Small teams use an average of 4-7 AI tools across writing, coding, research, and operations, often without a consistent framework for which ones are safe for which types of work. This guide rates the most common AI tools on the dimensions that matter for regulated industries: GDPR posture, DPA availability, SOC 2, data retention, and training data practices.
At a glance: The critical split is product tier, not vendor. Every major AI vendor offers a DPA-covered tier. The compliance risk for most small teams is not the tool they formally approved, it is the free consumer account their employees are using on their personal device.
TL;DR: For small teams in regulated industries, the safest AI tools are those with a signed DPA, SOC 2 certification, and documented data retention limits. ChatGPT Enterprise, Claude via API, and Microsoft 365 Copilot all meet these requirements. Free consumer tiers (ChatGPT Free, Claude.ai Free) do not, and most small teams have employees using them for work without a DPA.
The Rating Framework
Each tool is rated on five dimensions:
- DPA available: Does the vendor offer a Data Processing Agreement for your tier?
- SOC 2 Type II: Third-party audit of security controls
- Data retention: How long is your data kept, and can you reduce it?
- Training opt-out: Is your data used to train models? Can you opt out?
- Audit logs: Can you see who used the tool and what they accessed?
Scale: ✅ Yes / ⚠️ Partial or tier-dependent / ❌ No /, Not applicable
ChatGPT (OpenAI)
| Free | Plus | Team | Enterprise | |
|---|---|---|---|---|
| DPA | ❌ | ❌ | ✅ | ✅ |
| SOC 2 | , | , | ✅ | ✅ |
| Data retention controls | ❌ | ⚠️ | ✅ | ✅ |
| Training opt-out | ⚠️ Manual | ⚠️ Manual | ✅ Default | ✅ Default |
| Audit logs | ❌ | ❌ | ⚠️ Limited | ✅ |
Compliance rating:
- Free/Plus: Not appropriate for work data, no DPA, data may train models by default
- Team: Acceptable for most small teams; DPA included by default, but audit logs are limited compared to Enterprise
- Enterprise: Full compliance posture; appropriate for regulated industries
Common mistake: Most small teams run on ChatGPT Plus (personal accounts) rather than Team. Plus accounts do not include DPAs, any work data entered is not under a data processing contract.
Claude (Anthropic)
| Claude.ai Free | Claude.ai Pro | API | Business/Enterprise | |
|---|---|---|---|---|
| DPA | ❌ | ❌ | ✅ | ✅ |
| SOC 2 | , | , | ✅ | ✅ |
| Data retention controls | ❌ | ⚠️ | ✅ (ZDR mode) | ✅ |
| Training opt-out | ⚠️ Manual | ⚠️ Manual | ✅ Default | ✅ Default |
| Audit logs | ❌ | ❌ | ⚠️ API logs | ✅ |
Compliance rating:
- Free/Pro: Not appropriate for work data, no DPA
- API: Strong compliance posture; ZDR (zero data retention) mode available; suitable for regulated teams comfortable with API integration
- Business/Enterprise: Full compliance posture for teams wanting a managed product
Standout feature: Anthropic's zero data retention API mode is the strongest retention control available from any major vendor, code and prompts are not stored after the request completes.
Microsoft 365 Copilot
| M365 Copilot (Business/Enterprise) | |
|---|---|
| DPA | ✅ (Microsoft DPA) |
| SOC 2 | ✅ |
| Data retention | ✅ (inherits M365 retention policies) |
| Training opt-out | ✅ Default |
| Audit logs | ✅ (Microsoft Purview) |
Compliance rating: Best enterprise compliance posture of any tool reviewed. M365 Copilot inherits your existing Microsoft 365 data governance controls, retention policies, DLP, eDiscovery, and audit logs all apply to Copilot interactions.
Who it's for: Teams already running M365 Business Premium or E3/E5. The compliance controls are mature but require M365 admin configuration, they are not active by default.
Limitation: Copilot is tightly integrated with Microsoft's ecosystem. Teams not already on M365 face a high switching cost.
Notion AI
| Free | Plus | Business | Enterprise | |
|---|---|---|---|---|
| DPA | ❌ | ❌ | ✅ | ✅ |
| SOC 2 | , | , | ✅ | ✅ |
| Data retention | ❌ | ❌ | ✅ | ✅ |
| Training opt-out | ❌ | ❌ | ✅ | ✅ |
| Audit logs | ❌ | ❌ | ⚠️ Limited | ✅ |
Compliance rating:
- Free/Plus: Not appropriate for sensitive data; no DPA; Notion AI enabled by default may process workspace content
- Business: Acceptable for most small teams; DPA available, SOC 2 certified
- Enterprise: Full compliance posture
Important note: Notion AI is enabled by default on paid workspaces. If your team has a Notion Business account, Notion AI is already processing your workspace content. Check your workspace settings and review the DPA status before treating this as a governed tool.
