Data Privacy Checklist
Privacy
What to anonymise before pasting into an LLM — and how to use AI safely with sensitive property data.
The Core Rule
Assume anything you paste into an LLM could be seen by a third party. This is not always the case — but it is the right default posture until you have verified your tool’s data settings.
Before you paste anything: Check that your LLM has “improve model” or “train on conversations” turned off. In Claude: Settings → Privacy. In ChatGPT: Settings → Data Controls.
What is Safe to Share
| Data type | Safe? | Notes |
|---|---|---|
| Generic property descriptions | ✓ Safe | Property type, size, location suburb — no identifying details |
| Anonymised lease terms | ✓ Safe | Rent amounts, terms, review mechanisms — without tenant name or address |
| Process questions | ✓ Safe | “How do I handle a lease expiry?” — no personal data involved |
| Draft communications | ✓ Safe | With placeholder names — replace real names before pasting |
| Market research questions | ✓ Safe | General market analysis with no client-specific data |
What to Anonymise First
| Data type | Risk | Replace with |
|---|---|---|
| Tenant full name | ⚠ Replace | [Tenant Name] or [Tenant A] |
| Property street address | ⚠ Replace | [Property Address] or suburb only |
| Tenant contact details | ⚠ Replace | [Phone] / [Email] |
| Financial account numbers | ⚠ Replace | [Account Number] |
| Owner personal details | ⚠ Replace | [Owner Name] |
| NZ/AU IRD or tax numbers | ⚠ Replace | [Tax Number] |
Never Share
❌ Full tenancy application documents — contain identity documents, financial history, references
❌ Full lease agreements with all parties named — summarise or extract specific clauses with names removed
❌ Bank statements or financial records — even for arrears analysis; use anonymised figures only
❌ Maintenance records with tenant vulnerability information — medical, family, or personal circumstances
Pre-Send Review Checklist
| Check | Done? |
|---|---|
| 🔍 Scanned for full names (tenant, owner, guarantor) | [ ] |
| 🔍 Removed or replaced street addresses | [ ] |
| 🔍 Removed phone numbers and email addresses | [ ] |
| 🔍 Removed account numbers and financial identifiers | [ ] |
| 🔍 Verified LLM privacy settings are set to “do not train” | [ ] |
| 🔍 Not uploading a full document when only a clause is needed | [ ] |
Privacy Settings by Tool
| Tool | Where to find it | Setting to enable |
|---|---|---|
| Claude | Settings → Privacy | Turn off “Improve Claude for everyone” |
| ChatGPT | Settings → Data Controls | Turn off “Improve the model for everyone” |
| Microsoft Copilot | Privacy settings in M365 admin | Configure tenant-level data boundaries |
Best practice: Create a firm-wide rule that all AI use happens with these settings verified. Add a line to your AI Usage Policy making this a requirement.
