✅ Feature availability: This article discusses Customer Commitments, which requires an add-on purchase. Refer to Vanta Plans and Pricing for details.
Customer Commitments centralizes and tracks the security, compliance, and privacy obligations defined in your customer contracts. These commitments include requirements like security incident notification SLAs, data deletion and return timelines, sub-processor change notices, and audit rights. Instead of manually reviewing contracts or managing obligations in spreadsheets, you can maintain a single, always-current source of truth in Vanta.
Vanta’s AI Agent reads your uploaded contracts, extracts relevant commitments, and organizes them into a structured, searchable inventory. This makes it easy to understand what you’ve promised, compare requirements across customers, and quickly answer questions, such as which customers require 24-hour incident notification, who needs a certificate of deletion after data deletion, or which agreements permit onsite audits.
Getting started with Customer Commitments
Enable Vanta AI: Customer Commitments requires Vanta AI to be enabled in your account settings.
Import your contracts: Upload contracts manually or sync them from a supported integration to start building a complete inventory of your commitments.
Review your notifications: As contracts are processed, commitments are automatically added to your inventory. You’ll receive notifications summarizing new commitments so you can stay up to date.
Define standard commitments: Define your standard terms so Vanta can automatically flag deviations from your standards in your customer customer contracts.
Configure user permissions: Ensure the right stakeholders have access to view and manage commitments.
📣 We’d love your feedback. Customer Commitments is actively evolving—share your feedback to help shape what comes next.
Importing your contracts
To begin tracking commitments, you’ll need to bring your customer contracts into Vanta. You can upload contracts manually or sync them from a supported contract lifecycle management (CLM) system.
Contracts must be stored in Vanta so extracted commitments can be linked to their source clauses. This allows you to review citations, verify accuracy, and confirm where each obligation originates in the contract.
Uploading PDF contracts
Uploading PDF contracts
You can upload individual contract files or upload multiple contracts at a time in bulk.
To upload contracts to Vanta:
From the Commitments page, go to the Contracts tab.
Click Import contacts.
Click Upload or drag and drop your files.
You can upload up to 10 contracts at a time.
Each file must be 50MB or less.
Only .pdf files are supported.
Click Upload to begin processing.
Once uploaded, Vanta AI will begin extracting contract details and identifying commitments. You can continue working in Vanta while processing completes.
Uploading large contracts (175+ pages)
Uploading large contracts (175+ pages)
Contracts greater than 175 pages are processed using an older AI model, which may result in reduced extraction quality.
To improve results, consider breaking large contracts into multiple smaller documents before uploading. Use natural break points, such as separating standalone addendums or exhibits into their own files.
Keep in mind:
There is no limit to the number of contracts that can be associated with an account.
Vanta AI does not cross-reference separate uploaded documents. If you split a large contract into multiple files, the AI will not connect definitions or references between them. For example, if Document B references a definition in Document A, the AI will not automatically link those sections.
Syncing contracts from Ironclad
Syncing contracts from Ironclad
You can connect to Ironclad to automatically sync contracts into Vanta. Once connected, finalized contracts are pulled into Vanta on an ongoing basis, including new and updated agreements.
Before you connect:
Ensure you have the appropriate permissions in Ironclad to authorize the integration and sync contracts.
Only finalized contracts are synced. Contracts in draft status are not pulled into Vanta.
To connect to Ironclad:
From the Commitments page, go to the Contracts tab.
Next to the Import contracts button, click the gear icon to view commitment settings.
Follow the prompts to connect and sync contracts from Ironclad—you must check the box to grant Vanta permissions to sync contracts for commitment management.
After the integration is set up, contracts will begin syncing automatically. Once processed by Vanta AI, extracted commitments will be available in your inventory for tracking and management.
Supported CLMs
Supported CLMs
Customer Commitments currently supports syncing finalized contracts from Ironclad. Support for additional integrations is on the roadmap, including Salesforce, SharePoint, and Google Drive.
Uploading contracts via API
Uploading contracts via API
You can also upload contracts programmatically using the Vanta API. See the API reference for available endpoints.
