Skip to content
Skuto
English
Menu

Privacy

Is It Safe to Upload Confidential Documents to ChatGPT?

Published:

Whether it’s safe to upload a confidential document to ChatGPT depends on two things: your plan and what’s in the file. The 10-second check: on a personal plan (Free, Go, Plus, Pro), an uploaded file can be used to train future models unless you’ve turned off “Improve the model for everyone,” so a truly confidential document (a client contract, a report under NDA, anything with other people’s personal data) shouldn’t go in as-is. On a Business or Enterprise account, uploads are excluded from training by default, which is the right home for confidential work. The safe move on any plan is to strip the identifiers first or use a Temporary Chat. Here’s the detail behind that rule.

What happens to a file you upload

This is in OpenAI’s own documentation, not guesswork. The File Uploads FAQ explains that on personal plans, content you upload, including files, can be used to improve models if “Improve the model for everyone” is on, which it is by default. Switching it off in Settings → Data Controls is a clean opt-out for future uploads.

Retention is separate from training. OpenAI’s retention policy says an uploaded file is kept as long as the chat that holds it; when you delete that chat (or your account, or the custom GPT it lives in), the file is removed from OpenAI’s systems within about 30 days, unless it must be kept for security or legal reasons. So data retention has a ceiling, but deleting a file later doesn’t undo any training that already happened from it.

The tier difference that actually matters

For confidential data, the plan is the deciding factor. OpenAI’s enterprise privacy page states that content submitted to its business offerings (ChatGPT Business, Enterprise and the API) is not used to train models by default. That’s the meaningful line: a personal plan treats your upload as potential training material unless you opt out; a business tier doesn’t, by design.

If your organisation handles regulated data, this is also where a data processing agreement comes in: the contract that sets out how a provider processes personal data on your behalf under the GDPR. Business and Enterprise plans can offer one; personal plans don’t. If you’re uploading anything that belongs to clients or patients, that contract is the difference between a sanctioned tool and a quiet compliance problem.

A quick check by document type

  • Your own draft, no third-party data (a CV, a cover letter, your notes): fine on any plan, low stakes.
  • A contract, financial report, or anything under NDA: business tier, or redact the confidential clauses and figures first. Not a personal plan as-is.
  • A document full of other people’s details (a client list, a tenant complaint, medical notes): that’s their personal data, not yours. Anonymise before upload, or don’t upload.
  • A scanned form with ID or card numbers: remove the numbers. “My reference number” works as well as the real digits for getting help.

Two tactics that make it safe

First, use a Temporary Chat for anything sensitive: it isn’t used for training and doesn’t stay in your history (OpenAI keeps a copy up to 30 days for safety only). Find it via the model/chat menu; menus move, so if the label has changed, look for “Temporary” and tell us. A temporary chat is the simplest one-off safeguard.

Second, redact before you upload. Replace names, account numbers, addresses and reference codes with placeholders. The content you actually need help with is almost never the part that creates the risk.

Check it before it leaves your machine

Reading a retention policy at the moment you’re about to drag in a PDF isn’t realistic. That’s what the paste checker is for: paste the text of a document and it flags names, ID and card numbers, and other risky elements before anything is sent. The whole scan happens in the page you already have open, and nothing about the document is uploaded to us, so checking it doesn’t quietly create a second copy somewhere. Thirty seconds of checking beats explaining a leaked client file later.

Keep reading

GuidesCan Your Employer See Your ChatGPT? What's Visible and What Isn'tOn a personal account and personal device, no, your employer can't see your ChatGPT chats. On a work account or Enterprise workspace, increasingly yes.GuidesIs It Safe to Upload Photos to ChatGPT? What Happens to Your ImagesPhotos of objects, places or your own work are usually fine. Faces, children, ID documents and private screenshots are not. The verdict by type.GuidesWhat Not to Share With ChatGPT (and What's Actually Fine)Never paste passwords, ID or card numbers, other people's data, or confidential work files into ChatGPT. The full list, and what's fine to share.

Frequent questions

Is it safe to upload a confidential PDF to ChatGPT? +

On a personal plan (Free, Go, Plus, Pro), only if the file is used for training is acceptable to you, or if you've turned off 'Improve the model for everyone' and used a Temporary Chat. For truly confidential documents (client files, contracts, anything covered by an NDA), use a Business or Enterprise account, which excludes uploads from training by default, or remove the confidential parts first.

Are uploaded files used to train ChatGPT? +

On personal plans, yes by default: files you upload can be used to improve models unless you switch off 'Improve the model for everyone' in Settings. On Business and Enterprise accounts, uploaded content is not used for training by default.

How long does ChatGPT keep an uploaded document? +

Files are stored for as long as the chat that contains them. When you delete that chat, your account, or the custom GPT it belongs to, OpenAI deletes the associated file from its systems within about 30 days, unless it must be kept for security or legal reasons.

How do I upload a document without the privacy risk? +

Use a Temporary Chat, which isn't used for training and doesn't stay in your history. Better still, redact the document first: replace names, account numbers and identifiers with placeholders, so the confidential parts never leave your device at all.