AI Bootcamp - Tool
DOPE CEOs · AI Bootcamp
Back to Resources
Resource 04 · Privacy, Memory & Security · Set up now, reference forever

Lock down your privacy, memory & client data.

Two settings most operators never touch — plus the security layer that matters the moment you put client data in front of AI. Do Part 1 this week. Read Parts 2–3 before you deploy AI for any client.

Part 1 · Turn off the training feed (60 seconds)
  • Open Claude → Settings → Privacy

    Find "Help improve Claude."

  • Toggle it OFF

    When ON, your conversations can be used to train future models — your client data, sales numbers, strategy docs go into the soup. When OFF, they stay private.

  • Do the same in ChatGPT

    Settings → Data Controls → "Improve the model for everyone" → OFF.

Why it mattersYou're about to paste in client data, voice memos, contracts, financials. You do not want any of that becoming training data. This is your minimum bar.
Part 1b · Curate your memory (5 minutes)

Claude remembers things about you across chats. It shapes every output. If memory has wrong or stale info, every chat is subtly wrong.

Keep in memory

Your business, role, voice rules · standing preferences (tone, formatting, banned words) · recurring clients + offers · anything you'd otherwise re-explain every chat.

Delete from memory

Old clients you no longer work with · closed projects · wrong assumptions Claude inferred · anything that'd be a privacy risk on a screen-share.

  • Open Settings → Memory

    Read every line. Do this once a month, forever.

  • Delete what's stale, edit what's wrong

    Your AI's memory is your AI's brain. Don't let it run on outdated assumptions about your business.

Part 2 · The client-data layer

Disclaimer

I am not a lawyer. This is operator-level awareness, not legal advice. For your actual contracts, your jurisdiction, and your client situation — hire a real attorney. This is the landscape so you can have informed conversations.

What you're handlingThe move
Your own business dataUse AI freely (training toggle off, of course).
Client's general strategy + voiceGet consent in your scope of work. One line covers it.
Client's customer / employee / financial recordsAnonymize first. Replace names with [CLIENT A]. Strip identifying numbers.
HIPAA / FERPA / regulated dataDo NOT paste. Get specialized legal advice first.
Part 3 · AI email & cold outreach — the laws
LawWho it coversThe standard
CAN-SPAM (US)Anyone emailing US recipientsOpt-OUT. Legal IF: accurate sender, honest subject, physical address, working unsubscribe. Up to ~$51,744 per bad email.
GDPR (EU)Anyone emailing EU recipientsStricter. Documented source, easy opt-out, no scraped lists. Up to 4% of global revenue.
CASL (Canada)Anyone emailing Canadian recipientsStrictest. Requires consent BEFORE sending. Opt-out alone isn't enough.
The AI-specific riskAI lets you send 5,000 emails a day — each non-compliant one is a separate violation. And fabricated familiarity ("loved your recent post on X") can count as deceptive if it's not true. Use AI to write clean outreach to people who'd want to hear from you. Don't fake intimacy at scale.
Part 4 · The 5 contract areas (ask your lawyer about these)
1

AI Use Disclosure

You disclose that you use AI tools in delivering the work. Protects you from "I didn't know you used AI."

2

Client Data / Training Restriction

Client data won't be used to train AI models. The #1 thing clients will start asking about.

3

Confidentiality / NDA Update

Your NDA explicitly addresses AI tools as third-party processors. Old NDAs only contemplate human disclosure.

4

Output Ownership

Who owns work product when AI was involved. Purely AI-generated content currently can't be copyrighted in the US.

5

Indemnification / Liability Limit

If AI hallucinates something wrong and the client relies on it — who's liable? Limit your exposure.

The 4-step do-this-now checklist
  • 1. Privacy toggle OFF

    1-minute fix. (Part 1 above.)

  • 2. Curate your memory

    Delete stale, fix wrong. (Part 1b.)

  • 3. Anonymize client data + AI email compliance

    No raw client records. Real sender info, working opt-out, no fabricated rapport.

  • 4. Contracts updated by a real lawyer

    Schedule this for this quarter.

AI security isn't about being scared. It's about being smart. Your clients will start asking — have the answer ready.