An interactive walkthrough of how AI tools handle your data, what the risks are, and how to protect sensitive information. Includes a provider lookup, real-world scenarios, and a personal assessment.
Logging: Does the company keep a record of what you typed? Think of it like CCTV: does the camera exist, and is the tape being kept?
Retention: How long does the company keep a copy of your conversation? "30-day retention" means a copy sits on someone else's server for a month. "Zero retention" means it's processed and forgotten — like a phone call with no recording.
Training: Is your conversation used to make the AI smarter for other people? Imagine your therapist used your sessions to write a textbook. It doesn't name you, but your words are in there. That's what "training" means.
Human Review: Can actual employees at the AI company read what you typed? At some companies, real people read conversations for safety and quality. It's "de-identified" — but someone is reading your words.
Memory: Does the AI save facts about you between conversations? Some AI tools build a hidden profile of things you've mentioned. Deleting a chat doesn't delete the profile — you have to find and clear it separately.
Metadata: Even if content isn't stored, is info about your usage kept? Like a phone bill — it doesn't record what you said, but it shows who you called, when, and for how long.
ChatGPT: Logs conversations indefinitely. Training ON by default — you have to turn it off manually.
Claude: Retains 30 days (up to 5 years if training enabled). Training switched to ON by default in late 2025.
Gemini: Retains 18–36 months. Human reviewers routinely read conversations. Longest consumer retention of any major provider.
Copilot: Consumer version retains 18 months. Very different privacy from the business product (Microsoft 365 Copilot).
Perplexity: Search history kept indefinitely. Training enabled by default but has an opt-out toggle.
Grok: Shares data within X/Twitter ecosystem. Under EU regulatory investigation.
DeepSeek: Servers in China. Indefinite retention. No clear data minimization commitments.
Manus: AI agent with broad data access. Integrated into Meta/Facebook ecosystem. Processes tasks on remote servers with unclear retention terms.
Mistral Le Chat: EU-based (France). Retains until you delete. Training on by default but opt-out available.
Notion AI: OpenAI processes your content but does NOT train on it. Data retained up to 30 days by OpenAI.
Grammarly: Vendors contractually forbidden from training on your content. Stronger than most competitors.
Google Workspace Gemini: Much better than consumer Gemini. Organization-bound, no default human review, no training.
Microsoft 365 Copilot: Business product — very different from consumer Copilot. No model training, GDPR compliant, encrypted.
Canva AI: Free accounts: content may train AI. Business/Team accounts: content explicitly excluded from training.
Adobe Firefly: Trained on licensed content, never on your work. Reference images deleted within 24 hours.
Zoom AI Companion: Does not train on meetings. Zero-retention option available. Third parties retain up to 30 days.
Slack AI: No training by default — must explicitly opt in. Uses retrieval architecture, not stored in models.
Otter.ai: Can retain data indefinitely under "legitimate business" exemption. Host-only consent model.
Fireflies.ai: Meeting content never used for training. Vendors contractually prohibited. SOC 2 + HIPAA certified.
Fathom: Uses data to improve models (PII omitted). Vague retention — "as long as necessary." HIPAA compliant.
Read.ai: Training is opt-out by default (good). Audio/video can be deleted separately from transcripts.
tl;dv: EU-based. Never trains on your data. Free plan auto-deletes after 6 months. Strong GDPR posture.
Grain: Data not used commercially. OpenAI retains for 30 days (abuse monitoring only). SOC 2 certified.
Ollama: Runs AI on your computer. Data stays on your device. No account needed, no internet required after setup.
LM Studio: Desktop app with a visual interface. No command line needed. All data stays local. No telemetry.
Jan.ai: 100% offline. Open source — you can inspect the code. Works on older hardware (8GB RAM). No cloud features.
Dana, 44 — Therapist: Licensed counselor with 22 active clients. Needs AI help drafting treatment plan updates and writing insurance pre-authorization letters, but HIPAA obligations and ethical duty of confidentiality mean client session notes must be anonymized first. With Scrubbit, client names become PERSON_7, diagnoses become MEDICAL_1.
Marco, 38 — Parent: Managing his 9-year-old daughter's special needs records. Needs AI to organize three years of neuropsych evaluations and IEP documents for an upcoming meeting. On Gemini, this data would be retained 18 months with human reviewers able to read it. With Scrubbit, his daughter's name, doctors, school, and diagnoses are all tokenized.
Kate, 42 — Estate Planner: CPA managing trust accounts for three families under fiduciary duty. Needs AI to analyze trust structures and draft amendments. With Scrubbit, account names and amounts are anonymized — AI can analyze structure without exposing real identities.
Neil, 38 — Consultant: CX consultancy owner with every client under NDA. Needs AI for drafting project proposals and analyzing market data. With Scrubbit, client names become ORGANIZATION_1 and competitive data is tokenized.
Amara, 31 — Tutor: Private tutor with 15 students aged 8–16, several with learning differences. Subject to FERPA and local student privacy laws. With Scrubbit, student info is anonymized — AI gives tips without ever knowing the student's name or school.
Sanjay, 29 — Founder: Solo developer building a SaaS product pre-funding. His codebase, architecture decisions, and product strategy are his competitive advantage. With Scrubbit, sensitive docs are anonymized — AI helps him iterate without exposing his IP or customers' information.
1. Your subscription doesn't buy privacy. ChatGPT Plus, Claude Pro, Gemini Advanced — none offer better privacy than the free version. The real privacy improvements start at Team and Enterprise tiers, which most independent professionals don't have access to.
2. "Not used for training" doesn't mean "not stored." Retention and training are independent. Even with training off, conversations are retained for 30 days and could be accessed by staff.
3. Deleting your chats doesn't undo what already happened. Chat history, Memory, and training are three separate things. Deleting a conversation doesn't clear the chatbot's notes about you, and it can't undo training. The only reliable protection is to control what goes in — not try to take it back after.
Use AI confidently for everyday work. Most of what you do with AI — brainstorming, research, drafting, learning — doesn't involve anyone else's private information.
Draw a clear line around what's sensitive. "How do I handle a difficult IEP meeting?" is fine anywhere. Your child's actual IEP with their name and diagnosis on it — that's sensitive.
Understand your AI tool's privacy posture. Does it train on your data? How long does it keep conversations? Can humans read them?
Protect the sensitive parts before they leave your device. When you're working with someone else's private information — client records, patient notes, financial details — anonymize it before it reaches any AI service. That's what Scrubbit does.
Own your choices — and be ready to explain them. Could you tell your client, your grown child, or your patient how their data is handled? Personal data sovereignty means you have an answer, and it's one you're confident in.