Where Your Data Goes
The most important AI policy in your company is the answer to one question: what happens to what we type in?
At 4:40 on a Friday afternoon, somewhere in your company, an employee is pasting something into a free chatbot. Maybe it is a customer list that needs deduplicating. Maybe it is the draft severance letter, or the term sheet, or three years of margin data that would be so much easier to analyze with help.
They are doing it because the tool is genuinely useful and you have not given them a better option. And in that ordinary moment, your business may have just handed sensitive information to a consumer product whose terms of service nobody in the building has read.
This essay is the close read nobody does, in plain English, because the entire subject reduces to a few distinctions an owner can master in one sitting.
Two Different Fears, Two Different Facts
Start by splitting the dread into its components, because they have different answers.
The first fear is training: the worry that what you type becomes part of the model, retrievable someday by a competitor who asks nicely. Here the line in the industry is reasonably bright. Free and consumer versions of the major chat products have generally reserved the right to use your conversations to improve their models, sometimes as a default setting you can switch off, buried two menus deep. Business, team, and enterprise tiers of the same products generally commit, contractually, in writing, to keep your inputs out of training. Same engine, different covenant. The monthly fee for the business tier is partly renting the model and substantially renting the promise.
The second fear is retention, and it is the one people forget. Even when your data trains nothing, the vendor may store it: for abuse monitoring, for a fixed window, for as long as your account exists. Stored data has the ordinary lives of stored data; it can be retained, subpoenaed, breached. The questions worth asking any vendor are how long inputs are kept, who inside the company can see them, whether zero-retention options exist, and whether the vendor will sign the confidentiality and compliance agreements your industry already requires. Healthcare offices have asked vendors for liability agreements for decades; the AI vendor gets the same paperwork, and the reputable ones now expect it.
Notice what both fears have in common: the answers live in the tier and the terms, never in the technology. The model is identical on the free plan and the enterprise plan. What differs is the contract, which is to say, what differs is the only thing that ever protects a business.
The Shadow Problem
Now for the uncomfortable part. While you were not deciding on an AI policy, your employees were deciding for you. Survey after survey finds a large share of workers using AI tools on the job without approval, on personal accounts, precisely the consumer tiers with the weakest promises. The industry calls it shadow AI, and the instinctive response, banning the tools, is the one reliably proven to fail. Prohibition does not end the usage; it ends your visibility into the usage, while your most resourceful people keep pasting, now with the chat history attached to a personal email address you will never audit.
The owners who handle this well treat it as a paving problem. The desire path exists because the tool genuinely helps; your job is to pave the path with a sanctioned version before the dirt track becomes the road.
The One-Afternoon Policy
Here is the whole program, and it fits in an afternoon.
Find out what is actually happening. Ask, without menace, which tools people use and for what. Amnesty produces truth; truth produces a map.
Buy the business tier of one or two tools and make them the default. Get the no-training commitment and the retention terms in writing, and keep the page.
Draw the red lines by data type, not by tool. A short list everyone can recite: nothing that identifies a customer, no credentials, no employee records, nothing under another company’s confidentiality agreement, except inside the sanctioned tools, and some categories nowhere at all.
Write the one-page policy. Which tools, which data, who to ask when unsure. One page, because page two is where compliance goes to die.
Revisit twice a year. Terms change, tools change, and the policy that calcifies becomes the prohibition that gets routed around.
I can hear the objection from the corner office: we are a twenty-person company, surely this is enterprise theater. Consider what your twenty people touch in a week, customer lists, pricing, payroll, the acquisition conversation, and then consider that the one-afternoon version above is not theater but its opposite, the minimum honest effort. The breach you are most exposed to involves no hackers at all. It involves a helpful employee, a free tool, and a Friday afternoon.
Close that door with a better door, never with a wall. The people pasting company data into chatbots are, after all, the same people who saw the future before the policy did. Give them the sanctioned version of what they were reaching for, and your most dangerous habit becomes your adoption strategy, already trained, already convinced, already at the keyboard.
