"It's just one prompt." That's usually how it starts. An engineer pastes part of a technical drawing into a public chatbot to get a task done faster. A salesperson drops in a customer spec to draft a quote. Quality summarizes an audit report. Each action looks harmless on its own. Together they add up to a leak of sensitive data the company never sees and never controls.

This isn't a scare piece. It's about where the risk actually sits — because intuition often points at the wrong spot — and what genuinely reduces it inside a regulated manufacturer.

What "sensitive data" actually means in manufacturing

Conversations about data protection default to personal data. That narrows the picture. In a manufacturing company the most valuable asset is often something GDPR doesn't directly protect:

  • Technical documentation — drawings, CAD models, tolerances, formulations, process parameters. This is your competitive edge written into files.
  • Commercial data — price lists, margins, contract terms, customer specs under NDAs.
  • Operational data — audit reports, failure logs, production-line data, system configurations.
  • Personal data — employees, customers, suppliers. Here GDPR applies directly.

The first three rarely make it into a security policy as "sensitive data," yet they're the ones that decide whether the company keeps its edge. A leaked formulation doesn't end in a fine — it ends with a competitor making the same thing cheaper.

Where the risk really is — and where it only seems to be

The most common fear: "the model will train on our data and spit it out to someone else." That's a real risk, but not the main one. Three more grounded problems matter more.

Retention and access. When you send data to a public API, it leaves your control. You don't know with certainty how long it's stored, which of the vendor's staff might see it while handling an incident, or which jurisdiction it physically lives in. The retention policy may sit in terms the vendor can change.

Jurisdiction and transfer. Some vendors process data outside the EU. For data under contract or a locality requirement, that's not a detail — it's a potential breach of a commitment you didn't impose on yourself but signed with your customer.

No trail. When data leaves through shadow AI — tools employees use without IT's knowledge — the company loses the ability to answer an auditor's simple question: where was this data and who could reach it. The point isn't that something bad happened. It's that you can't demonstrate that it didn't.

That last one is decisive for regulated industries. An audit doesn't ask "do you trust the vendor" — it asks "show where data is processed and who can access it." On a public API the honest answer is often "we don't fully know." That answer doesn't pass.

Why a ban alone doesn't work

The natural reaction from security is an internal ban: "no public AI tools for company data." The trouble is that a ban doesn't remove the need that pushed people toward them. The employee had a real task to do faster — and if the only tool that helps is forbidden, they use it quietly from a personal account. The policy doesn't disappear; it goes underground.

A ban without an alternative turns a visible problem into an invisible one. That's worse, not better — because now the data leaves all the same, just with no trail and beyond any IT control.

What actually reduces the risk

Risk drops when sensitive data never leaves an environment you control — while the employee still has a tool that does the job. That's the core of private AI: the model runs on your infrastructure or in a dedicated, isolated instance, not on a shared, public API.

In practice that means a few concrete things:

  1. Data stays with you. Drawings, BOMs and tickets don't land on someone else's servers. Processing happens inside an environment whose boundaries you know.
  2. There's a trail. You know what went in, what came out and who asked. That's exactly what an audit wants — the ability to show where data was.
  3. Access is yours. You decide roles, retention and who sees what — not terms someone else can change.
  4. The need is met. The employee gets a tool faster than hiding with a personal account, so shadow AI loses its reason to exist.

This doesn't mean every company must build its own server room overnight. For smaller teams, an isolated private cloud delivers most of that control without the cost of owned infrastructure. The line between the models is a separate topic — what matters is that both keep sensitive data out of the public, shared loop.

The question worth starting with

Before deciding on any AI tool, answer one question: which of our data cannot leave the company — and can we demonstrate today where it goes? If the answer to the second part is "not entirely," that isn't an AI problem yet. It's a visibility problem that AI merely exposes, because it hands employees one more easy channel for data to slip out.

The good news: this can be sorted out — and protecting data doesn't have to mean giving up AI. It has to mean a deliberate choice about where that data is processed.

Want to keep up with how regulated firms in Europe handle AI and sensitive data? Sign up for our newsletter — no spam, a few concrete points a month.

Related