Privacy and data hygiene when using AI at work

There is a quiet category of incident at work in 2026 that did not exist three years ago: the engineer who pasted source code into ChatGPT and triggered an audit, the salesperson who fed a customer list into a meeting summariser, the HR manager who used a personal AI account to draft a layoff letter and could not later guarantee where that text was retained or who saw it. None of these are dramatic data breaches. All of them are real, common, and avoidable.

This article is the practical version of "how to use AI at work safely." Not a policy document — those exist and you should follow yours — but the working-level rules that prevent the everyday mistakes.

If a team has no approved AI tool, people will usually use personal accounts quietly. The realistic control is not prohibition; it is approved tooling, clear data rules, and workflows that make the safe path easier.

The fundamental issue

When you paste content into a consumer AI tool, three things happen by default in most jurisdictions:

1. The content is sent to a third-party provider.
2. The content is stored on their servers for some retention period.
3. The content may be used to improve future models, depending on the tier and settings.

For most personal use, this is fine. For work, it depends entirely on what you pasted in. Customer data, internal financials, source code, contracts under NDA, employee details, anything covered by GDPR or sectoral regulations — these need different treatment.

The one rule

The single rule that prevents 95% of work AI mistakes:

Use the AI tool your company has officially approved, configured for work, for any content related to your work.

That is it. If your company has Microsoft 365 with Copilot, ChatGPT Enterprise, Claude for Work, Google Workspace with Gemini Enterprise, or a similar enterprise deal — use that for anything work-related. Period.

These enterprise tiers come with contractual guarantees that consumer tiers do not:

• Your conversations are not used to train models. Explicit, contractual, not just a checkbox.
• Data residency can be configured (often EU-only for European companies).
• SOC 2, ISO 27001, and similar certifications that satisfy procurement and security teams.
• Auditable usage that your IT team can monitor for compliance.
• Stronger access controls — your manager cannot accidentally read your AI conversations.

If your company has not approved a tool, you have two options: do not use AI for work content, or campaign internally for approval. Do not split the difference by using your personal account "just for small things."

For managers, that means the policy has to name the tool, not just the principle. "Use approved tools" is not enough if nobody knows which tool is approved.

The 30-second sensitivity check

Before pasting anything into any AI tool, run this check:

1. Does it contain anyone's personal data? Names, emails, addresses, ID numbers, phone numbers, health information, financial details. If yes → enterprise tool only, and consider whether you can strip the personal data first.

1. Does it contain proprietary company information? Source code, financial figures, customer lists, strategy documents, contracts under NDA. If yes → enterprise tool only.

1. Does it contain content you would not want screenshotted and shared? Internal discussions, candid commentary, anything that would embarrass you or your company if leaked. If yes → enterprise tool, and prefer Temporary Chat mode where available.

1. Is the data subject to a specific regulation? GDPR, HIPAA, financial regulation, export control. If yes → consult your data protection officer or compliance team before using AI on it.

1. Could this be replaced with anonymized example data? Often the AI does not need the real customer name or the real account number — placeholder data works just as well. If yes → anonymize first, then paste.

This takes 30 seconds. It catches almost every problem before it happens.

The three things never to paste into a personal AI account

A short list of things that, regardless of how convenient your personal ChatGPT is, do not belong there:

1. Real customer data. Even one customer's name with one piece of information. The combined risk — GDPR violation, breach of customer contract, breach of your employment agreement — is much larger than the convenience.

2. Source code from your employer's repos. Most employment contracts have an IP clause that makes this problematic. Use your employer's GitHub Copilot, Cursor with company configuration, or whatever your team has standardised on.

3. Internal documents marked confidential. Strategy decks, financials, M&A discussions, legal communications. Sometimes there is no enterprise AI option at all for these — in which case do not use AI on them.

A practical data classification

Use four buckets:

| Bucket | Examples | AI rule | | --- | --- | --- | | Public | Published website text, public docs, public job ads | Any mainstream tool is usually fine | | Internal | Internal process notes, anonymized examples, generic templates | Work-approved tool preferred | | Confidential | Customer data, source code, contracts, financials, strategy | Approved enterprise tool only, with need-to-use | | Restricted | Health data, HR investigations, legal privilege, regulated data | Ask legal/security before using AI |

The companion checklist linked from this article is the operational version of this table.

