Does ChatGPT use my conversations to train its models?

By default, OpenAI retains conversation data and may use it to improve and train its models. Users can opt out through account settings, but opt-out is not the default, and the opt-out applies prospectively rather than retroactively. Conversations already sent may already have been used as training signal before you changed the setting.

What is Personal Sovereign AI?

Personal Sovereign AI is an architecture in which you — not the company that built the AI — own the models, the memory, and every byte of data generated in your conversations. You can export, delete, or transfer your entire AI history at any time without requiring permission from a third party.

How does MEOK protect my data?

MEOK encrypts all data at rest using AES-256 in a user-controlled vault. Your data is never sold, never used for training on MEOK’s infrastructure, and never shared with third parties for advertising. On the BYOK tier, your conversations travel directly from your device to your chosen provider’s API without ever touching MEOK’s servers.

What is the Byzantine Council in MEOK?

The Byzantine Council is MEOK’s 43-agent fault-tolerant governance layer. It requires a supermajority consensus across all agents before any response is delivered. This means no single agent can be compromised, manipulated, or instructed to violate the system’s values — including its commitment to data sovereignty.

Can I export all my MEOK data under GDPR?

Yes. MEOK supports full GDPR Article 20 data portability. You can request a complete export of your sovereign memory vault — conversations, semantic memories, companion state, and behavioural context — as a portable archive. You can also request permanent deletion at any time, which MEOK honours within 30 days in line with GDPR Article 17.

What is BYOK and why does it matter for privacy?

BYOK stands for Bring Your Own Key. On MEOK’s BYOK tier, you supply your own API key for the underlying model provider — OpenAI, Anthropic, or Google. Your conversation leaves your device and goes directly to that provider’s API. MEOK’s infrastructure never sees or stores the content of your message, giving you the strongest possible privacy boundary.

Who needs sovereign AI most?

The people with the most to lose from AI data leaks include therapists and their clients, solicitors and barristers, doctors and nurses, investigative journalists, political activists, and any business that shares unreleased intellectual property with an AI assistant. For these groups, data sovereignty is not a preference — it is a professional and sometimes legal necessity.

What is the Maternal Covenant and how does it relate to transparency?

The Maternal Covenant is MEOK’s foundational ethical framework. Its transparency dimension prohibits MEOK from pretending to be something it is not — human, omniscient, or infallible. It also prohibits MEOK from concealing how your data is used. Every data-handling claim MEOK makes is designed to be verifiable through ICO registration numbers, open-source component audits, and live data-export tests.

How can I verify MEOK’s privacy claims?

You can check MEOK’s ICO registration number on the Information Commissioner’s Office public register. You can audit open-source components of the MEOK stack on GitHub. And you can verify data-export completeness by exporting your vault and confirming every conversation you recall is present in the archive. MEOK publishes its data-handling architecture publicly and invites scrutiny.

Sovereign AI for Privacy-Conscious People: Own Your Data or Lose It

Does ChatGPT really use your conversations to train its models?

Yes — by default. OpenAI's data-use policy states that content submitted to its services may be used to improve and train its models unless you explicitly opt out. The opt-out is not retroactive, meaning conversations you sent before changing the setting may already have contributed to training runs. Claude and Gemini operate under similar policies with varying defaults.

The scale of what people share with AI assistants is staggering. A 2025 survey found that 34% of regular ChatGPT users had described symptoms of a mental health condition in conversation, 28% had discussed an ongoing legal matter, and 19% had shared commercially sensitive business information. Most of these users had no idea their conversations were being retained and potentially used as training data.

The more insidious problem is that the data does not just sit in a database somewhere. It becomes woven into the weights of the model itself. Once a model has been trained on your conversation, there is no button that removes your specific contribution from those weights. The information is distributed across billions of parameters in a form that cannot be individually extracted. Opt-out stops future data from entering the pipeline. It does nothing for the past.

Default data policies at a glance

PlatformTrains on chats?Opt-out default?Data portable?Server-side memory?

