Most people assume their ChatGPT prompts disappear into the ether after they hit send. They don't. Here is what the published terms of the major consumer AI products actually say about your data.
Default training opt-in
On the consumer plans, OpenAI, Anthropic, and Google all use your conversations to improve their models unless you go into settings and disable it. The default is opt-in. OpenAI's data usage policy confirms this for the free and Plus tiers. Opting out is a buried setting; most users never find it.
30-day retention even after you delete a chat
Deleted chats are not actually deleted. They are flagged as "to be removed" and physically purged after roughly 30 days, per the published trust-and-safety reviews. During that window your content is fair game for human review if it triggers any safety filter. This is not unique to OpenAI — Anthropic, Google, and Microsoft all maintain similar grace periods.
Subpoena risk
Cloud-stored conversations are subject to subpoena and law-enforcement requests like any other server-side record. The EFF's annual review of US privacy litigation shows the volume of these requests has tripled since 2020. End-to-end encryption is the only architectural defence; not "we promise we won't look."
The shadow profile problem
Even with training opt-out, providers retain enough metadata — IP address, device fingerprint, login times, prompt timestamps — to build a useful behavioural profile. Zero-knowledge encryption addresses the content layer, but the metadata layer is much harder to defend. The only complete defence is to keep the data on your device in the first place.
What good architecture looks like
Sovereign's design is simple: the LLM runs locally via Google's open Gemma weights. The encrypted cloud sync (optional) uses keys derived from credentials we never see. We physically cannot read your data. That isn't a promise we make in a privacy policy — it's a property of the system. On-device AI makes this architecture viable.
About Sovereign — A privacy-first AI personal assistant that runs entirely on your iPhone. On-device LLM, zero-knowledge encryption, and a coach that learns from your own words. See how it works or visit the homepage.