Skip to content
Tanner
Preserve
All guides
AI and automation

What never to paste into a chatbot (AI safety for business)

6 min readUpdated July 2, 2026
01

Why this matters more than it looks like it does

You or someone on your team has probably already pasted a customer's info, a contract, or a price sheet into ChatGPT for help writing something. That's normal, and most of the time nothing bad happens. The fix isn't avoiding AI tools, it's knowing the few things to hold back.

The risk isn't that a chatbot is spying on you. It's two plainer things: free-tier tools may use what you type to improve their models, so a fragment of your data could resurface in a stranger's answer someday, and anything you paste sits in a chat log on a server you don't control. Neither is a reason to stop using these tools. Both are reasons to think for two seconds before you hit enter.

02

The four things to never paste in

Most business use of AI is completely fine to do freely: drafting a job posting, rewriting a review response, brainstorming a service page, summarizing your own notes. The list of things to actually hold back is short.

  • Customer PII in bulk. One customer's name and address to draft a text is low risk. A spreadsheet of 200 customers with addresses and job history is a data set you don't want sitting in a chat log. Strip the names first, or use a tool built to handle customer data, like your CRM's built-in AI.
  • Pricing you wouldn't want a competitor to see. Your real cost structure, your margin on a job type, or a custom commercial quote is worth protecting. "How should I structure tiered pricing for lawn care" is fine. Pasting your actual internal cost sheet so the AI can check your math is not.
  • Anything under an NDA or a confidentiality clause. If a client's contract says you'll keep their terms, drawings, or specs confidential, that promise has no AI exception. Pasting a client's project spec into a public chatbot for a quick summary can be a breach even if nothing bad ever happens with it.
  • Anything with someone else's Social Security number, driver's license, or bank routing number. This is the one that can turn into real identity theft, not just embarrassment. Employee onboarding paperwork and subcontractor tax forms stay out of any AI tool, free or paid.
Field note

Simple gut check before you paste anything: would you be fine reading this sentence out loud to a stranger at a hardware store? If not, it doesn't go in the chat box either.

03

The one setting that matters most

Every major AI tool has a data setting that controls whether your conversations get used to train future versions of the model. Turning it off costs nothing, takes about a minute, and is worth doing on every account your business uses.

In ChatGPT: click your name in the bottom left, go to Settings, then Data controls, and turn off "Improve the model for everyone." That covers the free and Plus tiers. A paid Team or Enterprise plan (roughly $25 to $30 per seat per month as of mid-2026, treat that as a ballpark) has training off by default.

In Claude: go to Settings, then Privacy, and check that training use is off. Consumer accounts have generally defaulted to not training on your chats unless you opt in, but check the actual toggle rather than trusting a remembered default.

In Google Gemini: go to myactivity.google.com, find Gemini Apps Activity, and turn it off there. This also shortens how long Google holds onto your chats instead of keeping them indefinitely.

04

Simple rules your whole team can follow

You don't need a written AI policy with legal language. You need three or four plain rules everyone on the team actually knows, because the risk usually isn't the owner, it's an office manager or new hire who doesn't know what's sensitive yet.

  • Rule 1: If it has a customer's full name plus their address, account number, or payment info together in one place, ask before you paste it anywhere.
  • Rule 2: Contracts and anything marked confidential go through the owner first, not straight into a chatbot for a quick summary.
  • Rule 3: Turn off model training in the settings on the account you use for work, using the steps above. Do this once per person, per tool.
  • Rule 4: When in doubt, ask. A ten-second question to the owner costs nothing. A leaked customer list costs a lot more.
Field note

Print these four rules and tape them by the office computer. A policy nobody reads protects nobody. A short list taped to the monitor actually gets followed.

05

What this looks like day to day

In practice this changes almost nothing about how useful these tools are. You can still ask AI to draft a quote email, write a job posting, or brainstorm a review response (see /guides/respond-to-negative-reviews for that exact low-risk use), none of which touches sensitive data.

The habit that protects you is pausing for two seconds before you paste something with a real person's identifying details in it, not avoiding AI tools out of general nervousness. Most contractors who get burned aren't careless, they're just moving fast. Building that two-second pause into how your team works is the whole fix.

Common questions

Questions that come up

Is the paid version of ChatGPT actually safer than the free one?

For training data, yes: Team and Enterprise plans don't train on your conversations by default, while the free tier does unless you turn that setting off yourself. For the four sensitive categories in this guide though, treat every tier the same. Customer SSNs and bank info stay out of all of them, paid or free.

What about the AI features already built into my CRM or FSM software?

Generally lower risk than a general chatbot, since the data stays inside a system built to handle it and often falls under that vendor's own data agreement. Still worth a two-minute check of that tool's privacy settings, since "built for business" doesn't automatically mean "trains on nothing."

I already pasted something I probably shouldn't have. What now?

You can delete individual conversations from most providers' chat history, which removes them from your visible account, though it may not undo a training pass that already ran before you turned that setting off. Change any password or account number involved, turn off model training going forward, and treat it as the moment you started doing this the right way.

Does this apply to AI voice tools, like an AI receptionist answering my phone?

Same principle, different channel. If you're using one (see /guides/ai-receptionist-basics), ask the vendor whether call transcripts are used for model training and how long they're stored, the same two questions you'd ask about a chatbot.

Or skip the homework

Rather I just did this?

Want your whole team doing this? The $500 half-day workshop sets this up live on your accounts, with your real work, not slideware.