Which data must absolutely not enter an AI tool, even the business version?

Even with an enterprise license that disables training, some data stays forbidden. Passwords, API keys, BSN, medical data, legal matters under privilege, and third-party data you have no DPA for. A short forbidden list keeps colleagues from guessing the limits themselves.

Try this first

1. 1Write a one-page 'do not paste' list with categories: credentials, keys and tokens, BSN and passport numbers, health data, legal disputes, source code with embedded secrets.
2. 2Add a second category: customer or partner data without written consent or without the tool being in your processor register.
3. 3Make clear that 'enterprise tier' does not automatically make everything safe. Training opt-out does not remove the chance that a log or prompt cache holds something you do not want shared.
4. 4Give a safe alternative per category: secrets in a vault like 1Password or Bitwarden, crop BSN out of screenshots, run legal text through a local or EU-only model.
5. 5Show the list near every AI tool you allow: a banner or onboarding page, not just a PDF nobody opens.

None of the above fits?

Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.