The privacy risks around AI tools are real but manageable — and most small businesses are either ignoring them entirely or overcorrecting with blanket bans that kill productivity. The practical answer is neither. It’s a clear set of rules your team can actually follow.

What Not to Paste Into AI Tools

This is the most important rule and the simplest to communicate to your team. Do not paste the following into any consumer-tier AI tool:

• Customer names, emails, phone numbers, or purchase history (PII)
• Employee records, HR files, or compensation data
• Legal contracts or NDAs with third-party confidential terms
• Financial statements, tax records, or banking information
• Unreleased product plans, pricing strategies, or M&A information
• Any data you’re obligated to protect under HIPAA, PCI-DSS, SOC 2, or similar

When in doubt: anonymize or redact before pasting. Replace real names with “Customer A,” real dollar amounts with “[AMOUNT],” and real company names with “[VENDOR].” The AI still works fine — and the sensitive data never leaves your control.

Consumer vs. Business Tier: The Key Difference

Consumer-tier accounts (Claude Free, ChatGPT Free) may use your inputs to improve models, and human reviewers may read flagged conversations. Business and team tier accounts have different terms:

• Claude Pro and Claude for Work: Anthropic does not use Pro/Team inputs to train models by default. Data retention and processing terms are clearly documented in Anthropic’s usage policies.
• ChatGPT Plus / Team / Enterprise: OpenAI’s Team and Enterprise plans explicitly exclude your conversations from training data. The free and Plus individual plans have less clear protections.
• API access (either vendor): Generally the strongest protections — your inputs are not used for training by default under standard API terms. Relevant if you’re building internal tools.

Upgrade to business/team tier for any AI tool your team uses with real business data. The cost difference is minimal compared to the exposure risk.

Data Retention and What Happens to Your Inputs

Both Anthropic and OpenAI retain conversation data for a period (typically 30 days for abuse review, longer for some account types) before deletion. Check your account settings — both platforms let you turn off conversation history, which reduces retention. Don’t assume “private mode” or “no history” means zero retention; read the vendor’s current documentation on this.

Access Control Inside Your Team

If multiple team members are using AI tools, treat access like any other business application:

• Use team/workspace accounts so you can centrally manage who has access and revoke it when someone leaves
• Don’t share personal credentials — each user should log in with their own account under the team plan
• Set a clear internal policy on what data is and isn’t acceptable to use in AI tools, and put it in writing

BYO-Key and Self-Hosted Options

For operators with stronger compliance requirements, two options increase control:

• BYO-Key (Bring Your Own Key): Use the Claude or OpenAI API with your own API key through a tool like n8n or a custom app. Your data flows through your infrastructure, not a shared consumer product.
• Local models via Ollama: Run open-source models (Llama, Mistral) entirely on your own hardware. No data leaves your building. Requires more technical setup but is the right call for certain regulated industries.

Vendor Due Diligence (Quick Version)

Before giving any AI tool access to your systems or data, answer three questions: Does the vendor have a published data processing agreement (DPA)? Do they have a SOC 2 Type II report? Are they clear about where data is stored and for how long? If any answer is “I don’t know,” find out before onboarding. See Set Up Your AI Workspace for how to organize your tools with data safety built in from the start.