Commitment notifications
As commitments are automatically added to your inventory, Vanta keeps you informed of updates:
Manual uploads: Once processing is complete, you’ll receive a notification summarizing how many commitments were added to your inventory.
Synced contracts: Admins receive a weekly digest summarizing new contracts and commitments added over the past week.
Unassigned accounts: If Vanta AI can't automatically assign an account when importing contracts, admins receive a daily email listing the affected contracts.
Notification preferences can be configured in your notification settings, including delivery via email or Slack.
Managing your commitments
Once Vanta AI finishes processing your contracts, extracted commitments are automatically added to your inventory and organized by type. From there, you can review and manage your commitments to ensure they accurately reflect your contractual obligations.
Understanding commitment types
Understanding commitment types
On the Commitments page, commitments are organized by type—click on any commitment type to open the commitment details page which contains a list of those commitments across your contracts.
Each commitment type uses one of the following formats, which determines the fields available when viewing or editing commitments:
Format | Description | Commitment types |
Structured | Uses a defined schema with fields tailored to the commitment type that allow for filtering on the commitment details page. You can view definitions above the table to understand the purpose of each field. |
|
Unstructured
| Uses a general schema with basic fields: Account, Contract, and Summary. |
|
Custom | Uses a general schema with basic fields: Account, Contract, and Summary. |
|
ℹ️ Note: More structured commitment types are on the way—as new types become available, your existing commitments will be automatically extracted into the new schema, and you'll be notified of the update.
Viewing commitments
Viewing commitments
Once contracts are processed, commitments are automatically added to your inventory. You can review these commitments at any time to confirm they accurately reflect your contractual obligations.
Commitments can be viewed across your entire inventory or within individual contracts:
Tab | Description |
Commitments tab |
|
Contracts tab |
|
⚠️ Note: Vanta AI automatically extracts commitments from your contracts. To ensure accuracy, we encourage you to review commitments as needed by opening them and comparing extracted information to the original contract language.
Editing commitments
Editing commitments
To edit a commitment:
From the Commitments tab: Click View commitments to open the commitment details page, open the commitment you’d like to edit, and click the ✎ pencil icon to edit the commitment.
From the Contracts tab: Open a contract, locate the commitment you’d like to edit, and click the ••• menu to edit the commitment.
Keep in mind:
When you change a field value, it will be marked as user-modified so you can distinguish it from AI-extracted values.
The commitment format and type determine the fields available for a given commitment. If you change the commitment type, the fields available will update.
An em dash (—) in a table row means Vanta AI determined that a value wasn’t specified in the contract. Review the commitment to confirm accuracy or update the value if needed.
Archiving commitments
Archiving commitments
You can archive commitments you no longer want to track in your active inventory.
To archive a commitment:
From the Commitments page, go to the Contracts tab.
Open a contract and locate the commitments you want to archive:
To archive an individual commitment, click the ••• menu.
To archive commitments in bulk, select one or more commitments using the checkbox.
Click Archive.
Archiving removes a commitment from the active view without deleting it, preserving the underlying data for future reference. To access them, click the ••• menu at the top-right of a contract and select View archived commitments.
ℹ️ Note: Archived commitments can’t be permanently deleted at this time.
Adding commitments manually
Adding commitments manually
You can add a commitment manually if needed:
Within a contract, highlight the text within the contract so a citation can be linked to the commitment, and click + Add commitment.
You'll need to add a commitment type and enter a summary.
Manually added commitments are labeled as user-modified so you can distinguish them from AI-extracted values.
Assigning customer accounts
Assigning customer accounts
Contracts are assigned to Customer Trust Accounts in two ways:
Automatically: When contracts are imported, Vanta AI will automatically match them to an existing account or create a new account for you.
Manually: In some cases, Vanta AI may not be able to assign a customer account. When viewing commitments or contracts, you can filter by unassigned accounts and manually assign them.
⚠️ Note: If you've connected Salesforce to your Trust Center, Vanta AI will only create a new account in Vanta if it can find a match in Salesforce to link to. If no match is found, the contract will remain unassigned and you'll need to assign it manually. Manually created accounts in Vanta won't be linked to your Salesforce record—to link them, create the account in Salesforce first, then re-upload the corresponding contract.
