Picture this: you need to draft a thank-you letter for a group of donors who gave at different levels last year. You open ChatGPT, paste in a spreadsheet of names, gift amounts, and contact details, and ask it to write personalized notes. It works beautifully. What you may not have considered is what happened to that spreadsheet the moment you hit send.
This scenario plays out in nonprofits and schools every day. AI tools are genuinely useful for writing, summarizing, and organizing information. But most public AI tools were not designed with sensitive organizational data in mind, and using them without some basic awareness of how they handle your input can expose your organization to real risk.
What Actually Happens When You Paste Data Into a Public AI Tool
When you use a free or consumer-tier AI tool like ChatGPT, Google Gemini, or Microsoft Copilot through a personal account, your conversations may be stored on the company's servers. Depending on the tool and your account settings, that data may also be used to improve the AI's future performance. In practice, this means the names, contact details, financial figures, or client information you paste in may not stay private.
OpenAI's privacy policy states that the company may use the content you submit to train and improve its models unless you opt out through specific account settings or use an enterprise plan that includes a data processing agreement. Most individual and free-tier users have never changed those settings. Most don't know the setting exists.
This is not a conspiracy. These are standard terms for consumer software. The problem is that nonprofit staff often use personal or free-tier accounts for work tasks, and the data they bring into those conversations belongs to their organizations and the people those organizations serve.
The Kinds of Information Nonprofits Handle Every Day
Nonprofits and schools handle sensitive information as a matter of routine. A short list of what routinely shows up in nonprofit files includes:
- Donor names, addresses, phone numbers, and giving history
- Client names and service records, sometimes including health or family circumstances
- Grant applications with detailed financial disclosures
- Board member contact information and internal meeting notes
- Staff personnel records and salary information
- Student names and academic records (protected by FERPA in educational settings)
None of these belong in a public AI chat window. Your donors trusted you with their contact information. Your clients trusted you with their circumstances. Your board members expect their internal deliberations to stay internal. Pasting any of it into a consumer AI tool without understanding the privacy implications is a breach of that trust, even if nothing visibly goes wrong.
The Stakes Are Getting Higher
Until recently, the main concern with AI data privacy was abstract: your information might be used for training, or might be accessible to company employees reviewing conversations for safety. That concern is real but felt distant. In 2026, the risks have become more concrete.
Cybersecurity researchers have confirmed the first documented AI-assisted cyberattacks, in which attackers used AI tools to accelerate phishing campaigns, identify vulnerabilities, and craft more convincing social engineering attempts. Organizations with weak data hygiene practices are easier targets. If your donor list or client records have already been shared with an outside service, the exposure radius of a breach grows.
Separately, a widely reported incident this spring involved an AI agent that, while executing an automated task, deleted an organization's entire database in under ten seconds. The details matter less than the lesson: AI tools can take consequential actions quickly, and when sensitive data is involved in those workflows, mistakes are harder to contain and reverse.
None of this means AI is too dangerous to use. It means using AI carelessly with sensitive data carries real organizational risk, the kind that can damage donor relationships, trigger legal liability under data protection laws, or simply leave you explaining to a client why their information ended up somewhere it shouldn't have been.
A Practical Approach: What to Paste and What to Keep Out
The good news is that protecting your organization does not require avoiding AI tools altogether. It requires knowing what kinds of information are safe to use in a public AI tool and what kinds are not.
As a general rule: paste the structure, not the content. If you want help drafting a donor thank-you letter, describe the donor in general terms rather than pasting an actual record. "Write a thank-you letter for a donor who has given annually for five years and recently made their largest gift of $500" will get you a letter just as useful as one generated from a real spreadsheet row, without the exposure.
If you need to work with real data, consider whether you can remove identifying information first. A spreadsheet of gift amounts without names or contact details can help you analyze giving trends without exposing anyone.
For a more detailed framework covering exactly what information is safe to share, safe after scrubbing, and should stay out of AI tools entirely, see the AI Data Privacy Guide in the Cochise AI resources section. It walks through specific scenarios and gives you a quick-reference checklist you can share with your whole team.
When You Need a Better Tool for the Job
Some tasks genuinely require working with real organizational data, and for those, the answer is not to compromise your data practices. It's to use a tool that offers appropriate protections.
Enterprise plans from OpenAI, Google, Microsoft, and Anthropic all include data processing agreements that explicitly prohibit using your data for model training. If your organization is regularly using AI for work that involves real client, donor, or financial data, an enterprise plan is worth the cost. The price difference between a free account and a paid business account is small compared to the cost of a data breach or a lost donor relationship.
Microsoft Copilot, when accessed through a licensed Microsoft 365 for Nonprofits subscription, operates under Microsoft's enterprise data protections by default. If your organization already uses Microsoft 365 at the nonprofit discount rate, you may already have access to a safer version of AI assistance without any additional cost.
A Word About Staff Habits
The most sophisticated data protection policy in the world doesn't help if staff members are using personal ChatGPT accounts on their lunch break to handle work tasks. In smaller nonprofits, this is common. There is no IT department setting policies, no security training budget, and no one checking what tools people are using at their desks.
The most effective thing a nonprofit leader can do right now is have a direct, practical conversation with staff about this. Not a lecture about compliance, but a clear explanation: here is what these tools do with your information, here is what we should not paste into them, and here is what to use when we need AI help with real data. That conversation, backed by a simple written policy, does more than most technical controls.
Getting Started
If your organization is already using AI tools and you're not sure where your current practices stand, the AI Data Privacy Guide is a good starting point. It's free and written for non-technical staff.
If you'd like help thinking through an organization-wide approach to AI use that includes data privacy, Cochise AI offers consulting tailored to nonprofits and schools in Cochise County. Use the contact form to start a conversation. No obligation, no sales pitch.
