AI and Data Privacy at Work: What to Ask Your Vendor
When a vendor says your data is safe, that is the start of the conversation, not the end. Here are the questions that turn a reassuring sentence into a verifiable fact.
I have sat on both sides of this table, as the company buying AI software and as the founder selling it, and I can tell you the privacy conversation is usually too easy. A vendor says the right words, your data is encrypted, we take security seriously, and everyone moves on. But those words do not commit anyone to anything specific. The job of a buyer is to replace comforting sentences with verifiable facts, and that takes asking the questions whose answers cannot be hand-waved. This is the list I wish more buyers used, written from the seller's side so you know which answers are real.
None of these questions are hostile. A good vendor will answer them plainly and quickly, because a good vendor has already thought about them. The speed and specificity of the answers tell you almost as much as the answers themselves.
Is my data used to train models?
This is the first and most important question, and the answer should be unambiguous. For most business use, the right answer is that your data is not used to train shared models, full stop. If the answer involves words like may, or unless you opt out, or anonymized, slow down and read the fine print, because each of those is a door left open. You want a clear no, not a conditional one.
Ask it in writing and get it in writing. A statement in a sales call is not a commitment; a clause in a contract is. If a vendor is confident in their answer, they will have no problem putting it in the agreement, and if they hesitate to, you have learned something important.
Where does my data live and who can see it?
- Where is the data processed and stored, and can you choose a region for data residency if you are regulated.
- Is a private model deployment available, so your data is not sent to a shared model at all.
- Who inside the vendor can access your data, under what controls, and is that access logged.
- Does the AI respect your existing permissions, so it cannot surface a record to a user who was never allowed to see it.
Can you prove what the AI did with my data?
Privacy is not only about who can see data, it is about being able to reconstruct what happened to it. Ask whether the vendor logs the actions their AI and agents take, including the tool calls, in a way you can later audit. If an agent touched a sensitive record, you should be able to find that out after the fact rather than take it on faith. An auditable system is a governable one; an opaque system is not.
This matters more as agents do more. An assistant that only answers questions has a small privacy surface. An agent that takes actions has a large one, and the only way to keep it accountable is a real audit trail. If a vendor cannot show you the log, they cannot show you the accountability either.
What happens to my data when I leave?
Every evaluation focuses on getting data in and forgets about getting it out. Ask what happens when you cancel. Can you export your data in a usable form, and is it actually deleted from the vendor's systems on a defined timeline, including from backups. A vendor that makes leaving hard is telling you how they think about the relationship, and it is worth knowing before you sign rather than after.
The honest version of this answer is specific. Here is the export format, here is the deletion timeline, here is how it applies to backups. Vagueness here is not an accident; it is usually a sign that leaving was never designed to be easy.
How to read the answers
The pattern to watch for across all of these is the difference between a commitment and a comfort. We take privacy seriously is a comfort. Your data is never used to train shared models, and here is the contract clause is a commitment. Train your ear to notice when a specific question gets a general answer, because that gap is where the risk lives. A vendor who deflects a precise question with a reassuring posture is answering a different question than the one you asked.
And give credit where it is due. A vendor who answers these quickly, specifically, and in writing has done the hard work of building privacy in rather than bolting it on. That is exactly the kind of partner you want holding your company's data, and the questions are how you find them.
For what it is worth, this is how we built Atlas, with the assistant respecting existing permissions and, for enterprise, private model deployment, data residency, and audit logging so actions can be reconstructed. The specifics live at /all-in-one and /pricing.