ChatGPT is the AI tool your staff are most likely to use, and the tool your policy is most likely to under-cover. Most ChatGPT employee use policies treat it as a single product — when in practice it ships in three tiers with three different data-handling regimes underneath. The policy that lands cleanly with HR, compliance, and security is the one that names the tier, names the data, and names the review step.
A ChatGPT employee use policy tells your staff three things: which version of ChatGPT they may use (free, Team, Enterprise, or API), what data they may paste into it, and what human review is required before they act on its output. Free ChatGPT is not covered by a data-processing agreement, which is why GDPR-aligned organisations restrict it to non-confidential data. Responsible AI Studio (RAIS) publishes a ChatGPT-aware Employee AI Guidelines tool that maps the three tiers (free, Team/Enterprise, API) to the EU AI Act and GDPR obligations that apply.
Qualified review still required. Outputs are AI-generated starting-point documents — not a substitute for qualified legal or compliance advice.
The three ChatGPT tiers your policy must distinguish
The free ChatGPT product — and the personal ChatGPT Plus subscription — does not come with a data-processing agreement. Anything pasted into the prompt can be retained on the consumer tier and sits outside the EU Standard Contractual Clauses or UK IDTA frameworks that a GDPR-aligned employer needs. Treat the free tier as off-limits for any confidential or personal data; if your staff use it, they do so on personal accounts and outside the policy.
ChatGPT Team and ChatGPT Enterprise sit under a data-processing agreement that OpenAI signs with the employer. Inputs are not used to train models by default, and enterprise-level controls — admin console, SSO, audit log, SCIM provisioning — are available. These tiers are the workable foundation for sanctioned employee use of conversational AI.
The OpenAI API sits in a third position. The DPA applies, training-on-by-default is off, but the access model is developer-oriented. Your policy needs to name which engineering teams may use the API, which model versions are sanctioned, and how the audit trail is captured. Most HR-facing policy work concentrates on the Team and Enterprise tiers — but the API tier exists, and your policy needs to name it explicitly.
Naming the three tiers separately is the first move that turns a generic ChatGPT policy into one a compliance reviewer will sign.
The data categories your staff must never paste in
Some categories of data should never enter any ChatGPT tier without escalation. Confidential customer data — anything that would breach a customer agreement or NDA if it leaked — sits at the top of the list. Special-category personal data under GDPR Article 9 — health, ethnicity, sexual orientation, religion, trade-union membership, biometrics, and genetics — carries the heaviest regulatory weight.
Trade secrets and undisclosed financial information — pre-announcement results, M&A discussions, pricing strategy, customer pipelines — belong in the same category by default. Pasting them into a consumer AI tool is an information-leak event regardless of intent.
Sector-specific confidentiality regimes add their own categories. HIPAA-equivalent health data in healthcare, lawyer-client privilege in legal services, and banker-client confidentiality in financial services each have explicit prohibitions on third-party processing without the right contractual chain. The policy needs to enumerate them. Pointing at "all confidential information" is too thin to enforce.
Where a category is borderline — anonymised customer feedback, draft internal slides, redacted contracts — the policy names an escalation path rather than relying on staff judgement.
Approved use, allowed-with-review, and prohibited use
A three-tier permission model is what most HR functions actually need. Approved use covers what staff can do without seeking permission — drafting non-confidential text, summarising a public document, generating a meeting-notes outline, or asking general knowledge questions where no proprietary context is shared.
Allowed-with-review covers AI use that requires a human check before the output is acted on. Draft customer-facing copy. Draft contractual language. Draft hiring questions or feedback. Code or formulas that touch production systems. The review step shifts responsibility from the AI tool to the named human reviewer — and that shift is what regulators expect to see.
Prohibited use covers what the policy will not permit under any circumstance. Final decisions on hiring, performance, pay, or discipline. Anything involving the data categories from the previous section. Direct customer interaction where the customer cannot tell they are talking to AI without explicit disclosure.
Worked examples inside the policy itself, rather than the appendix, are what make the three tiers operational. "You can use ChatGPT Team to draft a kick-off email but not to send it" is more useful than three pages of policy prose.