Grammarly
| Free | Premium | Business/Enterprise | |
|---|---|---|---|
| DPA | ❌ | ❌ | ✅ |
| SOC 2 | , | , | ✅ |
| Data retention | ❌ | ❌ | ✅ |
| Training opt-out | ❌ | ❌ | ✅ |
| Audit logs | ❌ | ❌ | ✅ |
Compliance rating:
- Free/Premium: High-risk for work data. Grammarly is often installed as a browser extension, it reads everything you type, including passwords typed into login forms (it should be excluded from password fields but the risk surface is significant)
- Business/Enterprise: Acceptable with a DPA; browser extension should be configured to exclude sensitive domains
The hidden risk: Grammarly Free and Premium may be installed on employee devices as personal tools. Because it operates as a browser extension with broad read access, it creates an AI data-handling risk that most small teams have not inventoried.
GitHub Copilot
| Individual | Business | Enterprise | |
|---|---|---|---|
| DPA | ❌ | ✅ | ✅ |
| SOC 2 | , | ✅ | ✅ |
| Data retention controls | ❌ | ✅ | ✅ |
| Training opt-out | ❌ Default on | ✅ Default off | ✅ |
| Audit logs | ❌ | ⚠️ Limited | ✅ |
Compliance rating:
- Individual: Not appropriate for regulated work. Copilot Individual uses your code to improve the model by default; there is no DPA.
- Business: Acceptable for most development teams. Code snippets are not used to train models, and a DPA is included.
- Enterprise: Full compliance posture; includes policy controls, audit logs, and content exclusions.
The frequently missed detail: GitHub Copilot Individual is often installed by developers on personal or company machines without going through procurement. If your team uses GitHub, check which tier is actually active, Individual is the default for personal GitHub accounts.
Google Workspace AI (Gemini)
| Business Starter/Standard | Business Plus | Enterprise | |
|---|---|---|---|
| DPA | ✅ | ✅ | ✅ |
| SOC 2 | ✅ | ✅ | ✅ |
| Data retention | ✅ (inherits Workspace policy) | ✅ | ✅ |
| Training opt-out | ✅ Default | ✅ Default | ✅ |
| Audit logs | ⚠️ Limited | ✅ | ✅ |
Compliance rating: Strong across all paid tiers, Google does not use Workspace content to train its AI models, and the DPA covers all paid plans including Business Starter. Gemini in Workspace is covered by the existing Google Workspace DPA; no separate agreement needed.
Who it's for: Teams already using Google Workspace. The compliance posture is good and requires less admin configuration than Microsoft's equivalent, but the AI features are less capable than M365 Copilot for document and code tasks.
Quick Reference: Which Tier to Use
| Tool | Minimum tier for regulated work | Biggest risk |
|---|---|---|
| ChatGPT | Team | Employees using Plus/Free for work |
| Claude | API or Business | Free/Pro tier use without DPA |
| M365 Copilot | Business Basic | Admin config required, not on by default |
| Google Workspace AI | Business Starter | Usually fine; verify DPA is signed |
| Notion AI | Business | AI enabled by default, may already be active |
| Grammarly | Business | Browser extension reads all typed text |
| GitHub Copilot | Business | Individuals often on Individual tier |
| Cursor | Requires DPA negotiation | No standard enterprise tier as of mid-2026 |
Cursor: An Important Note for 2026
Cursor has grown rapidly as an AI code assistant but lacks the enterprise compliance infrastructure of the tools reviewed above. As of mid-2026:
- Cursor Teams offers a DPA and disables training by default, making it appropriate for most small teams
- There is no standard enterprise tier with audit rights, BAA availability, or advanced DLP controls comparable to GitHub Copilot Enterprise or M365 Copilot
- EU data residency is not available, data is processed in the US under SCCs
For teams with healthcare, financial, or government clients requiring enterprise-grade compliance controls, Cursor Teams may not satisfy those customer data requirements without negotiating custom terms. GitHub Copilot Enterprise or a self-hosted code completion solution (Tabnine, Codeium enterprise self-hosted) are alternatives to evaluate.
What to Do Now
-
Inventory what your team is actually using, not just what you approved. Free tiers of AI tools are often installed without going through procurement. Use the AI tool register template to capture all tools, including shadow AI.
-
Request DPAs for every tool in your register. DPA availability is listed above; most vendors have a self-serve DPA flow for business tiers. Start with the highest-sensitivity tools first (anything handling customer data, employee data, or financial records).
-
Check for default-on AI in your existing SaaS stack, Notion AI, Grammarly, and Google Workspace AI can all be active without explicit approval. Review your workspace settings for each.
-
Set a policy before the next tool is approved, the AI acceptable use policy template covers approved tools, data classification rules, and what employees must do before using any new AI tool.
-
Run a vendor due diligence pass, the AI vendor due diligence checklist covers 30 questions across security, data handling, and contractual terms. Takes about 30 minutes per vendor.
