@Quinnypig The opt-out is also weasel-wordy, as you can opt out from *Global* models -- are there non-global ones?
If you are covered under the GDPR, Article 28 allows you to audit them to a reasonable degree and request a Data Protection Impact Assessment (DPIA/TIA) under Article 35.