What Your AI Knows About You: A Guide to Limit It
By Tom | November 1, 2025
Some links are affiliate links. If you shop through them, I earn coffee money—your price stays the same.
Opinions are still 100% mine.
I had an interesting minute the other day. My music app, that uses some clever AI, played me a playlist that could have been lifted directly from my teenage years (including some obscure albums that I had completely forgotten!). Pretty cool, but also unsettling. Then I started to wonder: how does it know me so well?
This got me thinking; and because I had a few minutes on my hands I fell down the rabbit hole And what I discovered was this: the AIs that pervade our lives are constantly learning, creating a ‘digital twin’ of ourselves based on our data. This is not necessarily a bad thing, because the results can be stunning conveniences. But it also means that we need to become aware of the fact that our AI digital footprint is greater than ever.
In this article, I want to walk you through what I have learned about what the AI knows about you, the dangers and the benefits of having that data out there, and most importantly the real steps and AI privacy tools you can use to take that control back.
How does AI learn such a lot anyway?
Ultimately, AI relies on data-driven systems. The more data you feed to them the more intelligent they become. Our digital lives provide two major types of food for these things:
- Provided data: This is the information that we consciously give out. It's our name when we sign up for a service, the queries we put on ChatGPT, or the documents we upload to an AI editor.
- Observed Data: This is the trail of digital crumbs we leave. It is our browsing history, our location with a map program, what we purchase online, and even how long we linger on a video before scrolling through.
AI algorithms put this together to make an astonishingly accurate profile of our habits, interests and preferences.
The Double-edged Sword of Data-hungry AI
Let's be honest, its benefits are amazing. I, for one, love the hyper-personalization that saves me time, the efficiency of an AI assistant managing my calendar and the peace of mind that comes with security systems alerting me when suspicious activity is happening on my accounts. Companies are using this data to make better products, which is to everyone's benefit.
But the drawbacks are large. The sheer volume of data collection can be invasive. There is the danger of algorithmic bias, where AI models provide unfair stereotypes, and the "black box" problem, where we don't know how exactly an AI arrived at a conclusion.
Privacy Controls and Audit Tools with Companion Services
One of the fastest growing areas of AI is with companion services—AI friends and partners designed to provide emotional support. These programs encourage deeply personal conversations, creating unusual challenges for private information. The 2024 release of an AI chatbot database exposed just how much sensitive information these systems can store.
When I examined the policies of several familiar services, the extent of AI and personal data collection became apparent. Many platforms, from well-known names like SecretDesires and Kupid.ai to others such as ourdream.ai, Herahaven, Joi, Lovescape, and Sweetdream.ai, have varying approaches to user data.
- Nomi.ai: Collects account information, conversations, and technical information. The company says the chats are anonymized, yet they are still used to train its chatbot.
- Candy.ai: Policies state data can be shared with affiliates, and conversation data may be reviewed to improve the AI.
A 2025 study of the top AI companion applications stated that 80% potentially relied on this deeply personal information for advertising purposes. This is where we must be active in our scrutiny of the data retention policies. You can see a direct comparison of how different services handle these issues in our other articles.
How do you get back control? Your guide to an AI privacy audit.
The good news is that we are not defenseless. After I got over my shock, I began to think of ways that I could manage AI privacy. It begins with looking into the settings of the tool that you use each day.
Your first line of defense: AI privacy settings
Most services now offer various controls to arrange for your data. Here is a quick comparison of the various AI assistants to get you started.
| AI Assistant | Default Training Policy | Key Privacy Controls |
|---|---|---|
| ChatGPT (OpenAI) | On by default for Free and Plus accounts. | Open Settings > Data Controls and toggle "Chat History & Training" off. When disabled, new chats are deleted after 30 days and excluded from training. |
| Gemini (Google) | On when Gemini Apps Activity is enabled. | Pause or delete interactions in Gemini Apps Activity. Google notes safety copies can persist for up to 3 years. |
| Claude (Anthropic) | Off unless you opt in. | Manage sharing under Settings > Privacy. Declining "Help improve Claude" keeps chats only for about 30 days; opting in allows Anthropic to retain them for up to 3 years. |
| Microsoft Copilot | On for personal Microsoft accounts. | Use the Microsoft Privacy Dashboard to review, export, and delete Copilot chats. Clearing history limits how Microsoft uses the data for product improvement. |
How To Secure Your AI Privacy in 5 Steps
Taking control of your data need not be overwhelming. Follow this simple checklist to curb data collection across your AI tools and services.
