ChatGPT API vs Consumer Tiers: The Real Privacy Differences in 2026
Sonomos Research
The Sonomos research team writes about AI privacy, data protection, and how to use generative AI safely at work.
OpenAI offers ChatGPT through multiple surfaces with materially different privacy postures. A developer querying the ChatGPT API with Zero Data Retention enabled has almost nothing in common, from a privacy standpoint, with a person using ChatGPT Free at chatgpt.com. Yet both are using "ChatGPT" — and that ambiguity creates real compliance risk when organizations try to evaluate what their employees or applications are sending to OpenAI. This guide maps every major OpenAI product tier, explains what happens to your data in each, and identifies which tier is appropriate for which use case.
The OpenAI product tiers: a map
OpenAI distributes its models through several distinct channels:
ChatGPT Free — Consumer product at chatgpt.com with a free account. No payment required.
ChatGPT Plus — Paid consumer subscription ($20/month). Access to more capable models and higher usage limits.
ChatGPT Pro — Higher-tier consumer subscription with expanded access. Same privacy posture as Plus.
ChatGPT Team — Organizational account designed for small teams, billed per user. Adds workspace features and some admin controls.
ChatGPT Enterprise — Enterprise contract with dedicated terms, admin controls, DPA, and BAA availability. Requires direct agreement with OpenAI.
ChatGPT Edu — Education-specific tier for institutions. Similar data protections to Enterprise.
OpenAI API — Direct API access for developers and applications. No chat interface; queries are made programmatically. Multiple data retention options available.
Custom GPTs through ChatGPT — GPT Builder allows creating custom AI assistants within the ChatGPT interface. Data handling follows the underlying account tier.
What "training on your data" means — and when it happens
The most important privacy question for ChatGPT is whether OpenAI uses your prompts and responses to train its models. The answer depends on the tier:
| Tier | Default training use | Opt-out available | DPA available | BAA available | | --- | --- | --- | --- | --- | | ChatGPT Free | Yes | Yes (in settings) | No | No | | ChatGPT Plus | Yes | Yes (in settings) | No | No | | ChatGPT Pro | Yes | Yes (in settings) | No | No | | ChatGPT Team | No | N/A (off by default) | No | No | | ChatGPT Enterprise | No | N/A (off by default) | Yes | Yes | | ChatGPT Edu | No | N/A (off by default) | Yes | Varies | | OpenAI API | No (by default) | N/A (off by default) | Yes | Yes | | API with ZDR | No | N/A | Yes | Yes |
For consumer tiers (Free, Plus, Pro): Prompts and responses may be reviewed by OpenAI employees to improve models and evaluate safety. Training opt-out is available in Settings → Data Controls → "Improve the model for everyone." When this toggle is off, your conversations are not used for training — but they may still be retained for safety purposes.
For Team: Conversations are not used for training by default. The Team tier adds workspace administration, but the Data Processing Agreement is not included in the standard Team subscription as of 2026. Review current terms before treating Team as equivalent to Enterprise for compliance purposes.
For Enterprise: Conversations are not used for training. OpenAI offers a DPA satisfying GDPR Article 28 requirements. A HIPAA BAA is available for healthcare organizations. Admins can control which models are available to employees, review usage, and manage integrations.
For the API: By default, API queries are not used for training and are retained for 30 days for abuse monitoring. Zero Data Retention (ZDR) is available for qualifying endpoints — with ZDR, queries and responses are not retained beyond the duration of the API call. ZDR is available at an additional cost and requires API usage at qualifying volume levels.
Zero Data Retention: what it means and when to use it
Zero Data Retention (ZDR) is an API feature where OpenAI agrees not to store the inputs and outputs of API requests beyond the duration of the request itself. With ZDR enabled:
- No prompt content is retained on OpenAI's servers after the response is returned.
- No conversation history is stored.
- The request is processed and the model's response is returned, then the data is discarded.
ZDR is appropriate for applications that process highly sensitive data: healthcare applications processing PHI (in combination with a BAA), financial applications processing account data or PAN, legal applications processing privileged communications.
ZDR is not:
- Available on all API endpoints (vision endpoints and some specialized features may not support ZDR).
- A replacement for encrypting data in your application.
- Proof of HIPAA compliance — a BAA is also required for PHI processing.
- Available for the ChatGPT chat interface — only for API requests.
The practical compliance matrix
| Use case | Minimum required tier | Reason | | --- | --- | --- | | Personal productivity (no confidential data) | Free or Plus (with training opt-out) | No compliance obligation; opt-out prevents training use | | Internal business documents (non-regulated) | Team or Enterprise | Prevent default training; workplace admin controls | | Customer PII under CCPA/GDPR | Enterprise | DPA required for data processor compliance | | Protected health information (HIPAA) | Enterprise + BAA, or API + BAA + ZDR | BAA required; DPA required; ZDR recommended | | Cardholder data (PCI DSS) | API + ZDR or Enterprise with PCI controls | CHD must not be retained outside CDE; ZDR eliminates retention | | Classified or trade secret code | API + ZDR + contractual confidentiality | No retention; contractual protections for IP | | Legal privileged communications | Enterprise or API + ZDR | Data use restrictions required; no consumer tier appropriate |
Why the Free and Plus tier opt-out is insufficient for business use
Some organizations instruct employees to use ChatGPT Free or Plus with the training opt-out enabled and treat this as sufficient. It is not, for several reasons:
No organizational control. The opt-out is per-account and per-device. When an employee uses a personal ChatGPT account, the organization has no visibility into whether opt-out is enabled. When opt-out is not enabled, conversations are eligible for training review.
No DPA. GDPR, CCPA (where applicable to processors), and ISO 27001 supplier management requirements call for a Data Processing Agreement when a vendor processes personal data on the organization's behalf. Consumer terms are not a DPA.