Standard commitments
Standard commitments are your company's default terms. Defining them lets Vanta AI label each customer commitment as standard or non-standard, so you can quickly spot the ones that actually vary—and focus your attention where it matters.
From the Commitments page, click Manage standard commitments. You’ll see the following tabs:
Standard commitment library: Manage your definitions for each standard commitment, organized by commitment type.
Your standard contracts: Manage the standard contract PDFs you've uploaded as sources.
💡 Tip: Using standard commitments helps you spot which customer commitments meet your standard terms and which ones represent exceptions you should know about. When a standard commitment is active, Vanta AI surfaces this context throughout the commitments experience so you can filter by standard or non-standard and see exactly which fields differ from your baseline.
Defining standard commitments
Defining standard commitments
Standard commitments are currently limited to structured commitment types. You'll be able to define standards for the types in that list, and more will become available as Vanta adds structure to additional commitment types.
To define a standard commitment:
Import standard contracts: Upload PDF contracts and Vanta AI will extract proposed standard commitments. Once processing is complete, you’ll be notified so you can review and accept each one to make it active.
Add a commitment manually: Define a standard commitment directly. Manually added standard commitments are immediately active and are not linked to a source contract.
When a standard commitment is made active, Vanta AI evaluates all your existing customer commitments against it. From that point on, any new customer contracts you import are evaluated automatically too.
ℹ️ Note: Some fields are not included in standard analysis. When Vanta AI compares your customer commitments to the standard commitment, only fields with structured values are included. Fields with free text such as notice requirements, scope criteria, and deletion protocol, are not included in the standard analysis.
Resolving duplicate commitments
Resolving duplicate commitments
When Vanta AI finds more than one proposed standard commitment for the same commitment type, you'll need to pick the one that best represents your standard terms.
Choose standard commitment: Review the proposed standard commitments and select the one you want to use, or define one manually. All other proposed standard commitments for that type will be deleted.
Ignore: Delete all proposed standard commitments for that type. You can define a new standard commitment for that type at any time.
ℹ️ Note: Deleting proposed standard commitments removes them from your standard commitment library and from the standard contract they were extracted from. Your customer contracts and the commitments extracted from them won't be impacted.
Editing or deleting standard commitments
Editing or deleting standard commitments
Making changes to a standard commitment only affects how Vanta evaluates and displays customer commitments. Your customer contracts and the commitments extracted from them won't be impacted.
Edit: Click the pencil icon on a standard commitment. When you save changes, Vanta will re-evaluate your customer commitments against the updated standard commitment.
Delete: Click the trash icon on a standard commitment and confirm. Vanta will no longer evaluate standard or non-standard labels for that commitment type until you create a new one.
Managing standard contracts
Managing standard contracts
Standard contracts you imported are stored in the Your standard contracts tab. Open a contract to review the source PDF alongside all potential standard commitments cited in the contract, organized by commitment type.
For each potential standard commitment you can:
Accept: The standard commitment becomes active and overrides any existing active standard commitment for that type.
Ignore or delete: The standard commitment is removed. If it was active, that commitment type will no longer have an active standard commitment until you define a new one.
Resolve duplicates: Compare all potential standard commitments for that type across your standard contracts so you can choose the right one.
If you delete a standard contract, all proposed and active standard commitments sourced from it are also deleted.
Configuring user permissions
Customer Commitments follows Vanta’s user role-based access model. User permissions determine who can view contracts, review commitments, and make changes.
This design ensures that sensitive contract content is limited to Admin users, while still allowing Editors and Trust Admins to work with the extracted commitments.
Role | Permissions |
Editors and Trust Admins | Editors and Trust Admins can view and manage commitments, but they cannot view the underlying source contract documents.
Editors and Trust Admins can:
|
Admins | Admins have full access to all Customer Commitments features.
Only Admins can:
|
For example, when viewing commitments within a contract, Editors and Trust Admins can see the citation within a commitment—but only Admins can view the citation within the underlying contract:
