Skip to main content
E
Contact

Your data and third-party AI tools: a plain-English map

What actually happens when your team uses cloud AI assistants—and how to keep customer trust.

Three buckets of information

Most teams mix these up. Separating them makes policy simple.

Public — Already on your website or in a brochure. Low risk to paste into a generic assistant, still be thoughtful.

Internal — Staff notes, rough drafts, internal metrics. Usually should not go into a consumer-grade tool without company rules.

Sensitive — Customer PII, health or financial data, anything under contract as confidential. Treat this like email to the outside world: assume it could leak if you are not using a business agreement.

Why “everyone does it” is not a policy

Employees will use what is fastest unless you give them an approved path. That means a sanctioned tool, short training, and a clear “use this, not that” message.

Blocking everything often pushes people to personal accounts—which is worse. Prefer an approved business tier with logging.

Shadow IT is not only about budget. It is about not knowing where customer data went when something goes wrong.

Minimum viable governance

You do not need a 40-page policy on day one. You need: an approved list of tools, a one-page “do not paste” list, and a named owner for exceptions.

Review quarterly: what new tools appeared, what near-misses happened, what to tighten.

  • Approved tools and tiers (with links to sign-up)
  • Examples of safe vs unsafe prompts
  • Who approves exceptions
  • What to do if someone pastes the wrong file (no blame, fast containment)

Vendors, subprocessors, and your customers

If you resell or embed AI, your customers may ask the same questions you should ask vendors. Keep subprocessors and regions in a short table you can share under NDA.

When you change tools, update contracts and privacy pages if needed. Small companies get burned by silent swaps.

Incidents and near-misses

Define what counts as an incident: leaked credentials, wrong customer data in a prompt, public screenshot of internal analytics.

Run a 45-minute tabletop once a year: who gets called, how you notify affected parties, how you preserve logs.

Healthy habits that scale

Default to redacted examples in training.

Prefer retrieval over “paste the whole contract” when the product supports it.

Teach staff to assume prompts may be logged somewhere—because they usually are.

Related on this site

← All guides