Skip to content
PrivateAI
← Back to Home
Workflows

Privacy Due Diligence: How to Vet Any AI Tool Before It Touches Your Data

10 min read min readBy PrivateAI Team

Every privacy-conscious developer eventually faces a specific paradox: you want to research a new AI coding assistant, model hosting service, or LLM API — but how you research it creates its own privacy exposure.

Google searches leave a trail tied to your identity and get recycled into your ad profile. Asking ChatGPT to evaluate a competitor means OpenAI sees the query. Posting on Reddit means your question gets indexed, archived, and potentially folded into the next training run. Even your search history for "Is [AI tool] safe?" becomes data about your professional interests, your security posture, and what vendors you're considering.

This is not just ironic — it's operationally real. Privacy due diligence done carelessly creates exactly the kind of data exposure it's meant to prevent.

Perplexity, used with the right setup, breaks this loop. It's not a zero-knowledge system — we covered what actually leaves your machine in our full privacy review — but it's a meaningfully different privacy surface than Google, and its cited-answer format is uniquely suited to the due diligence workflow described here.

What You're Actually Trying to Find Out

Before running any queries, be clear on what signals matter. When evaluating an AI tool's privacy posture, five questions determine whether it's safe for your use case:

1. Data retention — how long are your queries and outputs stored? "For as long as necessary" is not an answer. You want a specific timeframe and format: 30 days, then deleted? 90 days anonymized? Indefinitely tied to your account?

2. Training opt-out — does using the service contribute to future model training by default? Is there a real opt-out, or just a vague statement that data "may not be used" in unspecified circumstances?

3. Third-party data sharing — who else receives your data? The privacy policy is the start, but sub-processor lists and data processing agreements often tell a different story. Analytics vendors, advertising SDKs, and cloud infrastructure providers all count.

4. Jurisdiction — where are servers physically located, and which courts can compel disclosure? A tool headquartered in the U.S. but storing data in the EU operates under a different legal framework than one doing both in the U.S.

5. Breach and incident history — has this company had a data breach? How quickly did they disclose it? How did they respond? A breach handled transparently tells you more about a company's security culture than a clean record does.

Why Google Is Exactly the Wrong Tool for This Research

When you type "[AI tool] privacy policy analysis" into Google:

  • That query is tied to your Google account or IP address and becomes part of your behavioral profile
  • It signals professional interest in a specific vendor — competitive intelligence that advertisers will purchase and act on
  • The results are ranked by SEO performance, not accuracy — vendor-written blog posts and affiliate reviews outrank independent analysis
  • The ads you see for the next several weeks will reflect this research

The deeper problem is structural: Google's business model depends on knowing what you're researching and monetizing that knowledge. Using an advertising surveillance engine to research surveillance risks doesn't just create an irony — it adds a real data point to a profile you don't control.

There is also the accuracy problem. Google surfaces what ranks, not what's true. A privacy policy written by a vendor's marketing team to sound reassuring will consistently outrank an independent security researcher's detailed critique of the same policy.

The Perplexity Setup for Due Diligence Research

Perplexity's architecture differs from Google in one commercially significant way: it is not an advertising business. There is no behavioral ad profile being built from your queries. The revenue model is subscriptions and enterprise licensing. Your research into "AI tool X data retention policy" does not become a targeting signal sold to AI tool X's competitors.

That does not mean Perplexity is zero-knowledge — see our privacy review for the detailed breakdown. But for due diligence research into other tools, it offers a materially cleaner separation than Google.

Configure your setup for minimal exposure before you start:

  • Use a private browsing window with no active Perplexity session. Queries made without a logged-in account are not tied to an identity on Perplexity's end, only to an IP address for a limited retention window.
  • If you have Perplexity Pro, stay logged in but disable the training data setting first: Settings → Privacy → "Help improve Perplexity" → Off. This is the correct opt-out path as of early 2026.
  • Use a VPN if the tool you're researching is one your employer would recognize — you're not hiding from Perplexity, you're adding a hop that prevents your corporate IP from appearing in logs associated with competitor research.

