Reference · AI tools

AI tools and your data

Your employees are already using AI tools. Whether that exposes your organisation's data depends on which tier they are on. Here is what consumer versus enterprise means across the major platforms.

Last reviewed: July 2026 · Policies may change. Verify with vendors before making procurement decisions.


← scroll to see full table →

Platform Tier Training on your data Retention Residency / processing Suitable for confidential business data?
Anthropic / Claude Free · Pro · Max Yes by default
Opt-out available
30 days opted out · 5 years if opted in US No
Anthropic / Claude Team · Enterprise · API No Configurable · Zero Data Retention for API EU or US Yes · GDPR, SOC 2, ISO 27001, ISO 42001
OpenAI / ChatGPT Free · Plus · Pro Yes by default
Opt-out available
Until deleted · deleted chats within ~30 days US No
OpenAI / ChatGPT Business · Enterprise · API No Configurable · Zero Data Retention for API Regional residency for Enterprise and API, not Business (EU, US + others) Yes · GDPR, SOC 2, ISO 27001, ISO 42001
Microsoft Copilot Consumer (personal) No training in EEA · Yes with an opt-out elsewhere 18 months (default) Microsoft global cloud No
Microsoft Copilot M365 Business / Enterprise No Admin-controlled via Purview Customer tenant region (EU Data Boundary for eligible EU/EFTA tenants)* Yes · GDPR, SOC 2, ISO 27001, ISO 42001
Google AI / Gemini Free · Plus · Pro · Ultra Yes by default
Opt-out available
18 months (configurable) Global (no customer region control) No
Google AI / Gemini Workspace Business / Enterprise No Admin-controlled Regional processing (including EU options) Yes · GDPR, SOC 2, ISO 27001, ISO 42001

*Data at rest stays within the EU Data Boundary, with one exception: when Flex Routing is enabled, LLM inference and limited pseudonymised data can move to the US, Canada, or Australia during peak demand. Flex Routing is on by default for EU/EFTA tenants created after 25 March 2026. For older tenants the default varies. Anthropic models within Copilot are excluded from the EU Data Boundary entirely, and their default state also varies. Do not assume the defaults. Check your tenant's settings in the Microsoft 365 admin center.


The Pro trap

"Pro" is not a privacy tier

ChatGPT Plus/Pro and Claude Pro buy better models and higher limits, not better data protection. They sit in the consumer tier, where training is on by default unless manually disabled. None of them includes a binding Data Processing Agreement. Only Business, Team, Enterprise, and API tiers do. Employees often use personal Pro accounts for company work long before the organisation approves AI tools.

One product, multiple vendors

"Enterprise" can still mean several different data terms

M365 Copilot can route a single request to Azure OpenAI or to Anthropic, depending on configuration — each with different residency and EU Data Boundary commitments. Knowing which product you bought is not the same as knowing which model handled a specific task.

The governance gap

AI adoption is not an IT-only decision

The questions that actually matter — what data flows where, what the legal basis is, what happens when something goes wrong — should be leadership decisions. Many organisations hand AI adoption to IT, the governance questions never get asked, and the tool is already in use before security or legal sees it.

Residency and processing regions might differ

A vendor can store your data within the EU while processing it outside. Data residency and data processing are different contractual commitments. Verify both when evaluating GDPR compliance. Routing to the nearest data centre does not guarantee all processing happens in your region during high demand. OpenAI's regional residency and Microsoft's Flex Routing are both examples of exactly this gap.


Ask the vendor:

What do you store, for how long, where is it processed, and does anyone outside our organisation ever see or reuse it? And will you put that in the contract?

On subprocessors: The main vendor's promise does not always bind their infrastructure providers. Ask for the subprocessor list and confirm the same obligations apply to them.

Geopolitical risk

Government export controls as a threat vector

In June 2026, Anthropic suspended access to Claude Fable 5 and Mythos 5 globally overnight following a US government export-control directive. Anthropic could not verify citizenship in real time, so the suspension was global rather than targeted. Organisations that had integrated these models into workflows lost access immediately with no fallback.

Access was restored roughly three weeks later, after the directive was lifted following government review. The resolution required a political decision outside any vendor's control.

Most risk assessments do not include government export controls as a threat vector for AI tools. Business continuity planning for AI-dependent workflows should account for this risk category. Standard vendor contracts rely on vague force majeure language. If an AI model sits in a critical workflow, business continuity planning needs a fallback for the day a government switches it off.

This reference was last reviewed July 2026 against primary vendor documentation from OpenAI, Microsoft, Google, and Anthropic. AI vendor policies and certifications change. Verify current status directly with vendors before making procurement or compliance decisions. This page is maintained by Ørnsyn as a reference for advisory purposes and does not constitute legal advice.