What actually happens to the code you paste into ChatGPT, Claude, or Gemini

The chat window feels ephemeral — type, get an answer, close the tab. But your paste has a life of its own after you hit Enter. Here's where it goes, in plain English.

The mental model most people have is wrong

It's easy to think of an AI chat like a calculator: input goes in, output comes back, nothing sticks. That's not how any major AI chat product works. When you paste a config file into ChatGPT, Claude, or Gemini, that text is:

  1. Transmitted to the provider's servers (encrypted in transit, but it leaves your machine),
  2. Processed by the model to generate a response, and
  3. Stored — in your chat history, in operational logs, and often in backups.

None of that is sinister. It's how cloud software works. The problem is only what's inside your paste — because API keys, database passwords, and customer data get exactly the same treatment as the rest of your debugging question.

The four things that can happen to your paste

1. It's retained — usually longer than you'd guess

Your conversation history is the obvious copy, but it's not the only one. Providers keep operational and safety logs, and even "deleted" conversations are typically only scheduled for deletion after a retention window rather than erased instantly. Some data may persist longer in backups, or indefinitely if the provider is under a legal preservation order. The exact windows vary by provider and plan and change over time — which is precisely why you shouldn't build your safety on remembering them.

2. It may be used for training

On consumer plans, several providers use conversations to improve their models, depending on your plan and settings — some as a default you must opt out of, others as a choice presented at signup. Business and enterprise tiers generally exclude customer data from training. If you've never looked at the data-control settings in the products you use, assume the default is not the private option, and go check.

3. A human might read it

Every major provider reserves the right to have staff or contractors review conversations — for abuse detection, safety enforcement, or quality evaluation. It's a small fraction of traffic, but it's not zero, and you don't get to pick which conversations are sampled. "Nobody will ever see this" is not a property these systems promise.

4. It inherits every risk of the account and platform

Your chat history is only as safe as your account. If your password or session token is stolen, the attacker gets every secret you've ever pasted, neatly organized and searchable. The same applies to provider-side incidents, subpoenas and legal discovery, and — as we covered in the Prompt Poaching post — malicious browser extensions reading the chat page itself.

The safe assumption: anything you paste into an AI chat is written to storage you don't control, for a duration you can't verify, visible to processes and people you can't enumerate. Paste accordingly.

"So should I stop using AI chats?"

No — that ship has sailed, and rightly so. AI assistants are genuinely useful for debugging, refactoring, and explaining unfamiliar code. The answer isn't abstinence; it's making sure the useful part of your paste goes through while the dangerous part doesn't.

Here's the thing about secrets in a debugging context: the model doesn't need them. Whether your header says Authorization: Bearer eyJhbGc... or Authorization: Bearer [JWT_0] makes zero difference to the quality of the answer. The secret is pure risk with no upside.

Practical steps, in order of effort

The bottom line

AI chat providers aren't villains — most publish detailed policies and offer real controls. But policies change, defaults favor the provider, and retention is opaque by nature. The only copy of your API key you fully control is the one that never leaves your machine. Everything else is trust.

Scrub every paste, automatically

Secret Sanitizer masks API keys, tokens, and credentials locally — before they ever reach ChatGPT, Claude, Gemini, or Grok. Free, open source, zero network calls.

Add to Chrome — Free

← All posts