The Tier Question Has a Simpler Answer
A question is going around among firms that handle confidential work: which tier of an AI tool is actually safe to use? The reasoning behind it is sound. A consumer subscription and an enterprise contract are not the same product, even when they put the same model behind the same box. The individual plan is built for individuals. The contractual controls a regulated firm needs, a data processing agreement, a promise that your inputs are not used for training, a say in where the data is stored, live in the enterprise, API, or self-hosted tiers, not in the cheap one. The common mistake is to assume that because a tool comes from a serious company it must be enterprise-ready the moment you log in. It is not. The tier decides what you are contractually allowed to put in.
I am not going to repeat the specific claims doing the rounds about any one vendor's retention window or storage default, because those change and you should check them against the current terms yourself. The principle holds whichever vendor you pick. Putting privileged material into a tool that carries no data processing agreement can count as disclosure to a third party, and under data-protection law and professional-conduct rules that is not a small thing.
Note: This page describes regulatory frameworks in general terms only. Nothing here is legal advice. Requirements vary by jurisdiction, organisation type, and use case. Consult qualified legal specialists for guidance specific to your situation.
The hard question and the simpler one
"Which tier is safe?" is the hard version of a simpler question. The hard version asks you to read every vendor's contract, map each tier to each obligation you carry, and then keep doing it as the terms move under you. The simpler version asks: does the privileged material need to leave the building at all?
For a bank, a law firm, a healthcare provider, the honest version of "we respect your privacy" is "your data never reaches us." If the work can be done on hardware you control, the tier question stops being a gamble, because there is no third party in the loop to have a tier with.
What I can tell you from practice, not theory
We built the tooling to do exactly that. It runs air-gapped, on hardware inside your own network, so nothing crosses the boundary. It also runs connected, against a hosted model, when that suits the job and the material is not sensitive. The choice is yours, task by task, not baked into a subscription you picked once and forgot.
Either way, every step is written down as it happens: what was checked, which agent did it, what the model was asked, what it answered, and when. A person then reviews that trail and stands behind it. The machine does the work and attaches the record; a human checks it and signs off. That is the whole discipline, and it is the part most tools leave out entirely.
We have run this every day for seven months. Not a demo, and not a pilot we are hoping to sell you: our own working practice. The tooling that produces the evidence trail is the same tooling we use on ourselves.
What you walk away with
You know what a machine actually sees when it reads your content, rather than guessing. You hold a dated record of every action taken on your work, one you can hand to a regulator, a partner, or an acquirer's diligence team, and they can walk it themselves. And you decide where your data lives, instead of finding out after an incident that a default sent it somewhere you would never have chosen.
We offer three things around that: the training to run it yourselves, the consultancy to set it up against the obligations you actually carry, and the tooling underneath. We do not grant you compliance with anything; that stays your legal duty. We give you the evidence that duty expects you to hold.
I wrote about the wider version of this the day a government discovered it could not verify an AI system's own safety claims, in The Governance Gap Regulators Just Discovered.
Do the checklist anyway
None of this replaces the basic discipline, and you should do all of it. Know what AI your people are already using. Map the tiers to what you are actually allowed to do with them. Write the policy down. Train the staff. Run the transfer risk assessments where the law asks for them.
But for the material that genuinely cannot wander, the privileged file, the client's confidential position, the record you would not want read by anyone you did not choose, the cleanest answer is not a better tier and a contract you half understand. It is to keep it on the machine in the first place.
If your firm handles work that cannot leave the building, send me your domain at info@cognovamx.com and I will show you what the machines already see, and how the trail is kept. The first five pages are free.