Artificial intelligence tools like ChatGPT and Gemini are transforming how we work — helping us automate, analyze, and create at speed. But there's a serious caveat: when you use AI tools, your inputs can sometimes be used to train those models. If you're handling sensitive data — like ID documents or client records — this becomes a massive risk.

This isn't just a theoretical problem. If you're not on the right type of subscription or don't have strict settings in place, you could be exposing your clients' information to the public internet. The legal and compliance implications are serious, as covered in this article by Werksmans.

Option 1: Use ChatGPT with Privacy Settings Configured

OpenAI's ChatGPT offers privacy controls, but you must take the right steps:

1. Log into your ChatGPT account using a paid subscription such as ChatGPT Plus or Team.
2. Click your name or profile picture at the bottom-left of the interface.
3. In the menu that pops up, click Settings.
4. Navigate to Data Controls.
5. Uncheck the option labeled "Improve the model for everyone".

Only paid accounts have this option. Free accounts may not be able to fully disable training, so if you're working with any sensitive information, everyone on your team should be using paid accounts with training disabled.

Option 2: Use ChatGPT Team or Enterprise

ChatGPT Team and Enterprise plans are designed for organizations and come with the assurance that none of your data is used for training. These plans include additional features like SSO, encryption, and user management.

Option 3: Azure OpenAI

Microsoft Azure offers access to OpenAI’s models with a stronger privacy posture. When using Azure OpenAI, your data is never shared back with OpenAI — it stays within your Azure environment. This is an excellent option for businesses needing compliance and privacy guarantees.

Option 4: Google Gemini

Gemini still uses user prompts for training by default, unless you're on a Google Workspace Enterprise plan with privacy controls properly configured. Without those safeguards in place, submitting anything sensitive (like ID documents) is a risk. Proceed with caution unless you have confirmed training is disabled and your admin has enforced data protection policies.

Option 5: Host Your Own AI Model

If you need maximum control, hosting your own LLM (Large Language Model) is the most private route. With tools like Ollama and open-source models such as LLaMA 3 or Mistral, you can run AI on your own infrastructure — either locally or on cloud servers.

However, it's not yet a trivial solution. For example, I tested the NVIDIA H100 — a top-tier AI GPU — and found it couldn’t match the performance of commercial APIs like ChatGPT or Gemini. You would likely need multiple H100s (at over half a million rand each) to get near production-level performance. This path is best for tech-savvy teams with DevOps capacity and a strong use case for full control.

Company-Wide Use: Centralize AI Access

Letting staff use their personal ChatGPT or Gemini accounts creates a serious compliance hole. Employees could unknowingly paste in sensitive data that ends up training public models. For example:

"Here are 500 of our clients, where they live and what they earn. Who should I target first?"

To prevent this, companies should implement a centralized AI access portal such as example.com/userArea/AI, which routes all queries through a secure, compliant company account or a self-hosted AI instance. This ensures:

• Data stays protected
• All prompts are auditable
• Training settings are enforced

Alternatively, organizations should ensure that every user has a paid AI account with model training disabled before using it for any work-related queries.

Final Thoughts

The future of AI in business lies in controlled, compliant, and secure environments. Whether that’s through ChatGPT Enterprise, Azure, or private models — what matters most is that you don't expose your clients, staff, or company IP in the process.

Disclaimer: This article is not legal advice. If you're offering AI-powered services to the public — or handling sensitive data using AI — consult legal professionals and do further research to ensure compliance with local and international regulations.

If you'd like help setting up a secure AI solution, or want to audit how your team is using tools like ChatGPT, reach out to us at teruza.com/contact-us.