Registry / compare
Mistral La Plateforme vs Mistral via Azure AI
The same dimension can grade differently depending on who serves the model. Every cell links to its source; grades are evidence grades, not endorsements.
| Dimension | Mistral La Plateforme | Mistral via Azure AI |
|---|---|---|
| SOC 2 Type II | ◐Yes, sales-gated Help center states Mistral "complies with SOC 2 Type II and ISO 27001/27701 frameworks"; the report itself is not public and must be requested via the Trust Center... | ◔Partial Azure undergoes SOC 2 Type II audits and Microsoft's Foundry data-privacy doc states serverless model deployments "are subject to Azure data, privacy, and security... |
| ISO 27001 | ◐Yes, sales-gated Same help-center source claims ISO 27001/27701 compliance; certificate and scope statement gated behind Trust Center document request. Certificate body and scope not publicly visible. | ◔Partial Azure is ISO/IEC 27001 certified (regular independent third-party audits). As with SOC 2, the certificate's statement-of-applicability / in-scope service list is gated on the... |
| ISO 42001 | ○No public evidence No ISO/IEC 42001 claim found on help.mistral.ai, trust.mistral.ai, or mistral.ai as of verification date. Only SOC 2 Type II and ISO 27001/27701 are claimed. | ◔Partial Microsoft lists "Microsoft Foundry" among services in scope for its ISO/IEC 42001 certification, which covers the platform serving this offering. The certificate and exact... |
| Trust center | ●Yes, public Maintained trust center exists (SafeBase-style portal, JS-rendered). Portal is public; compliance documents (SOC 2 report etc.) require an access request. Referenced from the... | ●Yes, public Microsoft maintains a public Trust Center; audit reports and certificates are distributed via the Service Trust Portal, which requires sign-in. Platform-level cell; Mistral AI... |
| HIPAA BAA | ○No public evidence No public statement that Mistral will sign a HIPAA BAA covering La Plateforme, and no HIPAA article in the help-center compliance collection. Marketing (mistral.ai/solutions)... | ◔Partial Microsoft's HIPAA BAA is automatically part of the Product Terms/DPA for all covered-entity customers, but it applies only to "in-scope Azure services," and the in-scope list... |
| GDPR DPA | ●Yes, public Public DPA covering all "Mistral AI Products" (includes La Plateforme API), incorporating EU SCCs and linking a published subprocessor list with email change notifications.... | ●Yes, public Microsoft's Foundry data-privacy doc states the Microsoft Products and Services Data Protection Addendum "governs data processing by Azure services" including these... |
| No-training default | ◔Partial Not a blanket no-training commitment for the whole platform: paid (Scale) API customers are opted out of training by default, but free-tier API usage is opted IN by default and... | ●Yes, public Explicit commitment for serverless deployments - "Microsoft doesn't share these prompts and outputs with the model provider. Also, Microsoft doesn't use these prompts and... |
| Retention / ZDR | ◐Yes, sales-gated Retention is publicly documented (30 rolling days for stateless API abuse monitoring). ZDR exists but is gated: Scale plan only, request via support with justification,... | ●Yes, public For serverless API deployments Microsoft documents that models are stateless and store no prompts or outputs; content filtering, if enabled, is real-time screening. No... |
| Residency | ●Yes, public EU hosting is the default (no configuration needed), a genuine differentiator for a first-party API. Caveats: specific EU country/cloud provider not named, and data may be... | ◔Partial Two documented residency levers - (1) serverless API deployments: "Prompts and outputs are processed within the geography specified during deployment, but they might be... |
| GPAI Code | ●Yes, public Mistral AI appears on the European Commission's GPAI Code of Practice signatory list with no chapter limitation. Mistral was among the first signatories (July 2025).... | ●Yes, public Two-level rule - this cell describes Mistral AI, the model developer and GPAI provider under the EU AI Act, not Microsoft (the distributor). Mistral AI appears on the European... |
| Art. 53 summary | ?Unclear Mistral runs an AI Governance hub with per-model documentation (downloadable zip per model, e.g. Mistral Large 3.0), positioned as its AI Act compliance hub. However, no public... | ○No public evidence Developer-level cell (Mistral AI, per the two-level rule). No public Article 53(1)(d) training-content summary in the EC template format could be located on Mistral's sites as... |