Human-review and disclosure rules
Human review is the operational anchor. Any AI output that goes to a customer, appears in a contractual record, or shapes a decision about an employee needs a named human reviewer who has seen the output and signed off on it. The reviewer's role title belongs in the policy — not "a manager" or "the relevant team".
Disclosure rules sit alongside. The EU AI Act Article 50 makes disclosure mandatory when an AI system interacts with a person, with limited exceptions. In the UK, the ICO's guidance on AI and data protection sets a similar expectation for transparency. The policy needs to state when a customer must be told the response was AI-drafted, when staff working alongside AI tools must be told, and what language to use for the disclosure.
Disclosure is the section where legal and marketing pull in opposite directions. The policy that ships is the one that names a single approved disclosure pattern — not three template options — and refers contested cases to a named owner.
Training, enforcement, and incident reporting
A ChatGPT policy that staff never read is an artefact, not a policy. Training and rollout turn the document into operational reality. The AI literacy obligation under EU AI Act Article 4 belongs here. So does the briefing for line managers on the review duty they own and the cross-function brief for the people whose work intersects with AI most often — HR, customer support, sales, and product. The wider context for this work is the employee AI guidelines rollout guide.
Enforcement comes through the existing disciplinary code. The policy says what is permitted; the disciplinary code says what happens when it is breached. Resist the temptation to add a parallel AI-disciplinary process; it confuses managers and slows enforcement.
Incident reporting needs an explicit, low-friction channel. When a staff member realises they pasted something they should not have, the path to report it has to be easier than hoping no one notices. Name a single inbox, name a single owner, and make the report the trigger for remediation — vendor inquiry, data-protection assessment, regulator notification where applicable — rather than the trigger for disciplinary action.
From policy to downstream artefacts
The ChatGPT policy is one node in a four-document programme. The downstream artefacts are where the policy proves operational. The AI risk register records each ChatGPT use case with likelihood, impact, mitigation, and owner — and is where a policy breach becomes a tracked risk rather than an unrecorded incident. The AI vendor assessment documents the OpenAI relationship itself — DPA terms, sub-processor list, sub-processor model providers, incident-notification triggers, and exit strategy. For the broader regulatory landscape this policy sits inside, see EU AI Act obligations for general-purpose AI use. The policy you ship is only as good as the operational layer it sits on.
FAQ
Q1. Can employees use ChatGPT at work? Yes, in most jurisdictions, but only inside a defined policy that names which version they may use, what data they may share, and what human review is required. Free ChatGPT (3.5/4) without a DPA is rarely defensible under GDPR for confidential or personal data.
Q2. Does OpenAI sign a DPA for ChatGPT? OpenAI signs a DPA for ChatGPT Business, ChatGPT Enterprise, and the API — not for the free or personal Plus versions. The DPA is requested via OpenAI's enterprise privacy portal.
Q3. What data should employees never paste into ChatGPT? Confidential customer data, special-category personal data under GDPR Article 9, trade secrets, undisclosed financial information, and any data subject to sector-specific confidentiality (HIPAA-equivalents, lawyer-client privilege, banking secrecy). Your ChatGPT policy must name these categories explicitly.
Q4. What should a ChatGPT employee use policy include? Scope, sanctioned versions, prohibited data categories, human-review rules, disclosure to customers when AI was used, training expectations, and incident reporting. Responsible AI Studio (RAIS) generates this in 5 minutes with the GDPR, EU AI Act, and ISO 42001 citations baked in.
A ChatGPT employee use policy is not a one-and-done. The tier mix changes, the data categories tighten, and the disclosure rules will continue to evolve as regulators publish guidance. RAIS tools amplify your in-house expertise — the regulatory citations, the disclosure language, the cross-function alignment — so the policy you publish is the one your reviewer would sign and your staff will actually follow.
Generate a ChatGPT-aware employee AI policy → /tools/employee-guidelines
Qualified review still required. Outputs are AI-generated starting-point documents — not a substitute for qualified legal or compliance advice.