The cited-answer format is what makes Perplexity particularly effective for this workflow. Instead of ranked links requiring you to read ten pages to form a synthesis, Perplexity returns a direct answer with numbered citations. For privacy policy research, this matters: you can instantly see whether the claim "they retain data for 30 days" is sourced from the actual policy document or from a blog post that may be outdated or inaccurate.

The Five Queries to Run on Every AI Tool

These are the exact prompts to run before letting any new AI tool touch your data. Run them in sequence; later answers inform follow-up questions on earlier ones.


Query 1: Data Retention

> What is [tool name]'s data retention policy for user queries and outputs as of 2026? How long are conversations stored, and are they retained in identifiable or anonymized form?

What you're watching for: specificity. Vague language like "reasonable period" or "as required by law" is a red flag. Legitimate services publishing their data practices will give you a number. If Perplexity's synthesized answer can't find a specific timeframe cited in the tool's own documentation, that absence is itself informative.


Query 2: Training Opt-Out

> Does [tool name] use user conversations to train AI models by default? Is there a documented opt-out, and if so, does it apply retroactively to already-submitted data?

The retroactive question is the one vendors never answer prominently. Many tools offer future opt-out but retain and use data submitted before the opt-out was enabled. If you've used a tool for six months and then disabled training, those six months of queries remain in the training corpus.


Query 3: Third-Party Sub-Processors

> What third-party companies receive user data from [tool name]? Who are listed as their AI infrastructure sub-processors, analytics providers, and any advertising technology partners?

This query surfaces the difference between the privacy policy as written and the privacy policy as implemented. A tool can claim strong data protections while routing your queries through five third-party analytics SDKs. Sub-processor lists are often buried in Data Processing Agreements or a separate "Cookies and Tracking" page that the main privacy policy links to without emphasizing.


Query 4: Jurisdiction and Legal Requests

> Where are [tool name]'s servers physically located? Under which country's legal jurisdiction do they operate? Have they published a transparency report on government data requests?

Jurisdiction determines which courts can compel disclosure without your knowledge. A U.S.-based company receiving a National Security Letter is legally prohibited from disclosing it. EU GDPR creates specific rights around data subject access and deletion that U.S. companies operating only domestically do not have to honor. This is not theoretical — it is the operational difference between tools you can use for sensitive professional work and tools you cannot.


Query 5: Breach and Incident History

> Has [tool name] had any data breaches, security incidents, or significant privacy violations? What was the company's response and disclosure timeline?

A clean record is good but not definitive — many breaches simply haven't been discovered or disclosed yet. What you're evaluating is response quality: did they disclose promptly, notify affected users specifically, and implement meaningful remediation? A company that covered up a minor breach is more concerning than one that disclosed a significant breach quickly and transparently.


After running all five, run one synthesis query:

> Based on [tool name]'s documented privacy policy, known sub-processor list, jurisdiction, and incident history, what are the primary data risks for a developer storing work-related queries and code snippets in this tool?

This synthesis question is where Perplexity Pro earns its value.

What Perplexity Pro Adds to This Workflow

The free tier handles these queries adequately for casual research. Perplexity Pro adds two things that matter for systematic due diligence:

Deep Research mode runs 20-30 web searches per query, synthesizing across a much wider source set before returning an answer. For privacy policy research, this is the difference between surfacing only the vendor's own documentation versus also finding a security researcher's detailed clause-by-clause critique, a Hacker News thread flagging a specific data sharing arrangement, or a news article covering a quiet policy update from six months ago. Privacy policy changes rarely make headlines; Deep Research mode is more likely to surface the signal.

Follow-up query depth — due diligence is iterative. You find a vague clause, need to drill in: "What does 'aggregate usage data' mean in practice under their policy?" You get an answer that references a sub-processor you haven't heard of, need to investigate that separately. The free tier throttles this iteration. Pro removes the friction at exactly the point where the research gets specific and valuable.

Recommended

Deep Research mode, cited answers from the live web, and API access. $20/mo after trial — cancel anytime.

Perplexity Pro

Start 7-Day Free Trial

Affiliate Disclosure: This article may contain affiliate links. If you make a purchase through these links, we may earn a small commission at no extra cost to you. We only recommend products we genuinely believe in. This helps support our work and allows us to continue providing free content.