Cohere
GDPR Compliance
Data Handling
SaaS platform infrastructure is US-only (Google Cloud US-Central). Private and third-party cloud deployments (AWS, Azure, GCP, OCI) can be configured for EU regions by the customer — in those cases Cohere never receives customer data.
Enterprise customers can opt out of training via Data Controls toggle in dashboard. Trial users opted in by default. Zero Data Retention available for enterprise customers. Prompts and generations auto-deleted after 30 days unless flagged.
PII is filtered/stripped from prompts before use in training if opted in. Private and third-party cloud deployments: Cohere never receives any customer prompts or generations.
Certifications & EU AI Act
Holds ISO 42001 (AI Management System) certification. No specific EU AI Act compliance declaration found. As a Canadian company placing models on the EU market, EU AI Act GPAI obligations apply.
Verification
Headquartered in Toronto, Canada. DPA requires NDA and is not publicly downloadable — request via privacy@cohere.com. All SaaS infrastructure is US-based; EU-to-US transfers rely on SCCs. All listed sub-processors are US-based. Enterprise customers have strong opt-out controls including ZDR.
Models (4)
| Model | Modality | Context | Input | Output |
|---|---|---|---|---|
Cohere: Command A cohere/command-a | text | 256K | $2.50 | $10.00 |
Cohere: Command R (08-2024) cohere/command-r-08-2024 | text | 128K | $0.150 | $0.600 |
Cohere: Command R+ (08-2024) cohere/command-r-plus-08-2024 | text | 128K | $2.50 | $10.00 |
Cohere: Command R7B (12-2024) cohere/command-r7b-12-2024 | text | 128K | $0.037 | $0.150 |