Most teams using ChatGPT or Claude haven’t agreed on what’s okay to paste and what isn’t. That gap is how a developer shares a config file with credentials still in it, or a founder summarizes a client contract without thinking twice.

What these tools actually do with your inputs

A large language model (LLM) is the technology behind ChatGPT, Claude, and Gemini. Access it through a free or low-cost consumer account and the terms of service are worth reading before you paste anything sensitive.

Most free tiers reserve the right to use your inputs for model improvement. Exact terms vary by provider and change often. Some let you opt out in settings. Enterprise accounts and direct API access come with stricter contractual protections. The general direction: the more you pay, the more data isolation you get.

Your team is probably putting things like this into these tools right now:

  • Client names, emails, or phone numbers from a copied spreadsheet
  • Contract clauses, asking the model for a plain-language summary
  • Source code with API keys or database credentials still in it
  • Internal product roadmaps being turned into slides

Nobody’s doing this with bad intentions. It’s what happens when nobody’s said anything.

Developers have a separate problem

If your team writes code, GitHub Copilot and tools like it see everything in your editor: open files, adjacent functions, imports. That context window often contains credentials, internal API endpoints, and proprietary business logic.

Most Copilot configurations have an enterprise setting that restricts what gets transmitted and prevents your code from being used for training. Most teams have never checked whether it’s on.

Check it now. It’s in your repository settings under the Copilot section. If your team uses personal accounts billed through an organization, confirm which policy actually applies.

The classification that simplifies the decision

Sort your data into two categories.

Safe to paste. Anything you’d share openly with a stranger: your website content, published research, marketing copy, job descriptions. The question isn’t whether it’s internal — it’s whether it would cause a problem if it appeared somewhere public.

Needs cleaning before you paste it. Anything tied to a specific person or business relationship: client records, contracts, financial data, credentials, anything covered by an NDA. Before pasting any of this, strip the identifiers: names, email addresses, company names, account numbers. What’s left can probably go in. What you removed shouldn’t.

Internal operational data (team docs, product specs, unreleased features) lands in the second category by default. If you’d rather a competitor not read it, treat it accordingly.

The tier that changes the contract

Consumer chat interfaces and enterprise accounts run on the same underlying models. The agreements you sign are different.

Enterprise tiers like ChatGPT Enterprise and Claude for Work provide contractual data isolation, audit logs, and a data processing agreement you can show to clients when they ask. The per-seat cost is higher. So is the assurance.

If your team accesses AI through a direct API integration rather than a chat window, you’re typically in better shape by default. API terms at OpenAI, Anthropic, and Google are written for developers and generally prohibit using your inputs for training. Check the current terms for your version — this area moves fast.

How to set a policy today

You don’t need a legal team for this. Write down four things:

  1. Which AI tools your team is approved to use for work
  2. What data is off-limits for consumer-tier tools (client PII, credentials, contracts)
  3. What to do before pasting anything internal (strip identifiers, check for credentials)
  4. Who to ask when someone isn’t sure — a specific person, not “check with the team”

Put this somewhere your team actually opens: a pinned Slack message, a section in your onboarding doc, a Notion page linked in the team wiki. Then spend five minutes on it at the next all-hands.

Most of these leaks start the same way: nobody said anything. The conversation is the policy.

What to do next

Start with an audit, not a document. Look at the last two weeks of AI tool use on your team. What did people actually paste? Which tools, and on what tier?

Then work through this in order:

  • Read the data terms for the AI tools your team uses most. Look for the section on training data.
  • Check Copilot’s enterprise settings if your team writes code. Confirm they’re on.
  • Write the four-line policy above and share it this week.
  • Put a 90-day reminder to revisit it. Tools and terms change faster than most team docs do.

If your team handles client data as a core part of your business, moving to enterprise-tier AI access is worth the cost before a client asks whether their data is protected.

And if you’re building something that handles user data and want a technical partner who thinks about this from day one, let’s talk.