Quick answer: You can put company data into ChatGPT, but where you can depends on the tier. On the consumer Free and Plus plans, your conversations may be used to train models unless you turn training off in the data controls. ChatGPT Team, Enterprise, and the API do not train on your business data by default. The real risk is what you paste: never put in passwords, credentials, customer personal data, financial records, contracts, or anything under an NDA on a consumer plan.
This question comes up more than any other, usually with a knot of anxiety behind it. The honest position is that ChatGPT is safe for a lot of business work and genuinely risky for a specific set of things. Once you can tell the two apart, the anxiety mostly goes away. What follows is the current picture, with a warning: vendor data policies change, so treat the specifics as a prompt to go and check your own account settings rather than gospel.
Is it safe to put company data into ChatGPT?
Some of it, yes. Drafting an email, summarising a public report, rewording a job advert, brainstorming names — none of that needs to touch anything sensitive, and it's fine on any tier. The safety question only bites when the data is personal, secret, or contractually protected. For that category, the tier you use and what you paste both matter.
Here's the mental model. There are two separate risks:
- The training risk — will the vendor use what you type to improve its models? This depends entirely on your plan and settings.
- The exposure risk — even if nothing trains on it, your data is being sent to and processed on someone else's servers. Some data should never leave your control regardless of the plan.
A business tier handles the first risk. Only your own discipline handles the second.
Does ChatGPT train on what I type?
It depends on your plan. On the consumer Free and Plus tiers, OpenAI may use your conversations to train models unless you turn training off in the data controls. On ChatGPT Team, Enterprise, and the API, your business inputs are excluded from training by default. Always confirm the current setting in your account, because defaults and toggles shift over time.
On a personal Free or Plus account, look for the setting usually labelled something like "Improve the model for everyone" in data controls and switch it off if you don't want your chats used for training. That stops future conversations feeding training, though it doesn't retroactively unwind anything already processed.
The paid business tiers are built differently. Team, Enterprise, and API usage sit under commercial terms where your data is excluded from training as the default, not something you have to remember to switch off. That's the main reason to put a business account in front of anyone doing real work.
| Tier | Trains on your data? | Data retention | Business use |
|---|---|---|---|
| Consumer (Free / Plus) | Can do, unless you turn training off in data controls | Held for a period; you can use temporary chats or delete history | Fine for non-sensitive drafting; risky for personal or confidential data |
| Team / Enterprise | No — excluded by default | Configurable; admin and retention controls, plus a DPA | Built for it; the sensible baseline for staff |
| API | No — excluded by default | Limited retention for abuse monitoring, per current policy | Best for embedding AI into your own systems with your own controls |
The exact retention windows and terms are set by OpenAI and do change, so read the current data-usage and DPA pages for your plan before you rely on any specific number.
What data should I never paste into ChatGPT?
Never paste secrets, identifiable customer data, or legally protected material into a consumer-tier chatbot. That means passwords and API keys, customer personal data, financial records, signed contracts, health or other special-category data, and anything covered by an NDA. Each carries a security, legal, or contractual risk that a general chat tool is the wrong place to hold.
The concrete "do not paste" list:
- Credentials — passwords, API keys, access tokens, card numbers. Pasting a live key into any chat window is an incident waiting to happen.
- Customer personal data (PII) — names, emails, phone numbers, addresses, account IDs. This is personal data under UK GDPR and needs the right legal footing.
- Special-category data — health, ethnicity, religion, sexuality, biometrics. The bar for handling this is high; a consumer chatbot doesn't clear it.
- Financial records — payroll, management accounts, bank details, anything commercially sensitive about you or a client.
- Contracts and NDA material — if a confidentiality clause covers it, pasting it into a third-party tool may breach that clause.
The redaction habit solves most of this. If you want ChatGPT to reword a difficult client email, replace the real name with "[Client A]" and the real figures with placeholders. You keep the structure and the wording help; you lose the risk. If you're constantly redacting the same fields, that's a signal you've outgrown copy-paste and want a system that keeps the data inside your own infrastructure — the sort of thing an AI System Audit exists to scope.
How do I use ChatGPT safely for business?
Put a business tier in front of your team, turn off training where the option exists, and set a clear rule on what may and may not be pasted. Anonymise customer details before they go in, never paste credentials or special-category data, and check the data-processing agreement for the plan you're on. A short written policy prevents most accidents.
Five practical rules:
- Use a business tier. Team or Enterprise for staff, the API for anything you're building. Consumer Free is the riskiest place to do company work.
- Turn off training on any consumer account still in use, and confirm the business default is doing what you expect.
- Anonymise before you paste. Placeholders instead of real names and numbers whenever the content itself doesn't need them.
- Never paste secrets. No credentials, no card numbers, no special-category data — regardless of tier.
- Check the DPA and set a policy. Know what the vendor commits to, and give staff a one-page rule so they don't have to guess. Our AI use policy template gives you a starting point.
None of this is expensive or slow. A Team plan and a one-page policy cover most UK SMEs, and they turn "can I paste this?" from a nervous guess into a known answer.