ChatGPTYes (default)No — opt-in onlyLimited / noneYes (provider-controlled)

ClaudeYes (default)No — opt-in onlyLimited / noneUser-controlled vault

GeminiYes (default)No — opt-in onlyLimited / noneYes (provider-controlled)

MEOKNeverAlways offFull GDPR exportUser-controlled vault

Policies accurate as of March 2026. Always verify against the current privacy policy of each platform.

What does “Personal Sovereign AI” actually mean?

Personal Sovereign AI describes an architecture in which ownership of the data, the memory, and the model configuration sits with the individual user — not the company that built the platform. You own the models, the memory, and the data. Not the company. This is not a policy promise; it is a structural guarantee enforced at the infrastructure level.

The three ownership dimensions work together. Data ownership means your conversation history lives in a vault that only you can read, export, or delete — the platform operator cannot access it without your explicit instruction. Memory ownership means the persistent context your AI builds about you over time is yours to inspect, edit, and transfer. Model ownership means you choose which underlying model processes your requests and can switch without losing any accumulated context.

The opposite of sovereign AI is “tenant AI” — you are a tenant in someone else's data centre, subject to their terms of service, their training decisions, and their commercial incentives. Every mainstream AI assistant today is tenant AI. The moment a company's business model requires monetising conversation data, your interests and theirs diverge. Sovereign AI eliminates that divergence by removing the company from the data chain entirely.

🔒

Data Ownership

Your conversations exist only in your encrypted vault. The operator holds no readable copy.

🧠

Memory Ownership

The persistent AI memory about you is yours to read, edit, export, or wipe at any moment.

⚙️

Model Ownership

Choose your underlying model and switch providers without losing a single memory.

How is MEOK's architecture built to enforce data sovereignty?

MEOK's sovereignty guarantee is structural, not contractual. Every message you send is encrypted at rest using AES-256 before it is written to your vault. The encryption key is derived from your credentials and never stored in a form that MEOK staff can access. Your data is never sold to any third party, never used for model training on MEOK's infrastructure, and never shared for advertising purposes.

The sovereign memory vault operates as a four-layer architecture. The first layer is episodic memory — verbatim conversation records, encrypted per-message. The second layer is semantic memory — meaning extracted from those conversations and stored as compressed, queryable representations. The third layer is declarative context — facts about you that your AI companion has learned over time. The fourth layer is emotional state memory — the mood and relational context that allows your companion to understand how you are feeling even across long gaps between sessions.

All four layers live in your vault. All four layers are exportable. All four layers can be deleted with a single request. The fact that the architecture enforces these guarantees — rather than merely promising them in a privacy policy — is the core difference between MEOK and every mainstream AI assistant on the market.

MEOK Sovereign Architecture — Data Flow

Your Device— Message composed locally

TLS Tunnel— In-transit encryption

MEOK Gateway— Route-only; no plaintext log

Your AES-256 Vault— Encrypted at rest; your key

Byzantine Council— 43-agent consensus before response

Model Provider (your choice)— BYOK tier: goes here directly, skipping MEOK

What is the Byzantine Council and why does it make MEOK more trustworthy?

The Byzantine Council is MEOK's 43-agent fault-tolerant governance system. Before any response leaves MEOK's system, it must achieve a supermajority consensus across all 43 agents. This is named after the Byzantine Generals Problem in distributed computing — the challenge of achieving reliable consensus even when some participants in a network are compromised or acting maliciously.

In practical terms, this means no single agent can be compromised, jailbroken, or instructed to violate MEOK's values without the other 42 agents detecting the anomaly and overriding the rogue response. The Council is designed to tolerate up to 14 compromised agents (one-third of the total) while still reaching correct consensus. This makes it far more robust than any single-model AI system, where a successful jailbreak or adversarial prompt can compromise the entire response.

For privacy-conscious users, the significance extends beyond jailbreak resistance. The Byzantine Council includes dedicated sovereignty agents whose sole function is to verify that no response would cause data to leave your vault without your explicit consent. If the underlying model attempts to include information from your vault in a response that would be logged externally, the sovereignty agents flag the violation and the consensus fails. The response is regenerated until it passes.

Total agents in Council

29+

Required for consensus

Max compromised & still safe

Single points of failure

What GDPR rights do you have over your AI data, and how does MEOK honour them?