A few practical tools and patterns

Use Temporary / Incognito chats for sensitive one-off questions. ChatGPT has Temporary Chat; Claude has equivalents. These conversations are not saved, not added to memory, and not used for training. For anything sensitive that you need to ask once and not keep, this is the right mode.

Turn off "improve the model with my conversations." Even if you are not on an enterprise tier, this single setting (Settings → Data Controls in ChatGPT, similar elsewhere) removes the biggest privacy concern. It does not affect what is stored or who can access it, but it prevents your content from feeding training.

Anonymize before pasting. Replace names with placeholders. Replace specific numbers with rough ones. Replace company names with "[Company A]." Surprisingly often, the AI does just as well with anonymized data — it is the structure and the question that matter, not the specific identities.

Use local AI for the highly sensitive. If you have something genuinely confidential — a contract you are negotiating, a personal medical question, a legal matter — and you want AI's help, a local model (Ollama, LM Studio with a downloaded model) keeps everything on your machine. It is overkill for most use cases and the right answer for some.

Be careful with file uploads. A spreadsheet with customer data, a slide deck with financial figures, a PDF of an internal report — these are higher-risk uploads than a chat message because they often contain more than you remember. Open the file, look at what is in it, decide.

A specific note on coding

The coding case is special because the stakes are real and the temptation is high. You hit a bug, you want to paste the relevant code into ChatGPT and ask what is wrong. The code is your employer's IP.

The right path in 2026:

• Use your employer's sanctioned coding AI — GitHub Copilot Business / Enterprise, Cursor with the enterprise tier, Claude Code via the company's account. These are configured for IP protection and do not feed training.
• For local development, even with company-approved AI, prefer running the AI locally where possible (Ollama, local LM Studio) for the most sensitive code.
• If you absolutely must use a personal AI account on work code, paste only the smallest fragment that demonstrates the problem, with all identifiers stripped (function names changed, comments removed, business logic abstracted). This is suboptimal but better than nothing.

A specific note on customer-facing AI

If you are using AI in customer-facing work — drafting customer emails, replying in customer support, generating proposals — the considerations are different. Some specific issues:

• Disclosure. Many jurisdictions are moving toward disclosure requirements when customers are interacting with AI-generated content. Know what your company's policy is and what your jurisdiction requires.
• Customer data in your draft. Their account number, their personal situation, their history with you — only paste into an enterprise-grade tool, never a personal account.
• The downstream effects. A customer email drafted by AI and signed by you commits you to whatever it says. Read every word before sending.

The pattern most teams settle on in 2026: use an enterprise AI tool with customer context loaded in (through MCP, connectors, or integrations) so the AI can produce calibrated responses without you having to manually paste customer details each time. This is the kind of setup your CRM team should be building.

Customer-facing AI output is still your output. A drafted email, proposal, or support answer can create commitments, disclose wrong information, or damage trust. Review before sending unless the workflow has been explicitly approved for automation.

When in doubt, ask

If a use case feels borderline — you are not sure if it is sensitive enough to need the enterprise tool, you are not sure if a regulator would object, you are not sure if your manager would approve — ask. The cost of asking is small; the cost of being the example in a "do not do this" training is large.

Specifically, the people in your company who can answer:

• Your data protection officer for GDPR, customer data, employee data questions.
• Your IT or security team for tool approval questions.
• Your legal team for contracts, NDA, and IP questions.
• Your manager for "is this kind of thing OK to use AI for?" judgement calls.

A short Slack message to the right person is much cheaper than the incident.

What this is not

This article is not "don't use AI at work." That would be terrible advice — AI is one of the largest productivity gains available in 2026, and avoiding it costs you and your company real value.

It is also not "use AI for everything without thinking." That gets people in trouble.

It is the middle: use AI seriously and broadly, but build the small habits — the 30-second check, the right tool for the right data, the anonymization — that turn it into a sustainable practice rather than a string of near-misses.

The takeaway

One rule (approved tool for work data), one habit (30-second sensitivity check), three things never to paste into a personal account (customer data, source code, confidential documents). Get those right and you can use AI on virtually anything else at work without worry.

The hygiene is small. The benefits are large. The people who get fired or sued over AI misuse at work are not the ones who thought about this for 30 seconds before pasting; they are the ones who did not.