Checkbox
What Checkbox publishes about its data handling, captured from checkbox.ai on 2026-06-05. See also the Checkbox vendor profile.
Document inventory
| Document | Publicly posted | Source |
|---|---|---|
| Terms of service | yes | https://checkbox.ai/legal |
| Privacy policy | yes | https://checkbox.ai/legal/privacy-policy |
| Data processing agreement | yes | https://www.checkbox.ai/legal/data-processing-addendum |
| Security page | yes | https://checkbox.ai/ |
| Subprocessor list | not posted at capture | — |
Transparency count: 4/5
Checkbox had 4 of the 5 document types publicly posted at capture (terms of service, privacy policy, data processing agreement, security page). Not found publicly: subprocessor list — which means not publicly posted at capture time, not that the document doesn't exist. Many vendors share DPAs and subprocessor lists only on request or behind a trust portal.
AI-training stance: No-train commitment
verdict: clean-no-train
De-identified/aggregated analytics to test/enhance the Software; flag also fired on staff security training. Standard.
“Any such use and collection of Data will be on a de-identified and aggregated basis”
Quoted verbatim from the vendor's terms of service, read 2026-06-05.