It depends entirely on which version of ChatGPT you're using and what type of data you're sharing. The free tier uses your inputs to train future models by default, which means your company data could end up informing responses given to other users. ChatGPT Enterprise, Team, and API tiers include contractual guarantees that your data won't be used for training, but only if your procurement team actually reads the data processing agreement and confirms zero-retention policies. The real risk? It's the gap between what most employees assume about privacy and what the terms of service actually say.
What Data Does ChatGPT Actually Collect?
When you use the free version of ChatGPT through the web interface, OpenAI collects your prompts, the model's responses, and associated metadata like timestamps. This data is retained for 30 days for abuse monitoring, then may be used to train future models unless you've explicitly opted out.
The paid tiers work differently. ChatGPT Enterprise and Team plans include a data processing agreement (DPA) that contractually prohibits training on your inputs. API access operates under similar terms: your prompts and completions aren't used for model improvement. But here's the catch most operators miss: these protections only apply if you're actually using the paid tier, not if employees are copying data into their personal free accounts.
Roughly 68% of knowledge workers report using generative AI tools at work without IT approval, according to recent surveys. That's shadow IT at scale, and it's why the answer to "is it safe" starts with knowing which version your team is actually using.
ChatGPT Enterprise vs Free: The Data Policy Gap
The difference between free and paid ChatGPT isn't just features. It's legal liability. The free tier's terms of service state clearly that your content may be used to train and improve models. You can opt out in settings under Data Controls, but that option is buried and defaults to "on."
ChatGPT Enterprise and Team tiers offer contractual guarantees. Your data isn't used for training. Conversations aren't stored beyond the session unless you explicitly save them. You get admin controls to enforce policies across your organization. The DPA specifies data residency, retention periods, and deletion procedures.
Here's the specific breakdown: free tier retains data for 30 days minimum, then indefinitely for training unless opted out. Team tier ($25-30 per user per month) offers zero training retention with admin oversight. Enterprise tier (custom pricing, typically starts around $60 per user per month for organizations over 150 seats) adds custom data retention policies, SAML SSO, and dedicated support for compliance questions.
If you're handling anything more sensitive than public information, the free tier isn't an option, even with opt-out enabled. The risk window during that 30-day retention period is enough to trigger compliance violations in regulated industries.
What Data You Should Never Put Into ChatGPT
Five categories of data should never touch any LLM web interface, paid or not, unless you've specifically architected a private deployment. These aren't suggestions. They're the data classes that trigger actual regulatory penalties or competitive harm.
Personal Identifiable Information (PII) under GDPR or CCPA. This includes names paired with contact details, social security numbers, passport numbers, or any identifier that can trace back to an individual. Even if you're using a paid tier with a DPA, pasting a customer list with emails violates data minimization principles unless you have explicit consent for that processing purpose.
Customer lists with contact information. Your CRM export is competitive intelligence. If it leaks, you've handed your prospect list to competitors. Even with training opt-out, you're trusting a third party's security posture with your sales pipeline. That's not a technical risk worth taking when there are safer ways to use AI for business operations.
Unredacted financial records. Revenue figures, margin data, cash flow statements, or anything that would move your stock price if disclosed. If you're preparing investor materials or board decks, summarize or anonymize before using an LLM. The SEC considers material non-public information a bright line, and "I used ChatGPT" isn't a defense.
Source code containing API keys, credentials, or proprietary algorithms. Developers frequently paste code snippets for debugging help. That's fine for open-source logic, but hardcoded secrets or novel algorithms are immediate security and IP risks. Treat any code you wouldn't publish on GitHub as off-limits for LLM interfaces.
Pre-public M&A details, partnership terms, or strategic plans. Anything that would require an NDA if shared with a consultant should not go into a tool where you don't control the infrastructure. The legal exposure outweighs any productivity gain from drafting help.
How to Use ChatGPT at Work Safely
The simplest policy is a two-tier rule that anyone can follow without needing to interpret complex compliance frameworks. Here's the exact language you can adapt for your team:
"Public-safe data only in free tools, even with training opt-out enabled. Anything else requires API access or an enterprise plan with a signed DPA."
Define "public-safe" explicitly: information you'd be comfortable publishing on your company blog, presenting at a conference, or sharing in a press release. Marketing copy, general research questions, publicly available data analysis, educational content. All of these qualify.
Everything else, including internal metrics, customer data, financial projections, or strategic plans, requires a paid tier with contractual protections. This isn't about paranoia. It's about matching tool choice to data sensitivity.
Enable the Training Opt-Out (But Don't Rely on It Alone)
If your team uses free ChatGPT for any work purpose, make sure every user opts out of training. Go to Settings > Data Controls > toggle off "Improve the model for everyone." This tells OpenAI not to use your conversations for training, but data is still retained for 30 days for abuse monitoring.
