TL;DR:

  • Staff are routinely pasting customer data, contracts, and financial information into consumer AI tools — and most small businesses have no policy covering this
  • Data you share with consumer ChatGPT (the free version) may be used to train future models; business-tier subscriptions and enterprise APIs offer stronger protections
  • You don’t need to ban AI tools — you need a short, clear policy and a list of what must never be shared

Walk into any small business and you’ll find staff using AI tools every day. Drafting emails, summarising meeting notes, writing proposals, translating documents. It’s become as routine as using Google. Most of it is harmless and genuinely useful. But some of it is a data protection problem that’s been quietly building for two years.

The issue isn’t AI itself. The issue is that people don’t think of pasting text into ChatGPT the same way they think of emailing that text to a stranger. But functionally, when it comes to data control, that’s a reasonable analogy.

What’s actually being shared

In incident reports and cybersecurity consultations, security teams have documented staff pasting the following into consumer AI tools:

  • Full customer contracts and legal agreements
  • Employee salary information and HR records
  • Patient or client personally identifiable information (PII)
  • Bank account details and financial statements
  • Strategic plans and merger/acquisition discussions
  • Supplier pricing and commercial terms
  • Passwords and API keys (while asking the AI to explain configuration files)

None of this was malicious. Staff were trying to do their jobs more efficiently. They had no idea there was a risk.

The data retention question

The default data handling differs significantly across AI products, and this is the first thing to understand.

Free consumer ChatGPT — OpenAI’s terms allow conversation data to be used for model training unless users actively opt out in settings. Most people have never changed this. Data may be retained for extended periods.

ChatGPT Plus (paid personal subscription) — same defaults as free, same opt-out available. The payment doesn’t change the data terms.

ChatGPT Team or Enterprise — data is not used for training. Conversations are isolated to your organisation. Significantly better from a data protection perspective.

Microsoft Copilot — when accessed through Microsoft 365 Business or Enterprise subscriptions, data handling follows your Microsoft tenancy agreements. Consumer-facing Copilot.microsoft.com has different (and weaker) protections.

Google Gemini — similar pattern: Workspace enterprise accounts offer stronger protections than consumer accounts.

The headline: if your staff are using the free or personal-subscription versions of these tools, your business data may be used to train future AI models and retained by the provider. This is almost certainly not what your customers consented to in their contracts with you, and may create GDPR exposure.

GDPR implications for UK small businesses

Under UK GDPR, sharing personal data with a third party requires a lawful basis. When a staff member pastes a customer’s name, email, and purchase history into an AI tool, they’ve shared personal data with that tool’s provider. Does your business have a Data Processing Agreement with that provider? Almost certainly not for consumer accounts.

The ICO has been increasingly clear that “accidental” or “unauthorised” sharing of customer personal data via AI tools is a data incident that may need to be reported. Small businesses aren’t exempt from this.

This doesn’t mean you need to ban AI tools. It means you need to be deliberate about which tools are approved for which uses.

Shadow AI: the governance gap

Shadow AI — AI tools used by staff without IT or management awareness — is now the norm in organisations without explicit AI policies. A 2025 survey found that 68% of employees use AI tools at work without telling their employer, and 35% have shared data they knew their organisation would consider sensitive.

The dynamic is understandable: AI tools are genuinely helpful, the productivity gains are real, and telling staff they can’t use them breeds resentment and workarounds. The better response is policy, not prohibition.

What a sensible AI policy looks like

You don’t need a 20-page document. A one-page policy covering the following is enough:

Approved tools. List which AI tools staff can use for work. If you’ve upgraded to business-tier accounts (ChatGPT Team, Microsoft Copilot via M365 Business), say so explicitly. If you haven’t, consider whether it’s worth the cost.

What can never be shared. Be specific: customer personal information, financial account details, employee records, passwords, client contracts, commercially sensitive information. The clearer this list, the fewer judgement calls staff have to make.

What is fine to share. Generic drafting, non-sensitive writing tasks, summarising publicly available information, coding help with anonymised examples. Giving staff a positive list of approved uses is as important as the prohibition list.

What to do if they’re unsure. A named person to ask, or a simple rule: “If you’d hesitate to email it to a stranger, don’t paste it into an AI tool.”

Post it where staff will actually see it — in your onboarding materials, your team chat, next to your GDPR documentation.

Practical steps for this week

  1. Check which AI tools your staff are actually using — ask them informally, don’t assume. You may be surprised.

  2. Review your subscriptions. If staff are using free consumer ChatGPT for work purposes, consider upgrading to ChatGPT Team (around £20/user/month) for proper data protection.

  3. Draft a one-page AI acceptable use policy and circulate it. Keep it straightforward — the goal is awareness, not compliance theatre.

  4. Add AI tool guidance to your GDPR training — most staff have had some GDPR awareness but AI tools postdate most of that training.

  5. Check your privacy notices — if customers ask whether you use AI tools to process their data, you should have an honest answer ready.

AI tools aren’t going away, and you shouldn’t want them to. But data protection is a responsibility that doesn’t have an AI exemption. A short policy and some awareness training covers most of the risk with minimal effort.