← All articles
PL EN

[ Blog ]

Is it safe to put company data into ChatGPT?

It depends on the version and the data. We explain when ChatGPT trains on what you type, what Shadow AI risks, and how to set up AI use safely - without bans that don't work.

Jakub Chmielewski · AI Adoption Partner 6 min read
  • AI adoption
  • Security

In short: it depends on which version you use and what data you type. Free ChatGPT trains on your conversations by default, unless you turn it off; business versions (Team, Enterprise, API) do not train on your data by default. The problem rarely lies in the tool itself - it lies in people using it without rules. That’s “Shadow AI”, and companies with a high level of it pay on average $670,000 more per data breach. The answer isn’t a ban - because bans don’t work - but the right tool, a clear policy and a trained team.

Does ChatGPT really train on what I type?

In the free version - yes, by default; in the business version - no. That distinction is the heart of the matter. OpenAI’s policy states that free and Plus ChatGPT improve the model on user conversations by default, until you turn it off (as of June 2026). For business accounts the rule is reversed: OpenAI does not train its models on data from ChatGPT Team, Enterprise or the API by default.

The practical takeaway is simple. If an employee pastes a quote, a contract or client data into a private free account, that content can feed model training. If the same person does it on a company Enterprise account with protections on - it can’t. So safety doesn’t depend on “whether to use ChatGPT”, but “in which version and with what settings”.

What can actually go wrong?

The most dangerous outcome is losing control of data, and it’s irreversible. Content once typed in can’t be “pulled back” from an external server. The well-known Samsung case showed it: after engineers pasted confidential code into ChatGPT, the company banned generative AI tools and admitted that data sent to external servers is hard to retrieve and delete, and could be disclosed to other users. It wasn’t a hack - the data was handed over by the employees themselves, in good faith, trying to get their work done.

This risk already has its place in industry standards. Sensitive information disclosure ranks as the second-highest risk on the OWASP Top 10 for LLM Applications (2025) - it climbed the list because it happens more and more often. The security bottleneck today isn’t the model’s technology, but what goes into it and where.

Not sure what your team already uses and what data goes there? We’ll help you map it and set the rules on a free consultation - before an incident does it for you.

What is Shadow AI, and why is it a board-level problem?

It’s using AI tools without the company’s knowledge or rules - and today it’s the norm, not the exception. A study by Microsoft and LinkedIn found that 78% of people using AI at work bring their own tools - often without the employer’s knowledge. We covered it in more depth in our post on what AI adoption is. Your people are most likely already using AI; the only question is whether with rules or without.

The cost is quantified. According to an IBM report, one in five companies reported a data breach due to Shadow AI, and among companies that suffered an AI-related breach, 97% had no access controls for those tools in place. Notably, 63% of breached organisations had no AI governance policy at all, or were only developing one. This isn’t an IT problem - it’s an oversight gap, and the board owns it.

So should you ban AI in the company?

No - because a ban doesn’t remove the use, it just pushes it into the shadows. An employee with a real problem to solve will reach for a tool that works anyway - except now they’ll do it on a private account, beyond any control. So a ban doesn’t reduce Shadow AI risk, it increases it: the use stays, only your visibility into it disappears.

The opposite approach works: give the team an approved, safe tool and say clearly what is and isn’t allowed. When people have a business version that doesn’t train on data, and know what not to paste into it, the reason to escape to private accounts disappears. Control comes from providing a good path, not from closing every path.

What about GDPR and personal data?

Typing a client’s personal data into a public tool is data processing - with the full set of obligations that follow. In its preliminary opinion on ChatGPT, the European Data Protection Board stressed that responsibility for GDPR compliance cannot be shifted onto the people whose data it is - it rests with the company using the tool. In other words: if an employee pastes client data into a private ChatGPT, it’s your company, not the employee, that answers for the consequences.

A practical rule: personal data and trade secrets go only into tools with a proper data processing agreement and a guarantee they won’t feed training. For the rest - non-sensitive content - public tools can be enough, as long as the team knows where the line runs.

How do you use AI safely in a company?

Instead of bans - a few concrete decisions that remove most of the risk:

  1. Choose a version that doesn’t train on your data - a business account (Team, Enterprise or API) instead of private free accounts.
  2. Set an AI policy - short and clear: which data we never paste (personal, secrets, code) and what’s allowed.
  3. Provide approved tools instead of a ban - so the safe path is also the most convenient one.
  4. Train the team - on their real tasks, not abstract rules. Most incidents come from not knowing, not from bad intent.
  5. Classify your data - separate what’s public from what’s confidential, so the line is obvious.

It begins like any sensible AI rollout: with one process and clear rules, before you extend it to the whole company. We covered it in our post on where to start.

Frequently asked questions

Can you use free ChatGPT in a company at all? For non-sensitive content - yes (brainstorming, drafting text, help with learning). For client data, contracts or secrets - no, until you’re on a business version that doesn’t train on data. The line is drawn by the type of data, not the tool itself.

Is turning off model training enough? It reduces one risk - training on your content - but it doesn’t replace a policy or match a business version’s guarantees. It’s a minimum, not a full set of safeguards.

Where do I start to get Shadow AI under control? With understanding what the team already uses, and setting simple rules. Only then do you pick a tool. An inventory plus a policy solves most of the problem faster than any ban.

Key takeaways

  • The version decides - free ChatGPT trains on your data by default, the business one (Team/Enterprise/API) doesn’t.
  • Losing control is irreversible - data typed onto an external server can’t be pulled back; the Samsung case showed it.
  • Shadow AI is the norm and a real cost - 78% of AI users bring their own tools, and Shadow AI adds an average of $670,000 to the cost of a breach.
  • A ban makes it worse - it pushes use out of sight instead of eliminating it.
  • The company, not the employee, answers for GDPR - personal data only into tools with a processing agreement and no training.
  • Safety is tool + policy + training - three elements, not one ban.