News · OpenAI documents ChatGPT's privacy controls and its Privacy Filter training tool

Jul, 84 min to read
Frontend

OpenAI documents ChatGPT's privacy controls and its Privacy Filter training tool

A plain-language guide from OpenAI ties model-training data sources to three concrete in-product controls — a training toggle, Temporary Chat, and Memory — plus a masking tool it has released to other developers.

Three data sources, one masking step in between

OpenAI names the inputs to model training plainly: publicly available internet content, data accessed through partnerships, and information provided or generated by users, contractors, and researchers. For public content, it says it uses "only information that is freely and openly accessible" — citing a public forum post or blog as examples of material that may be used.

The mechanism connecting those sources to the model is OpenAI Privacy Filter, which the post describes as identifying and masking personal information in text. OpenAI says an internal version runs at multiple stages of training — on public datasets and on user conversations where "Improve the model for everyone" is enabled.

The company claims the filter is "more effective at removing personal information than any other tool of its kind" in its own evaluations. It has also made the filter available to other developers for free. That second fact is the more interesting one: a training-side safeguard is being offered as reusable infrastructure, not kept as a proprietary edge.

Where the controls actually sit in the product

The post is unusually specific about interface paths, which is what makes it useful. The training opt-out lives under Settings, then Data Controls, as a toggle labeled "Improve the model for everyone." OpenAI is explicit about a behavior that often confuses users: turning it off does not remove new conversations from chat history — it only stops them being used for training.

Temporary Chat is a separate, per-conversation control, reached through a "Temporary" button in the top-right corner of a new chat. It skips chat history, creates no memories, and is excluded from model improvement — but conversations are still retained for 30 days "for safety purposes" before deletion.

Memory is framed as an optional convenience layer that remembers people, projects, and recurring topics. It can be reviewed, edited, deleted, or switched off entirely, at which point ChatGPT stops saving and referencing past-chat memory. Read together, these are three distinct scopes — persistent training, per-session ephemerality, and personalization — each with its own switch rather than a single privacy dial.

The line OpenAI draws around output and the safety carve-out

On responses, the post states ChatGPT is "designed to reject requests for private or sensitive information about individuals" but concedes it can make mistakes. Its remedy is procedural: a privacy request portal where someone can flag inaccurate or inappropriate personal information in output. The same portal handles data export, account deletion, and other privacy requests.

The post also carries a blunt user instruction — don't share sensitive information you wouldn't want used or reviewed — which sits alongside a stated tension. OpenAI writes that privacy and harm prevention "have to work together," and that it continues to strengthen detection of "credible threats of violence while maintaining privacy safeguards." The 30-day retention on Temporary Chats is where that carve-out becomes concrete.

We also recognize that protecting privacy and addressing serious risks of harm have to work together.Montana Labs

What builders should take from a controls-level disclosure

For anyone integrating ChatGPT into workflows that touch user data, the actionable content here is the granularity, not the assurances. The distinction between history and training, the 30-day floor on Temporary Chat, and the separation of Memory from training all change how you'd advise end users or configure defaults for a team.

The specific implication of this announcement is that OpenAI is now treating its training-side privacy tooling as something the wider industry can adopt directly: by releasing Privacy Filter to developers for free, it converts an internal safeguard into a shared component teams can run over their own text pipelines — and that offer, more than any of the in-app toggles, is the part worth evaluating on its own merits.

Find this story relevant to you?

Contact us to find a unique solution

Contact us

Need an AI engineering partner that can actually build?

We help businesses integrate AI, build AI-powered products, automate high-value workflows, and modernize the software systems behind them.

Get in touch

Related reading

More analysis around product delivery, operational AI, and the systems work that makes deployment hold up in reality.

Jul, 134 min to read
Frontend

DNP put ChatGPT Enterprise in front of ten departments and treated the chat window as the interface

Jul, 134 min to read
Frontend

AdventHealth deploys ChatGPT across nine states by treating adoption as the product

Jul, 134 min to read
Frontend

AP+ uses Codex to build behaving payment prototypes, not just clickable screens