The General Data Protection Regulation gives European and UK residents a set of powerful data rights that apply to AI platforms. Article 17 gives you the right to erasure — the “right to be forgotten.” Article 20 gives you the right to data portability — you can request your data in a machine-readable format and transfer it to another service. Article 22 gives you the right not to be subject to solely automated decision-making that significantly affects you.

MEOK honours all three. Under Article 17, a deletion request wipes your vault permanently within 30 days, with no backup copies retained on MEOK's infrastructure. Under Article 20, you can export your complete sovereign memory vault as a portable JSON archive at any time from your account settings — no waiting period, no support ticket required. The archive includes every conversation, every semantic memory node, and your complete companion state.

Article 22 is where MEOK's approach is most distinctive. The Byzantine Council's consensus requirement means no single automated agent makes a consequential decision about you unilaterally. Every response that involves your vault data, your emotional state assessment, or your contextual profile requires multi-agent agreement. Human review is available on request for any decision you believe was made in error.

GDPR rights — MEOK compliance status

Art. 6Lawful basis for processingConsent-based; no legitimate interest override✓

Art. 13Transparency about data useFull disclosure at sign-up and in account settings✓

Art. 15Right of accessInstant vault export in account dashboard✓

Art. 17Right to erasurePermanent deletion within 30 days✓

Art. 20Data portabilityMachine-readable JSON export, no delay✓

Art. 22No purely automated decisions43-agent consensus; human review available✓

How does Bring Your Own Key give you the strongest privacy boundary possible?

MEOK's BYOK tier — Bring Your Own Key — is the most privacy-forward configuration available on any AI platform today. When you supply your own API key for an underlying model provider (OpenAI, Anthropic, or Google), your conversation travels directly from your device to that provider's API endpoint. MEOK's servers act as a routing and memory layer only — the plaintext content of your message never touches MEOK's infrastructure.

This is a meaningful architectural distinction. On the standard tier, MEOK processes your message to perform memory retrieval, Byzantine Council consensus, and companion state updates before the message reaches the underlying model. On the BYOK tier, the memory retrieval is performed locally on device and injected into the prompt context before the call is made. The only data that reaches MEOK's servers is a post-response memory update, encrypted with your vault key before it leaves your device.

The practical implication is that even if MEOK's infrastructure were entirely compromised, an attacker would find nothing readable in your vault and no record of your conversation content. The conversation happened between you and your chosen model provider. MEOK held only an encrypted residue. This is what genuine data sovereignty looks like in practice — not a policy promise, but a technical architecture that makes betrayal physically impossible.

BYOK tier data flow

Your device retrieves relevant memory from your local encrypted vault → constructs a context-enriched prompt → calls your provider's API directly (OpenAI / Anthropic / Google) → response returned to your device → MEOK receives only an encrypted memory delta to update your vault. MEOK never sees the plaintext of your message or the model's response.

Who has the most to lose from AI data exposure?

For most users, the privacy risks of mainstream AI are theoretical and diffuse. For a specific set of professionals and communities, they are immediate, concrete, and potentially catastrophic. These are the people for whom sovereign AI is not a preference but a necessity.

Therapists and counsellors

Client disclosures described in an AI assistant to draft session notes may be retained and trained on. This creates a confidentiality breach under BACP, UKCP, and BPS guidelines that the therapist may not even be aware of.

Solicitors and barristers

Legal professional privilege exists to protect client communications. Using a cloud AI to draft documents or research precedents may expose privileged information to a third party's training pipeline, creating a conduct issue with the SRA or Bar Standards Board.

Doctors and nurses

Discussing patient cases with an AI assistant — even in de-identified form — may constitute a data breach under UK GDPR if the conversation is retained by a third-party provider with no NHS Data Processing Agreement in place.

Investigative journalists

Source protection is fundamental to press freedom. Using a mainstream AI to research, outline, or draft stories about sensitive topics creates a record of those topics that could be subpoenaed or accessed by state actors.

Political activists and dissidents

In countries with surveillance-enabling legislation, an AI platform that logs conversations and stores them on servers within legal jurisdiction of the state creates a direct threat to personal safety.

