Is your data safe in AI?

The honest answer depends on one thing almost no one checks: which plan you are on. Consumer plans and business plans treat your data completely differently, and most leaks happen because someone never knew the difference.

Here is the fact that stops most CEOs cold. As of August 2025, if your team uses the free, Pro, or Max version of Claude, those chats are used to train the model by default unless someone went into settings and turned it off. The same is true of consumer ChatGPT. The customer list your head of sales pasted into a personal account last Tuesday is not in a private vault. It is, by default, training data.

What it is (in plain English)

There are two worlds, and the line between them is the plan, not the product.

Consumer plans (Claude Free / Pro / Max, ChatGPT Free / Plus) are built for individuals. By default they may use your conversations to improve the model, and they retain your chats. Anthropic's consumer terms changed in August 2025 to train on chats unless you opt out; OpenAI's consumer terms work the same way. The opt-out toggle exists, but "off by default" is not the world you are living in, and you cannot count on every employee to have flipped it.

Business plans (Claude Team / Enterprise, ChatGPT Team / Enterprise) are built for companies. They contractually do not train on your data, retention is controlled by your admin, and you get a paper trail. This is the world you want your company in.

There is one more wrinkle worth knowing, because it kills the "I just delete the chat" defense. In 2025 a court order in the New York Times lawsuit forced OpenAI to preserve consumer chats, including deleted and temporary ones, for a stretch of that year. "Delete" did not mean gone. Business and API customers on zero-retention terms were exempt, which is exactly the point: the tier you are on decides what is true.

Why CEOs care

Because this is the single most common way a company leaks something it cannot un-leak, and it costs nothing to fix.

Your exposure is not theoretical. Surveys in 2025 found that a large majority of AI users copy and paste data straight into chatbots, a meaningful slice of those pastes contain PII or regulated data, and the overwhelming majority of that comes from unmanaged personal accounts. That last part is the trap. You can buy the right business plan and still leak everything if your team keeps using personal free accounts for work on the side. That pattern has a name, shadow AI, and it is the real risk, not AI itself.

The mental model to give your team is a traffic light. Green: public or already-shared information, fine anywhere. Yellow: internal but not sensitive, fine on a business plan, de-identify first on anything else. Red: customer data, employee data, regulated or contracted data, secrets. Red only goes into a business plan with training off, and never into a personal account. If you would be uncomfortable seeing it on a competitor's screen, it is red.

Where you'll see it

• The instant you decide whether to give the company AI access at all. The answer is yes, but on the right tier: set up AI without leaking customer data.
• In every Claude Project you load with real files. The plan under the Project decides whether those files are safe.
• In the one-page rule your team will actually follow: an AI usage policy template.
• In any vendor pitch. The question that cuts through it: "On our plan, do you train on our data, and how long do you retain it?"

What to do next

Find out, today, which plan your team is actually using, including the personal accounts nobody admits to. If the answer is "free ChatGPT, mostly," you have a one-hour fix and a real exposure until you make it. Read set up AI without leaking customer data and close it this week. Tell me what you found people were pasting.