Mistral AI vs GitHub Copilot

Mistral may use your prompts and outputs to train models on free subscriptions and some Le Chat paid plans unless you opt out. That means your AI interactions may help improve the model by default in those cases.

EEA consumers can bring claims in their home-country courts or in Paris, and mediation is voluntary rather than forced. This preserves the practical right to sue in court.

You can object to use of your input/output for model training directly in account settings. This gives users a meaningful privacy control without needing to contact support first.

Mistral provides self-serve controls to export data and delete your account, plus a switching process to move to another provider. This improves portability and makes exit less burdensome.

Le Chat inputs and outputs may remain stored until you delete the conversation or your account. If you do not actively clean up chats, they can persist indefinitely.

Some account-related records are retained for years, including invoices for 10 years and certain identity/support records for 5 years. Even after account deletion, not all data disappears immediately.

Mistral may automatically monitor use, review content, and remove or restrict data or suspend accounts for breaches, legal compliance, or risk. This can be important if you rely heavily on the service.

For covered U.S. users, Mistral says it did not sell, share, or use personal data for targeted advertising in the past 12 months. This is a favorable signal against ad-tech style exploitation.

Paid plans renew automatically until canceled, and cancellation only stops the next renewal rather than producing a prorated refund. Users need to cancel in advance to avoid another charge.

Payments are generally non-refundable, although EEA consumers do get a 14-day withdrawal right. After that window, canceling usually just preserves access through the current term.

The company excludes liability for unforeseeable losses, losses not caused by its breach, and events beyond its control, while preserving non-excludable consumer rights. That may narrow recovery for some service problems.

Mistral may update the terms and privacy policy over time. The terms promise 30 days' notice for material changes, which is better than silent updates but still allows unilateral changes.

The service is provided as-is, with broad warranty disclaimers and major limits on GitHub’s liability for losses, downtime, or data issues. If Copilot or GitHub causes harm, your remedies may be very limited.

Copilot inputs and outputs can be used to develop and improve GitHub and affiliate AI models unless you opt out. This matters if you do not want prompts, code context, or generated outputs used for model improvement.

Even though you keep ownership, GitHub gets broad rights to host, copy, analyze, display, and use your content to run and improve the service, including AI-related improvement. For public content, other users can also view and fork it under platform rules.

GitHub expressly says private repository contents are confidential and limits staff access to listed situations like security, support, service integrity, or legal compliance. This is a meaningful protection for non-public code.

GitHub says eligible users can access, correct, delete, restrict, object to processing, withdraw consent, and receive portable copies of their data. These are strong, user-helpful privacy rights.

GitHub warns Copilot output may be inaccurate, incomplete, vulnerable, or resemble third-party code, and puts review responsibility on you. Users cannot rely on output being safe or license-clean.

GitHub collects account data, content, device and usage data, cookies, support data, geolocation, and information from third parties. That gives the company a broad picture of your activity across the service.

Data may be shared with affiliates including Microsoft, service providers, partners, authorities, and in some cases advertising and analytics networks. The policy also says some personal information is "shared" for marketing and audience measurement under applicable law.

You can opt out of having Copilot inputs and outputs used for AI model development going forward. This is a practical privacy control, though it does not undo broader repository-content licenses elsewhere in the terms.

Account cancellation is described as a simple self-serve flow, and GitHub says it will generally delete your full profile and repository contents within 90 days, subject to backups and legal exceptions. You can also request a copy of account contents within 90 days.

GitHub offers multiple ways to reject non-essential cookies, including settings links, browser controls, Do Not Track, extensions, and Global Privacy Control. It also states it does not sell data and will not share data when GPC is detected.

GitHub promises advance notice for material changes to both the terms and privacy statement. That gives users some time to review updates before they take effect.