AI Data Privacy for Business: Is It Safe to Share Your Data?
AI data privacy for business, explained for Canadian owners: what ChatGPT, Claude, and Gemini do with your data, PIPEDA and BC PIPA rules, and fixes today.

You pasted a client's financials into ChatGPT to build a cash-flow summary. Faster than Excel, sure. But did you just train someone else's model on your client's private numbers? AI data privacy for business is the question every Canadian owner should have answered by now, and in July 2026 the honest answer is: it depends on which plan you're on, which settings you've touched, and what you're pasting. This guide covers the real risks, what OpenAI, Anthropic, and Google actually do with your data, what PIPEDA and BC's PIPA require of you, and the settings to change before you close this tab.
The real risks of AI data privacy for business (and the overblown ones)
Start with what's genuinely dangerous, because the internet has the list backwards.
The real risks:
- Training by default. Consumer plans of the big three chatbots use your conversations to train future models unless you opt out (details below). And people are feeding them plenty: sensitive data now makes up 34.8% of employee ChatGPT inputs, up from roughly 11% in 2023 (Q4 2025 research via Metomic).
- Accidental exposure. In August 2025, around 100,000 ChatGPT conversations became indexed by Google through the Share feature's "make discoverable" toggle: business strategies, health information, identifying details. OpenAI killed the feature, but a researcher had already archived the chats. Once it's out, it's out.
- No legal privilege. A February 2026 US federal ruling (United States v. Heppner) held that ChatGPT conversations are not protected by attorney-client privilege; chats are discoverable in litigation. Treat every prompt like an email that could be read aloud in court.
- Contract breach. Pasting a client contract into a consumer AI tool can breach that contract's own confidentiality clause — before any privacy law even enters the picture.
- Shadow AI. Over 32% of employees use AI without their employer's knowledge; only about 20% of organizations monitor it. Your exposure includes what your bookkeeper pasted last Tuesday.
The overblown risk: that AI will regurgitate your data verbatim to a competitor who asks nicely. The actual dangers are retention, human review, breaches, discoverability in lawsuits, and compliance violations — quieter, likelier, and just as expensive. When Samsung engineers pasted source code into ChatGPT in 2023, the problem wasn't that the AI leaked it; it was that Samsung lost control of where it lived.
How the major AI companies handle your data in 2026
Here's the current state of play. If you only remember one thing: which contract you're under matters more than how much you pay.
| Provider | Consumer plans (Free/Plus/Pro) | Business plans (Team/Enterprise/API) |
|---|---|---|
| OpenAI (ChatGPT) | Trains on chats and uploaded files by default; opt out via "Improve the model for everyone" | No training by default; Enterprise adds SOC 2 Type 2, AES-256 encryption at rest, SSO |
| Anthropic (Claude) | Trains and retains up to 5 years unless you opted out (deadline was Sept 28, 2025); opted-out chats kept 30 days | Claude for Work/Team/Enterprise/API: no training, no toggle needed |
| Google (Gemini) | "Keep Activity" on by default: chats train models, human reviewers may read them, 18-month retention | Managed Workspace accounts and Vertex AI: not used for training by default |
Three details worth flagging:
- Claude's safety carve-out. Anthropic's June 2026 privacy-policy update (effective July 7, 2026 — yes, today) says conversations flagged for safety review can be used for training even if you opted out. Claude data privacy on business tiers is unaffected, but the consumer opt-out isn't absolute.
- Gemini on a Workspace account is quietly the best default. A Kelowna winery or tourism operator on managed Google Workspace isn't being trained on out of the box, which is better shape than a solo consultant on ChatGPT Plus.
- APIs don't train. OpenAI's API, Anthropic's API, and Gemini via Vertex AI all skip training by default — relevant if you're building AI into your workflow with tools like MCP servers (plain-English explainer here).
For a head-to-head on capability rather than privacy, see our Claude vs ChatGPT vs Gemini comparison.
Free vs paid plans: the privacy difference nobody reads
Here's the trap that catches smart people: paying does not mean private. ChatGPT Plus and even the US$200/month Pro tier are still consumer terms: training on by default, opt-out required. Same for Claude Pro and Max. The line that matters is consumer terms vs business terms, not free vs paid.
The tiers that contractually don't train on your data:
- ChatGPT Team — roughly $25–30 USD per user/month
- Claude Team — roughly $25–30 USD per user/month
- Google Workspace with Gemini — no training on managed accounts by default
- API access to any of the three
So a US$200/month consumer Pro plan can train on your inputs while a US$25/month Team seat doesn't. If you handle client data, a business-tier seat is the cheapest insurance you'll buy this year. (Choosing between them? See our guide to the best AI for small business in 2026.)