No organizational audit access. The organization cannot review what employees are submitting to ChatGPT on consumer accounts. Enterprise tiers provide admin dashboards with usage visibility.
Retention without organizational control. Consumer accounts retain conversations in ChatGPT's history. If an employee submits confidential data, that data is retained in a system the organization does not control and cannot audit.
Shared accounts. Employees sometimes share consumer ChatGPT accounts with family members or colleagues. Enterprise accounts are individually provisioned and access is organizationally controlled.
ChatGPT API for application builders
Developers building applications on top of ChatGPT's API have a different set of considerations than employees using the chat interface:
Default retention is 30 days. Unless ZDR is enabled, API request data is retained for 30 days for abuse monitoring. For applications that process sensitive data, evaluate whether 30-day retention is acceptable or whether ZDR is required.
The API DPA. OpenAI's API terms include a data processing agreement satisfying GDPR Article 28 requirements for customers who have agreed to the API terms with a commercial subscription. Confirm the DPA is in your contract before building applications that process personal data.
Model selection and data handling. Different API models have different capabilities; choose based on the task, not just data handling. GPT-4o, GPT-4o Mini, and o3 Mini are available as of mid-2026; check OpenAI's current model list for ZDR eligibility for each model.
System prompts are data too. System prompts that include confidential business logic, customer data, or proprietary information are part of the API request and subject to the same retention rules as user prompts. Apply the same data minimization principles to system prompts as to user inputs.
The Temporary Chat option
ChatGPT's Temporary Chat feature (available on Free and Plus) disables conversation memory for that session — the conversation is not saved to history, and the opt-out for training does not apply to Temporary Chat (temporary chats are already excluded from training by default). Temporary Chat reduces retention risk but does not eliminate it (the conversation exists in server memory during the session) and provides none of the organizational controls of Enterprise.
Temporary Chat is useful for individuals handling sensitive personal information who want an additional privacy layer. It is not a substitute for Enterprise terms in organizational contexts.
Frequently asked questions
I use ChatGPT Plus with training opt-out. Is that sufficient for my company's client data?
No. Training opt-out prevents your conversations from being used to train OpenAI's models, but it does not provide a Data Processing Agreement for client data, does not give your organization admin visibility into employee usage, does not provide organizational access controls, and does not satisfy GDPR Article 28 requirements for processor agreements. ChatGPT Enterprise is the minimum appropriate tier for organizational client data.
We built an application on the OpenAI API. Do we need to execute a separate DPA?
OpenAI's API terms for commercial customers include data processing terms that satisfy GDPR Article 28 requirements. Review your current API agreement — if you signed up under current terms, the DPA provisions should be included. If you have an older agreement, confirm with OpenAI whether updated DPA terms apply.
What is the difference between ChatGPT Team and ChatGPT Enterprise?
Team is a smaller-scale organizational product with workspace features; Enterprise is a full enterprise contract with dedicated data processing terms, admin controls, BAA availability, and dedicated support. The key practical differences for compliance: Enterprise includes a DPA and BAA availability; Team does not include a DPA as standard. Enterprise also provides SSO, audit logs, and custom retention configuration. For regulated industries, Enterprise is the correct tier. For why even an enterprise contract doesn't eliminate the need for on-device controls, see Sonomos vs. enterprise AI plans.
Does ChatGPT Enterprise guarantee data stays in a specific geography?
OpenAI offers enterprise customers data residency options (US, EU) that affect where conversation data is processed and stored. Confirm the data residency option when negotiating your Enterprise agreement if geography is a compliance requirement (e.g., EU GDPR organizations that need EU data residency).
We are a startup and can't afford ChatGPT Enterprise. What should we do?
The API is often more cost-effective for application developers than Enterprise. For employees using ChatGPT for internal productivity, ChatGPT Team provides organizational admin controls and no-training-by-default at a lower price point than Enterprise — but without a DPA. For handling personal data subject to GDPR or CCPA, the DPA is legally required; if budget prevents Enterprise, building on the API (which includes DPA terms) may be the right architecture.
The bottom line
"ChatGPT" is not one product — it is at least eight different products with materially different privacy terms. The compliance analysis depends on which tier your employees or applications use, whether a DPA is in place, whether training is enabled, and whether data retention terms match your regulatory obligations. Consumer tiers (Free, Plus, Pro) are inappropriate for organizational data of any regulated category. Team is appropriate for general business use where a DPA is not required. Enterprise is required for any organization with GDPR, CCPA, HIPAA, or similar obligations. The API with ZDR is the right architecture for applications processing highly sensitive data with strict retention requirements.
Protect your data while using AI
Sonomos detects and masks sensitive information before it reaches AI models. 100% local, zero data collection.
Install FreeRelated Articles
AI Meeting Notetakers: HIPAA, GDPR, and Privacy Compliance in 2026
Otter.ai litigation, Fireflies BIPA claims, Zoom BAA requirements, GDPR DPA gaps — AI notetakers create real compliance obligations that most organisations have not fully addressed. A practical guide to consent, HIPAA, GDPR, and the specific risks of AI transcription at scale.
EU AI Act Compliance Checklist for Enterprise Deployers (2026)
Prohibited AI practices are enforceable now. GPAI obligations live August 2025. High-risk Annex III requirements hit in August 2026. A practical deployer-focused checklist covering every phase — including employment screening, credit tools, and GDPR overlap.
Is Grok GDPR Compliant? A 2026 Guide for European Teams
Grok and xAI carry the highest GDPR regulatory risk of any major AI tool in 2026 — with active investigations by the Irish DPC, France's CNIL, and the UK ICO over training-data practices, no enterprise DPA, and no EU data residency. Here is what European organisations need to know.
