 10 years. That means a lot of data can persist after use.

Mistral reserves the right to monitor usage with automated tools and to remove or restrict data that violates its rules or creates risk. This can affect availability of your content or account if the service flags it.

You have a 14-day withdrawal right after subscribing, and Mistral says it will refund payments within 14 days after notice. This is a standard but important consumer protection for paid plans.

If you share a conversation link, anyone with the link can view it, and Mistral says it does not control who accesses it. This is not a hidden clause, but it is easy to overlook and has obvious privacy implications.

For certain U.S. residents, Mistral says it has not sold, shared, or used personal data for targeted advertising in the previous 12 months. That is a reassuring privacy statement, though it is limited to a defined period and jurisdiction.

The service is provided as-is, with broad warranty disclaimers and major limits on GitHub’s liability for losses, downtime, or data issues. If Copilot or GitHub causes harm, your remedies may be very limited.

Copilot inputs and outputs can be used to develop and improve GitHub and affiliate AI models unless you opt out. This matters if you do not want prompts, code context, or generated outputs used for model improvement.

Even though you keep ownership, GitHub gets broad rights to host, copy, analyze, display, and use your content to run and improve the service, including AI-related improvement. For public content, other users can also view and fork it under platform rules.

GitHub expressly says private repository contents are confidential and limits staff access to listed situations like security, support, service integrity, or legal compliance. This is a meaningful protection for non-public code.

GitHub says eligible users can access, correct, delete, restrict, object to processing, withdraw consent, and receive portable copies of their data. These are strong, user-helpful privacy rights.

GitHub warns Copilot output may be inaccurate, incomplete, vulnerable, or resemble third-party code, and puts review responsibility on you. Users cannot rely on output being safe or license-clean.

GitHub collects account data, content, device and usage data, cookies, support data, geolocation, and information from third parties. That gives the company a broad picture of your activity across the service.

Data may be shared with affiliates including Microsoft, service providers, partners, authorities, and in some cases advertising and analytics networks. The policy also says some personal information is "shared" for marketing and audience measurement under applicable law.

You can opt out of having Copilot inputs and outputs used for AI model development going forward. This is a practical privacy control, though it does not undo broader repository-content licenses elsewhere in the terms.

Account cancellation is described as a simple self-serve flow, and GitHub says it will generally delete your full profile and repository contents within 90 days, subject to backups and legal exceptions. You can also request a copy of account contents within 90 days.

GitHub offers multiple ways to reject non-essential cookies, including settings links, browser controls, Do Not Track, extensions, and Global Privacy Control. It also states it does not sell data and will not share data when GPC is detected.

GitHub promises advance notice for material changes to both the terms and privacy statement. That gives users some time to review updates before they take effect.