That 30-day window is why opt-out isn't sufficient for sensitive data. It reduces long-term risk but doesn't eliminate short-term exposure. Treat it as a baseline privacy step, not a compliance solution.
Use API Access for Programmatic Workflows
If you're building tools or automations that feed company data into ChatGPT, use the API, not the web interface. The OpenAI API operates under different terms: your prompts and completions are not used for training, and data is retained for only 30 days for abuse and monitoring purposes, then deleted.
API usage also gives you technical controls the web interface doesn't offer. You can log all requests, implement input validation to block sensitive patterns, and route different data classes to different models or providers based on risk. For teams serious about safe AI use, API access is table stakes.
Require a Data Processing Agreement for Sensitive Use Cases
If you're in healthcare, finance, legal, or any regulated industry, you need a signed DPA or Business Associate Agreement (BAA) before processing protected data. ChatGPT Enterprise offers HIPAA-compliant BAAs, but only for the enterprise tier, and only if you request and execute one.
Here's what most teams miss: the BAA doesn't apply retroactively. If your employees used ChatGPT with patient data before you signed the agreement, that's still a violation. The compliance clock starts when the contract is in place, not when you started using the tool. This is why establishing clear policies before adoption matters more than trying to retrofit controls later.
ChatGPT Business Data Risks in Regulated Industries
Regulated industries face strict liability that vendor promises don't fully cover. A HIPAA-compliant BAA with OpenAI protects you going forward, but if the model was trained on your inputs before you signed it, you've already violated patient privacy rules. The same applies to financial data under GLBA or personal data under GDPR.
The legal standard isn't "did the vendor promise privacy?" It's "did you maintain control over protected data?" When you paste information into a third-party web interface, you've transferred custody, even temporarily. That transfer must be covered by a contract that meets regulatory requirements for your industry.
In practice, this means healthcare organizations should never use free ChatGPT with any patient information, even de-identified data that could be re-identified. Law firms can't use it with client matters unless the engagement letter specifically authorizes third-party AI processing. Financial advisors can't paste account details, even for summarization help.
The penalty math is straightforward: HIPAA violations start at $100 per record, up to $50,000 per violation, with annual caps at $1.5 million per violation category. GDPR fines reach 4% of global annual revenue. One careless paste of a patient list or client roster can cost more than a decade of productivity gains from AI tools. When evaluating whether an AI tool is worth the money, compliance risk should factor heavily into the calculation.
How to Set Up Internal Controls That Actually Work
Policy documents that nobody reads don't prevent data leaks. You need controls that work at the point of use, ideally before someone pastes sensitive data into a prompt box.
Start with tooling. If you're using ChatGPT Enterprise, enable admin controls to monitor usage patterns and flag anomalies. Set up data loss prevention (DLP) rules in your network layer to alert when large text blocks are sent to openai.com domains from unapproved accounts.
Train your team with specific examples, not abstract principles. Show them the exact difference between "Can you help me draft an email explaining our refund policy?" (safe) and "Here's our customer complaint log from Q4, can you summarize trends?" (unsafe). Concrete scenarios stick better than compliance lectures, and honestly, most teams skip this part.
Create an approved-tools list and make it easy to follow. If ChatGPT Enterprise is approved for general use but free ChatGPT isn't, give everyone access to the paid tier so they're not tempted to use personal accounts. If API access is the standard for developers, provide clear documentation and code examples so it's easier to do it right than to shortcut.
Review usage quarterly. Pull logs from your enterprise account or API usage and spot-check for patterns that suggest policy violations. If someone's pasting 10,000-token prompts daily, they're likely feeding in documents that should be reviewed. This isn't about surveillance. It's about catching honest mistakes before they become compliance incidents.
The Bottom Line on ChatGPT and Company Data
Look, ChatGPT is safe for company data only when you match the tool tier to the data sensitivity and have the contracts to back it up. Free ChatGPT with training opt-out is fine for public-safe work. Anything involving customer data, financial information, or regulated content requires a paid tier with a signed DPA, and even then, you need internal controls to prevent misuse.
The biggest risk isn't the technology. It's the assumption gap. Most employees assume their work tools are private by default. Most free AI tools assume your inputs are fair game for improvement unless you explicitly opt out. Closing that gap with clear policies, approved tools, and spot-check monitoring is how you get the productivity benefits of AI without the compliance headaches. If you're trying to figure out how much it costs to add AI to your business, factor in the paid tier from day one if you handle any sensitive data at all.
The AI Buyer's Checklist: 23 Questions Before You Spend a Dollar
The 23 questions every small business owner should ask an AI vendor before signing anything. A no-BS field guide from 25 years of experience.
Read the white paper →Get a free AI-powered SEO audit of your site
We'll crawl your site, benchmark your local pack, and hand you a prioritized fix list in minutes. No call required.
Run my free audit