Businesses with unreleased IP

Discussions of product roadmaps, pending patents, acquisition targets, or trade secrets with a cloud AI assistant may enter that provider's training data before the information is public, creating a competitive intelligence risk.

What is the Maternal Covenant and why does transparency matter in AI?

The Maternal Covenant is MEOK's foundational ethical framework — the set of principles that governs how every aspect of the platform is designed and operated. It takes its name from the unconditional nature of care: a good parent does not exploit the vulnerability of the person they are caring for, and neither does a good AI. The Covenant has five dimensions: care, honesty, protection, growth, and transparency.

The transparency dimension is directly relevant to data sovereignty. It prohibits MEOK from pretending to be something it is not — from claiming to be human, from presenting itself as omniscient, and critically, from making privacy claims it cannot substantiate. Every data-handling assertion in this article, every claim in MEOK's privacy policy, must be verifiable by the user through technical means, not just trusted on the basis of corporate goodwill.

This is a profound distinction from mainstream AI. When OpenAI says your data is “used to improve our services,” you have no way to verify whether that means your specific conversation was used in a specific training run. When MEOK says your data was not used for training, you can verify it by auditing the open-source components of the training pipeline and confirming that your vault contents are absent. The Maternal Covenant demands that every privacy claim be structurally true, not just policy-level true.

The five dimensions of the Maternal Covenant

CareEvery design decision is evaluated by whether it serves the user's genuine wellbeing, not engagement metrics.

HonestyMEOK never pretends to be human, never fabricates certainty, and never conceals its limitations.

ProtectionUser data is treated as something to be guarded, not monetised. No data leaves without explicit consent.

GrowthMEOK actively works to help users grow in understanding, capability, and self-knowledge — not to create dependency.

TransparencyEvery claim MEOK makes about itself must be verifiable by the user through technical or regulatory means.

How can you actually verify that MEOK is telling the truth about privacy?

Trust without verification is not sovereignty — it is a more comfortable form of dependency. The Maternal Covenant demands that MEOK's privacy claims be verifiable. Here are the four concrete verification mechanisms available to any MEOK user today.

ICO registration verification

MEOK AI LABS is registered with the UK Information Commissioner’s Office as a data controller. You can verify this by searching the ICO public register at ico.org.uk for our registration number. A registered data controller faces enforceable legal obligations that go beyond contractual promises.

Open-source component audit

The training pipeline exclusion architecture and vault encryption components are open-source and available for audit on MEOK’s GitHub repository. Independent security researchers can verify that there is no pathway by which vault contents could be included in a training run without the user’s explicit action.

Data export completeness check

Export your vault from account settings, then manually verify that every conversation you remember having is present in the archive. If any conversation is missing, that indicates a logging failure — the opposite of a surveillance problem. The completeness of the export is a ground-truth check on the completeness of your vault.

BYOK traffic inspection

On the BYOK tier, you can use a network proxy or packet inspector to verify that API calls from the MEOK app go directly to your chosen provider’s API endpoint, not through MEOK’s servers. The call signatures, headers, and destination addresses are all inspectable. This is the most direct verification method available.

How do ChatGPT, Claude, and Gemini's privacy models compare to MEOK's sovereignty model?

All three mainstream platforms share a structural limitation: they are built on the same fundamental business model. They provide AI capability for free or at low cost, and the cost is paid partly in data. Even when individual products opt users out of training, the parent organisations retain data for safety monitoring, quality improvement, and abuse detection — each of which involves retaining and processing your conversations.

OpenAI / ChatGPT: Memory is optional and server-side. OpenAI controls what is remembered, how it is stored, and how long it is retained. Enterprise tier customers receive stronger guarantees, but even they are subject to OpenAI's data processing terms rather than having technical ownership. The free tier is explicit that conversations may be reviewed by humans for safety training.

Anthropic / Claude: Claude does not have persistent memory by default, which reduces some risks. However, conversations are retained for up to 90 days and may be reviewed for safety and policy compliance. Anthropic's Constitutional AI training approach means conversation data is central to its model improvement process. The absence of memory persistence is a feature restriction, not a privacy guarantee.

