
Cross-border data transfers were already one of the trickier parts of a technology contract. AI makes them harder. The technology stack is bigger, your data can route through models and regions you never see, and the terms you negotiate can fall out of date within a month of signing.
We dug into the drafting problem in a How to Contract webinar hosted by Laurie Ehrlich, VP Legal Product at Icertis, who brought the vendor and builder side from her years at Cognizant, Datadog, and building legal AI products. She was joined by Rachel Reid, Partner and Global Co-Head of AI and Co-Lead of Global Cybersecurity and Data Privacy at Eversheds Sutherland, who brought the customer and privacy lens. Having a builder and a privacy lawyer in the same conversation meant we heard both how these clauses get drafted and where they fall apart once the deal goes live.
They worked through where your data actually gets processed, how to build flexibility into model and sub-processor changes, how to allocate compliance across jurisdictions and parties, why governance does more work than the contract, and how hard to lean on no-retention and no-training promises.
Here are our top ten takeaways from the speakers' comments during the webinar:
Understand the technology before you open the contract. Rachel made this her first rule for a reason. You cannot draft a clause that holds up when you do not know the full tech stack, where the data travels, and what your business actually feeds into the tool. Sit with IT, read the network diagrams, and get a solid picture of the inputs, prompts, and outputs first. The contract gets easier once you understand the solution.
Map every place your data could land. AI products route prompts across fourth-party models and multiple cloud regions, so a single query can travel somewhere you never approved. Ask the vendor to list every processing location, including the models it calls. When you cannot pin the locations down, at least know where your data goes so you can decide whether you are comfortable. You cannot manage a risk you have not mapped.
Check whether the vendor can actually honor your location limits. Some vendors lack the legal, contractual, or technical ability to restrict where data is processed, and a few will agree anyway just to win the deal. One enterprise HR deal fell apart at the finish line when the vendor admitted its load balancing could route data to Hong Kong and it could not control that. When a hungry vendor accepts every restriction without blinking, that is your cue to dig deeper into how the system really works.
Keep a termination right as your safety net. However clean the drafting looks, you want a way out when the processing location, the model, or the compliance picture stops working for you. Pair the termination right with a pro-rata refund of anything you prepaid. Vendors will want a conversation first and a time limit, which is fair, so negotiate the mechanics rather than the right itself.
Approach model and sub-processor changes as a flexibility question. These tools improve dramatically every few weeks, and locking in one model means missing the gains, especially for the security solutions you need updated fast. For use cases where a model change adds no real value, you can set reasonable parameters, though never a long freeze, since older models get sunset. Find out whether the vendor controls its models or just wired up public APIs, because that tells you what flexibility it can actually promise.
Keep privacy terms and AI terms in their own lanes. Sub-processor obligations come from privacy law, so that language belongs in your DPA, not buried in an AI clause. Separating the two gives both sides clarity about what each provision is doing. A model provider can be a sub-processor, but whether personal data reaches it depends on the orchestration and the use case. Clean structure here prevents arguments later.
Watch the carve-outs, the logging, and the model-improvement language. Exceptions for model improvement activities are a loophole worth striking outright. Abuse monitoring can move your data out of the secure environment and in front of vendor employees, and most tools let you toggle it off. Logging in an AI context captures the prompts, the attachments, and the context, which means it captures your business content, so the location of that storage matters too.
Allocate compliance by who drives the obligation. Decide whether the vendor is complying with laws that apply to it, laws that apply to you, or both, and itemize the categories, because AI keeps moving that line. Add a change-in-laws clause and require the vendor to support your compliance with documentation, answers, and responses to regulators at a pre-negotiated rate. When the customer supplies biased historical data, the biased output is on the customer, not the model. Match the responsibility to whoever actually controls the risk.
Build governance you can actually run. Rachel called the contract almost the least important part of the relationship now, with diligence and oversight doing the real work. Keep an inventory of your AI systems mapped to their use cases so you can triage the high-risk ones for vigilant monitoring and reassess the rest on a schedule. Build a system to revisit these deployments, the same way teams built mechanisms to track sub-processor updates. The contract is your backstop, not your substitute for paying attention.
Read no-retention and no-training promises closely. No training on your data is a sensible baseline for enterprise tools, with narrow exceptions for non-sensitive pattern data. No retention deserves more scrutiny, since a vendor can hold zero data retention agreements with its models and still run monitoring and logging. Ask how deletion works, whether it is automated, and how the vendor confirms it. For privileged or highly sensitive data, decide whether the residual risk is worth it at all.
Subscribe to Stay in the Loop
These takeaways are a small slice of what we cover each week. Our newsletter rounds up recaps like this one and points you toward the webinars coming next. Subscribe now so the next set of practical insights finds you.







