Step 3 of 7 · Private
The question most AI vendors hope you don't ask.
The biggest question small business owners ask me isn't 'does AI work?' It's 'who's seeing my stuff?' And that's the right question.
Every time you type something into a chatbot on someone else's website, your words go somewhere. They get stored, shared, sometimes used to train a model, sometimes kept forever, sometimes deleted tomorrow. Most tools don't tell you. Most owners never ask.
Today we ask. And we use AI to do the reading — so you don't have to suffer through the legalese yourself.
60-second action
Pick one tool. Let Claude read the privacy policy for you.
Option A — Your POS (Square)
Fetch and read Square's privacy policy at https://squareup.com/us/en/legal/privacy — the full page, not search snippets. Before you answer, quote one specific sentence from the policy so I know you actually read it. If you can't open the page, stop and say "I couldn't fetch it — paste the policy text here and I'll try again." Don't guess from snippets or memory. Then, in plain English: 1. Do they train AI on customer data? (Yes / No / Unclear — quote the exact sentence.) 2. How long do they keep my data? (Days / months / years / forever — quote it.) 3. Who else sees it? (List every third party, vendor, or category they name.) 4. Can I get it deleted? (How I request it — and how long it takes.) If the policy doesn't address one, answer "THEY DON'T SAY." Don't guess. Don't pad.
Option B — Your email tool (Mailchimp)
Fetch and read Mailchimp's privacy policy at https://mailchimp.com/legal/privacy/ — the full page, not search snippets. Before you answer, quote one specific sentence from the policy so I know you actually read it. If you can't open the page, stop and say "I couldn't fetch it — paste the policy text here and I'll try again." Don't guess from snippets or memory. Then, in plain English: 1. Do they train AI on customer data? (Yes / No / Unclear — quote the exact sentence.) 2. How long do they keep my data? (Days / months / years / forever — quote it.) 3. Who else sees it? (List every third party, vendor, or category they name.) 4. Can I get it deleted? (How I request it — and how long it takes.) If the policy doesn't address one, answer "THEY DON'T SAY." Don't guess. Don't pad.
Option C — The AI you use (ChatGPT)
Fetch and read OpenAI's privacy policy at https://openai.com/policies/privacy-policy/ — the full page, not search snippets. Before you answer, quote one specific sentence from the policy so I know you actually read it. If you can't open the page, stop and say "I couldn't fetch it — paste the policy text here and I'll try again." Don't guess from snippets or memory. Then, in plain English: 1. Do they train AI on the stuff I type into ChatGPT? (Yes / No / Unclear — quote the exact sentence. Note whether it differs for free vs paid accounts.) 2. How long do they keep my conversations? (Days / months / years / forever — quote it.) 3. Who else sees it? (List every third party, vendor, or category they name.) 4. Can I get my conversations deleted? (How I request it — and how long it takes.) If the policy doesn't address one, answer "THEY DON'T SAY." Don't guess. Don't pad.
What you’ll get
A plain-English data story for one of the tools you depend on every week. Sometimes a clean answer. Sometimes buried legalese. Sometimes a polite THEY DON'T SAY — which, as you'll see tomorrow, is also an answer.
Now go to getbearing.co/privacy and run the same four questions against us. Same plain English, 90 seconds. It's the 4-part promise plus the three things we explicitly won't do yet — so the yeses mean something.
That's what owning your data actually looks like. It isn't magic. It's just a vendor deciding to write the answers down in plain English instead of hiding them. Tomorrow I'll give you the four questions you can ask any AI vendor — Bearing included — to know in 90 seconds whether they're honest.
Tomorrow · Step 4
Four questions to ask any AI vendor in 90 seconds.