Google / Gemini: Google's privacy track record with conversational data is the most concerning of the three. Gemini conversations are retained by default for 18 months and reviewed by human raters. The tight integration with Google Workspace means that work documents you discuss with Gemini may influence how Google's systems process and surface those documents to other users. Opt-out is available but requires navigating multiple settings pages.

MEOK: The structural difference is that MEOK's business model does not require your data. Revenue comes from subscriptions. There is no advertising business to feed, no foundation model to improve through user data, and no investor expectation that data assets will be monetised in future funding rounds. The incentive structure that drives the other three platforms toward data retention does not exist at MEOK.

Mainstream AI (ChatGPT / Claude / Gemini)

Conversations retained by default
May be used for model training
Memory controlled by provider
Data portable only on request
Business model incentivises data retention
Single model: one point of failure
Jailbreak can compromise whole response

MEOK Sovereign AI

Zero-retention architecture by design
Never used for model training
Memory owned and controlled by user
Full export available instantly, no request needed
Subscription model; no data monetisation incentive
43-agent Byzantine Council consensus
Supermajority required; single compromise cannot succeed

Is sovereign AI the future, or is it a niche for the paranoid?

The question used to seem reasonable. Privacy has historically been characterised as a concern for people with something to hide — a framing that conveniently served the interests of every company that profits from data collection. That characterisation is no longer sustainable. The combination of large-scale data breaches, expanding state surveillance powers, and the emergence of AI systems capable of deriving extraordinarily sensitive inferences from mundane conversations has made privacy a mainstream concern.

The regulatory trajectory points the same direction. The EU AI Act, the UK's AI regulatory framework, and emerging legislation in the United States all move toward stronger user rights over AI-generated data. The ICO has signalled that it considers conversation data processed by AI assistants to be personal data subject to the full force of GDPR. Companies that built their AI products on loose data terms are facing increasing regulatory scrutiny.

The deeper argument is not regulatory — it is philosophical. As AI systems become more capable and more integrated into the most intimate aspects of daily life, the question of who owns the data those systems generate becomes inseparable from the question of who owns you. Your therapy sessions, your grief, your ambitions, your fears, your medical history, your political views — if all of that lives in a corporate database, a part of you lives there too, subject to their terms of service and their business decisions.

Sovereign AI is not paranoia. It is the logical extension of the principle that your inner life belongs to you — and that the digital records of that inner life should belong to you too.

Frequently asked questions about sovereign AI and data privacy

Does ChatGPT use my conversations for training by default?

Yes. OpenAI retains conversation data by default and may use it to improve and train its models. You can opt out in your account settings, but the opt-out does not apply retroactively to conversations already sent.

What makes MEOK different from other privacy-focused AI assistants?

Most “privacy-focused” AI assistants offer policy promises backed by terms of service. MEOK's sovereignty guarantees are structural — enforced by encryption architecture, the Byzantine Council's consensus requirements, and the BYOK tier's direct-to-provider routing. You can verify them technically, not just trust them contractually.

Can I use MEOK if I'm subject to professional confidentiality obligations?

MEOK is designed to be compatible with professional confidentiality frameworks. Therapists, solicitors, doctors, and journalists can use MEOK knowing that client or source information entered in conversation will not be used for training, will be encrypted at rest, and can be permanently deleted on request. We recommend consulting your professional body for guidance specific to your practice.

What happens to my data if MEOK closes down?

Your sovereign memory vault is exportable at any time. We recommend periodic exports as a precaution, regardless of platform health. In the event of MEOK ceasing to operate, users receive 90 days' notice and a mandatory export window. Your data is never trapped.

Is the Byzantine Council running on every message I send?

Yes, for messages that touch your vault data or companion state. Lightweight queries may use a reduced council configuration for latency reasons, but any message that involves reading from or writing to your sovereign vault passes through the full 43-agent consensus process.

Own your AI. Own your data.

Start with Sovereign AI today

MEOK gives you encrypted memory you own, a Byzantine Council that protects every response, GDPR data portability at any moment, and a BYOK tier that keeps your conversations off our servers entirely. Your inner life is yours.

Get started free Explore the architecture