- Never Share Sensitive Data
Think of public AI chatbots like a public forum. This is the golden rule. Never input financial information, home addresses, social security numbers or confidential work information. - Actively Opt-Out from Data Training
Train yourself to immediately locate the "Data Controls" or "Privacy Settings" in any new AI tool you employ. Turn off any and all choices you can find allowing your data to be used for model training. - Purge Your History Regularly
Make yourself a reoccurring reminder (say monthly) to go into your AI activity logs for services like Gemini or ChatGPT and purge your prior conversations. This will also limit how much historical data is being preserved in your account. - Use a "Burner" Account
Create a completely different, anonymous e-mail address that you only use to sign up for AI services. This will help companies not easily tie your AI activity to your main, personal accounts, like your main e-mail or social media accounts. - Look at App Permissions
On your phone, check regularly what permissions your AI-powered apps have. Click on Settings > Apps and check out each one. An AI image generator has no business having access to your contacts or microphone, so access should be revoked on those unneeded items.
The 3 R's of Digital Privacy Checklist:
- Review: Dedicate 15 minutes each month to audit your digital footprint. Check app permissions on your phone and review privacy settings for the AI and social platforms you use most.
- Restrict: Limit data collection wherever possible. Disable ad personalization, rely on privacy-focused browsers with tracker blockers, and withhold information a service does not genuinely need.
- Remove: Proactively delete information you no longer want companies to hold. Clear AI chat histories, use your "right to be forgotten," and shut down old or unused online accounts.
The Next Step: AI Privacy Audit Tools
While manual settings are a wonderful place to start, a new breed of AI Privacy Tools are exploding onto the scene. For businesses, different services like OneTrust and IBM watsonx.governance are helping them manage their AI risks and comply with regulations.
For us common folk using these services, the market is still young with many players emerging constantly, but we can utilize also existing tools to get a much clearer picture.
- Privacy Dashboards: Google's Privacy Dashboard offers a chronology of your activity which can be eye-opening at times, but also a great place to delete old or out-of-date data. Privacy dashboards are available from Microsoft and other tech giants also in their ecosystems.
- Portability Requests: Laws like GDPR and CCPA allow people to request a copy of their data. Looking through that information can give you an exact idea of what an AI has stored about you.
Your Secret Weapon: The Data Subject Access Request (DSAR)
A legal right under regulations such as the European GDPR gives you the ability to request from any company a copy of all the personal information that they maintain on you. This is the Data Subject Access Request, or DSAR, and it is a powerful tool for transparency.
How to File a DSAR
- Find the data controller: In the company's privacy policy, locate its legal name and contact information for privacy requests.
- Draft your request: Contact the company via email or its privacy portal. A concise message invoking your right of access and requesting a copy of all personal data linked to your account is often sufficient.
- Confirm your identity: Expect to verify who you are. This is a normal security step to prevent unauthorized disclosures.
- Wait for the reply: Companies typically have about a month to respond. You will receive a file containing your data—often a revealing snapshot of your digital footprint.
A Preview Of A More Private Future
I am hopeful looking ahead. There is a strong push for more government regulation and the development of amazing Privacy-Enhancing technologies (PETs) like Federated Learning that allow AI models to be trained without your raw data ever leaving your device.
In the end we will want transparency and control as we become more knowledgeable. The relationship between us and our AI is a fluid one, shaping the future of AI companions. The goal is not to give up these incredibly powerful tools but to use them wisely, safely and on our own terms. By taking a few proactive steps we can ensure that we remain in control of our digital selves.