The free-plan escape hatch: ChatGPT's Temporary Chat (in the model dropdown) isn't used for training and is deleted after 30 days. Use it for one-off sensitive questions.

AI data privacy for business in Canada: PIPEDA, BC's PIPA, and what they require
Canada still has no federal AI statute: Bill C-27 and its AI provisions died at prorogation in January 2025. So privacy law is what binds you, and in 2026 regulators are visibly enforcing it on AI.
The landmark case: in May 2026, the Privacy Commissioner of Canada (jointly with BC's own regulator, plus Alberta and Quebec) released findings from its investigation of OpenAI (PIPEDA Findings #2026-002): OpenAI's data scraping was "overbroad and therefore inappropriate," its consent invalid, deletion technically infeasible. The point for you: BC's regulator co-signed this. AI is squarely on their radar.
Which law applies to your business:
- BC's PIPA covers most private-sector BC businesses — a Kelowna clinic, a mortgage brokerage, a marketing agency handling customer data within the province.
- PIPEDA kicks in when personal information crosses provincial or national borders — which happens the moment you paste it into a US-hosted AI tool. For most Okanagan businesses using ChatGPT, Claude, or Gemini, PIPEDA and AI compliance go together whether you planned for it or not.
One difference with teeth: PIPEDA has mandatory breach reporting — an exposure creating a "real risk of significant harm" must be reported to the Commissioner "as soon as feasible." BC's PIPA has no mandatory breach notification (voluntary, though the OIPC recommends it). If your data crossed the border into an AI tool, assume the federal duty applies.
Consent got stricter, too. The OPC's 2026 position: consent must be specific to the AI application and processing purpose — a generic "we use your data to improve our services" line no longer covers running customer data through AI.
And BC issued AI-specific guidance. In April 2026, the BC OIPC published guidance on AI scribes under PIPA: get consent before an AI tool records a client, disclose what's recorded and the risks, and give a real ability to decline. It's written for clinics, but the logic transfers to any Okanagan client-service business — a Kelowna physio practice or a bookkeeper running an AI note-taker on client calls should follow the same checklist.
Customer data, contracts, and financials: what's safe to paste where
Skip the theory. Here's the traffic-light system — the practical core of safe ways to use AI with customer data:
Green — fine on any plan:
- Your own writing, drafts, and marketing copy
- Public information and general research questions
- Fully anonymized scenarios ("a client in retail with $40K monthly revenue…")
Yellow — business tier or API only, or strip identifiers first:
- Contracts (redact names, parties, and amounts before uploading)
- Internal financials and strategy documents
- Meeting notes that mention real people
Red — never on consumer plans; needs consent plus a business tier:
- Customer personal information of any kind
- Employee records and health data
- Anything under an NDA
- Passwords, API keys, and credentials
Concrete Okanagan example: a Kelowna mortgage broker who pastes a client's income statements into personal ChatGPT has (a) moved personal financial data across the border under PIPEDA, (b) fed it to a training-by-default consumer plan, and (c) done it without consent specific to that AI use. Three problems, one paste. The same task on a ChatGPT Team account, with client consent on file, is defensible.
On data residency: neither OpenAI's API nor Claude's platform currently offers a Canadian region (OpenAI offers US and Europe). If AI data residency in Canada is a hard requirement (some regulated clients demand it), your routes are Azure OpenAI's Canada East region or Cohere in Toronto. But note: PIPEDA doesn't ban cross-border transfers. It requires comparable protection and transparency about where data goes.
Writing a one-page AI use policy for your team
45% of Canadian small businesses use generative AI (per CFIB), and most have no policy at all. Yours takes one page and one afternoon. Sections, in order:
- Purpose and scope — employees and contractors, work on any device.
- Approved tools — name them (e.g., "ChatGPT Team, Claude Team") and name one owner (founder or ops lead) who approves additions. This kills shadow AI without banning AI.
- Prohibited data — client PII and financials, personnel records, trade secrets, privileged communications, health information, passwords, anything under NDA.
- Required settings — business tier where available; training toggled off everywhere else (exact paths below).
- Incident step — "Tell the owner the same day. No blame." You cannot meet a breach-reporting duty you never hear about.
- Review — annually, or whenever you add a tool or a regulation changes.
Rollout in three days: Day 1, customize the draft. Day 2, a lawyer skims it (about 30 minutes). Day 3, send it with a signature page and a two-week deadline. That's how to write an AI policy without a consultant — and it doubles as your answer when a client asks about your AI confidentiality practices.

Settings to change today in Claude, ChatGPT, and Gemini
Fifteen minutes, three tools. These are the AI privacy settings for business users on consumer plans:
ChatGPT
- Settings → Data Controls → toggle OFF "Improve the model for everyone" (details in OpenAI's Data Controls FAQ). This only affects new chats.