Is this a GDPR problem?
It can be. Pasting a UK customer's personal data into a general chatbot is a processing activity under UK GDPR, which means you need a lawful basis and, in most cases, a data-processing agreement with the vendor. The consumer tier doesn't give you that footing. Anonymise the data or move to a business tier with a signed DPA.
The ICO's guidance on AI and data protection is worth reading if this is a real part of your operation. The short version for an owner: if identifiable personal data goes into the tool, you're a data controller making a decision about how that data is processed, and you're on the hook for it. A business tier with a DPA and training excluded puts you on much firmer ground than a personal login. For the fuller picture, see our guide to AI and UK GDPR for small business.
None of this makes AI off-limits. It just means personal and special-category data needs the right plan and the right paperwork, the same as any other third-party processor you'd use.
What about Copilot, Gemini, and Claude?
The pattern holds across all of them. Consumer tiers may use your inputs to improve the product; business and enterprise tiers exclude your data by default and offer a data-processing agreement. Microsoft Copilot, Google Gemini, and Anthropic Claude each publish their own data controls, so the tier and the contract matter more than the brand.
At a high level:
| Tool | Consumer tier | Business / enterprise tier |
|---|---|---|
| Microsoft Copilot | Personal Copilot may use interactions per consumer terms | Copilot for Microsoft 365 keeps data within your tenant's compliance boundary and excludes it from training; commercial data protection applies |
| Google Gemini | Free Gemini may have conversations reviewed and used to improve services | Gemini for Workspace / Google Cloud excludes your data from training and sits under enterprise data terms |
| Anthropic Claude | Consumer Claude has its own data-control settings for training | Claude Team, Enterprise, and the API do not train on your business inputs by default and offer a commercial agreement |
Descriptions here are qualitative on purpose. Every one of these vendors updates its policies, and the exact wording of what's used and retained shifts with each revision. Before you commit company data to any of them, open the current data-control settings and the data-processing terms for your specific plan and read what they say today. The safe assumption is the same everywhere: consumer tier for non-sensitive work, business tier with a DPA for anything that touches personal or confidential data.
Where does a chatbot stop being enough?
ChatGPT and its rivals are where you learn what AI is useful for. A person using a tool by hand, always in the loop. The moment sensitive data needs to be part of the job routinely — support answering from real customer records, a process reading your contracts, anything that can't be anonymised away — you've hit the ceiling of what a paste-in-a-box tool should hold.
That's the point where the answer isn't a better prompt, it's a system that keeps the data inside your own infrastructure with proper access controls and an audit trail. Working out which side of that line you're on is exactly what the free AI Readiness Assessment is for, and if you're already past it, the £8,000 fixed-fee AI System Audit scopes what a safe build would look like before you commit to it. Most owners find that for everyday work a business-tier chatbot is plenty, and the paperwork to use it safely takes an afternoon.
FAQ
Does ChatGPT train on my company data?
On the consumer Free and Plus tiers it can, unless you turn training off in the data controls. ChatGPT Team, Enterprise, and the API do not train on your business inputs by default. Check the current setting in your account, because the toggles and defaults change over time.
Is it safe to paste customer data into ChatGPT?
Not on the consumer tier without care. Customer names, emails, phone numbers, and account details are personal data under UK GDPR. Anonymise or remove them, or move to a business tier with a signed data-processing agreement. When in doubt, redact before you paste — treat every input as if it leaves your building.
What data should I never put into ChatGPT?
Never paste passwords, API keys, or other credentials; special-category data like health records; financial records and card numbers; signed contracts or anything under an NDA; and identifiable customer personal data on the consumer tier. These carry legal, security, or contractual risk that a general chatbot is the wrong place to hold.
Does ChatGPT Team or Enterprise keep my data private?
Team and Enterprise exclude your inputs from model training by default and give you retention and admin controls plus a data-processing agreement. That is a stronger position than the consumer tier, but your data is still processed on the vendor's servers. Read the current DPA and retention terms rather than assuming.
Is putting personal data into ChatGPT a GDPR problem?
It can be. Pasting a UK customer's personal data into a general chatbot is a processing activity that needs a lawful basis and, usually, a data-processing agreement with the vendor. The consumer tier does not give you that footing. Anonymise the data or use a business tier. See our UK GDPR guide for the detail.
Are Copilot, Gemini, and Claude safer than ChatGPT for business data?
The pattern is the same across all of them: consumer tiers may use your inputs, business and enterprise tiers exclude them by default and offer a DPA. Microsoft Copilot, Google Gemini, and Anthropic Claude each publish their own data controls. The tier and the contract matter more than the brand — verify the current settings for whichever you use.
How do I use ChatGPT safely for company work?
Use a business tier (Team, Enterprise, or the API), turn off training where the option exists, and never paste secrets or special-category data. Anonymise customer details, check the data-processing agreement, and set an internal rule for what staff may and may not paste. A short written AI use policy prevents most accidents.