b'itself retains any data that it processes and, if so, for how long. Based upon our review of several major model providers, we believe data retention at the transformer level falls broadly into the following categories: Bydefault,modelproviderstendtokeepdataforafixedperiod(typically30days)afteritis processed. Withspecificapproval,modelprovidersmayagreetoconvertthetransformertoZeroData Retention. With this configuration in place, the model will not retain any data that it processes. Lawyers using a Native Model Platform must negotiate and manage the transformers retention period directly. By contrast, if a lawyers application is based on an API Integration, it is the application provider, and not the lawyer, who controls this setting. A transformer operating in Zero Data Retention mode is generally more appropriate for processing sensitive information, including Sensitive Personal Information. Data Retention for Abuse Monitoring Closely related to transformer-level retention, many GAI tools also log user inputs and outputs for abuse monitoring purposes. These logs are intended to detect and prevent prohibited activities such as malicious code generation, harassment, or other uses that violate the providers terms of service. 51By default, model providers are likely to retain abuse monitoring logs for a defined period, often 30 days, even if the transformers data retention is set to Zero Data Retention. These logs may contain user content, and they may be reviewed by human moderators or analyzed automatically for compliance purposes. 52Some providers allow these logs to be disabled or to operate in a Zero Data Retention mode for approved accounts. Due to the risk of storage and disclosure, systems with abuse monitoring logs disabled are generally more appropriate for processing sensitive information. Data Isolation Anytime you store or process data in a cloud environment, there is some level of resource sharing among the customers of that service. In a fully multi-tenant environment, most of the components of the environment are shared by all customers of the service, subject only to basic logical separation. Multi-tenant environments are less expensive, but they increase the risk of data leakage between customers. Isolated environments tend to be more expensive but are also more appropriate for storing and processing highly sensitive data. Figure 4 below shows how a GAI tool developer might deploy their architecture within the Microsoft Azure OpenAI service. 53As stated by Microsoft this solution is the easiest to implement, but it provides the least data isolation and performance isolation. 51 Abuse Monitoring, Microsoft Learn (Sept. 30, 2025), https://learn.microsoft.com/en-us/azure/ai-foundry/openai/concepts/abuse-monitoring (last visited October 2, 2025). 52 . supra53Id , note 33.Multitenancy and Azure OpenAI Service Page | 29'