2 June 2026
Private AI vs public chatbots: where does your project data actually go?
Somewhere in your business this week, someone pasted part of a subcontract, a client email or a tender figure into a free AI chatbot. Not maliciously. They were trying to get their work done faster, and the tool helped.
Whether that should worry you depends entirely on which tool, under which account, with which settings. Most construction businesses have never worked through the distinctions, so here they are in plain English.
The three tiers
Public and free. Consumer chatbot accounts, the ones people sign up to with a personal email. Depending on the provider and settings, what goes in may be retained and may be used to improve the models. Fine for asking how a mechanism in a standard form contract generally works. Not the place for your margins, your client's information, or anything commercially sensitive. Government guidance for its own staff draws exactly this line: nothing sensitive goes into public tools unless it is already public.
Enterprise tiers. The paid business versions of the same tools. Contractual commitments not to train on your data, admin controls, audit logs, and data handling that can actually pass a client's security questionnaire. For most construction businesses, this is the sensible default for day-to-day drafting, summarising and analysis. The uncomfortable truth: plenty of firms are paying for personal-tier convenience with company data because nobody set up the enterprise account.
Private deployments. The model runs in your own environment, on your own server or your own cloud tenancy, and your data never leaves it. This is the tier for assistants built over your project record: contracts, correspondence, commercial positions, the material you would never voluntarily hand to anyone. Open-source models have made this genuinely affordable, and it is the foundation for the private commercial intelligence we write about elsewhere on this blog.
The questions that actually matter
You do not need to become a security specialist. You need answers to five questions for any AI tool your business touches:
- Is our data used to train the provider's models, and is that commitment contractual?
- Where is it processed and stored, and for how long is it retained?
- Who in our business can see what others have put in?
- Can we switch it off, export our data, and prove what was shared?
- Does this arrangement survive our clients' confidentiality obligations and the UK GDPR?
If a vendor cannot answer those in writing, that is your answer.
Bans do not work. Rules do.
The instinctive response is to ban the lot. The predictable result is shadow use: people quietly using personal accounts on personal phones, with zero visibility and zero control. The information leaks anyway, and now you cannot even see it happening.
The working alternative is boring and effective. Give people a sanctioned tool that is genuinely good, on an enterprise or private tier. Publish red lines everyone can remember: client data, pricing and personal data stay out of public tools, full stop. Train by role, so the QS knows what is safe with a contract and the bid team knows what is safe with a tender. And route the genuinely sensitive work to a private deployment where the question disappears entirely.
Your people are going to use AI either way. The only decision you get to make is whether it happens inside rules you wrote, on tools you control, or outside both.