- Review Settings → Personalization → Memory, and clear anything sensitive.
- For one-off sensitive queries, use Temporary Chat from the model dropdown.
Claude
- Go to claude.ai → Settings → Privacy → toggle OFF "Help improve Claude."
- Know the stakes: if you never opted out, retention runs up to 5 years; opted out, it's 30 days.
Gemini
- Visit myactivity.google.com/product/gemini (or the Gemini app → Activity) → "Turn off Gemini Apps Activity" — you'll confirm twice. Details at Google's Gemini Privacy Hub.
- This applies account-wide; a 72-hour safety-retention window remains.
- On a managed Workspace account? You're already not being trained on — no change needed.
If you run a team, skip the toggles and buy business seats — OpenAI's business data page and Anthropic's commercial terms put no-training in the contract, which is what you want to show a client or regulator.
When to get legal advice
Most of this you can handle yourself. Call a lawyer when:
- You handle health, financial, or children's data — the consent and safeguard bars are higher.
- You make automated decisions about customers — the OPC requires transparency and recourse.
- You're building AI into your product, not just using tools internally.
- You suspect customer PII was exposed — the PIPEDA breach-reporting clock may already be running.
- You serve Quebec customers — Law 25 adds its own requirements.
An hour of counsel before a problem costs a fraction of an investigation after one.
Key takeaways
- The real AI risks are retention, human review, discoverability, and compliance — not verbatim leaks to competitors.
- Paying isn't privacy. ChatGPT Plus/Pro and Claude Pro/Max still train by default; Team, Enterprise, and API tiers contractually don't.
- Pasting data into a US-hosted AI tool moves it across the border — PIPEDA applies, including mandatory breach reporting. BC's PIPA doesn't mandate notification, but don't rely on that gap.
- The OPC's 2026 OpenAI findings and BC OIPC's AI-scribe guidance mean Canadian regulators are actively enforcing on AI now, and consent must be specific to the AI use.
- Traffic-light rule: anonymized and public data anywhere; contracts and financials on business tiers only; customer PII never without consent plus a business tier.
- A one-page AI use policy (approved tools, prohibited data, required settings, incident step) closes most of your exposure in an afternoon.
- Toggle training off today in all three chatbots; exact click-paths above.
Frequently asked questions
Is ChatGPT safe for business data if I pay for Plus?
Not by default. Plus and Pro are consumer plans, so your chats and uploaded files train OpenAI's models unless you turn off "Improve the model for everyone" in Data Controls. For genuinely sensitive data, use ChatGPT Team, Enterprise, or the API, where the no-training commitment is written into the contract.
Does AI train on my data automatically?
On consumer plans, generally yes in 2026: ChatGPT trains by default, Claude trains (with up to 5-year retention) unless you opted out by September 2025, and Gemini's "Keep Activity" is on by default. Business tiers and APIs from all three don't train by default.
Is it safe to upload documents to AI like contracts or financials?
Not on consumer plans — and uploading a contract can breach its own confidentiality clause regardless of privacy settings. On a business tier, redact names and identifying amounts first. Anything under NDA stays out of consumer tools entirely.
Can my AI chats be used against me in court?
Yes. A February 2026 US federal ruling (United States v. Heppner) confirmed ChatGPT conversations carry no attorney-client privilege and are discoverable in litigation. Never treat a chatbot as a confidential adviser.
Do I need customer consent to use AI on their data in Canada?
Generally yes. The Privacy Commissioner's 2026 position is that consent must be specific to the AI application and purpose — boilerplate "improving our services" language doesn't cut it. BC OIPC's AI-scribe guidance goes further: disclose what's recorded, explain the risks, and give a real chance to decline.
What's the difference between PIPEDA and BC's PIPA for AI use?
BC PIPA governs most private BC businesses handling personal information within the province; PIPEDA takes over when data crosses borders — including pastes into US-hosted AI tools. The practical difference: PIPEDA mandates reporting breaches that pose a real risk of significant harm; PIPA doesn't, though BC's regulator recommends notification.
Is there an AI option that keeps data in Canada?
The major chatbots don't offer Canadian data residency — OpenAI's API offers US and Europe only. If in-country hosting is a hard requirement, look at Azure OpenAI's Canada East region or Toronto-based Cohere. PIPEDA itself permits cross-border transfers as long as protection is comparable and you're transparent about it.
Questions like these get hashed out in person at our events all the time — founders comparing policies, plans, and the occasional close call. If you're building a business anywhere in the Okanagan, join the Kelowna Founders Club free and figure out AI the smart way, together.
Kelowna Founders Club
Want the next play first?
Join free and get every guide, speaker insight, and event invite before anyone else. Built by founders in the Okanagan.
Join the club freeSee upcoming events