Back to Insights

Where Does Your Business Data Go, and Who Controls It?

You already hold records about real people: customers, clients, patients. Add an AI tool and those records go somewhere. These are the questions that decide whether they stay yours.

Business records drawn as a node-graph blueprint inside an owned boundary, with one yellow node and an unconnected service outside.

An incident report names a real person. It describes what happened to them on a venue floor at 2am, who was working, and how the team handled it.

Before we built anything for NightGuides, one question came before the clever part. Where does that record live, and who controls it?

You already hold records about real people

You hold data about real people. Customer details, client files, patient notes, the incident logs from a shift. Some of it you are legally responsible for. All of it, someone trusted you to keep.

Add an AI tool to your business and that data has to go somewhere. The tool reads it, processes it, and stores it, and every one of those steps runs on a computer that belongs to someone.

The quick version of an AI build parks all of it inside a shared tool you do not control. Fast to set up. But then your most sensitive records sit on infrastructure someone else runs, under terms someone else wrote, on servers that may use your data to train the next version of their model.

Most conversations about AI walk straight past this. They open with what the tool can do, how fast it is, how much it takes off your plate. They rarely stop on the question that comes first. Before any of that: where does your data end up, and whose rules govern it once it is there?

What it looks like when the data stays yours

NightGuides is an Amsterdam nightlife-safety organisation. Their teams document what happens on the floor: incidents, names, how each case was handled. The write-up used to take four days of copying group chats into a report by hand.

Now the team submits the shift's chat export and the event briefing through one short form, and a finished report lands as a formatted document within five minutes. Five venues run on that one system.

That is the part people ask about first, and it is real. It is also the smaller half of the design.

The whole pipeline runs on a private server provisioned for NightGuides. The AI processing runs through an API that does not train on their data. NightGuides owns the workflow, and they own every report it produces. Nothing about an incident, no name, no timeline, no detail of how a case was handled, leaves ground they control.

Here is why that ordering matters. The speed is reversible: a slow process can always be made faster later, by anyone, with any tool. Handing your most sensitive records to a tool you do not control is much harder to walk back. Once they sit on someone else's servers, under someone else's terms, you are negotiating for access to your own records.

A data-boundary diagram: the form and the self-hosted private server sit inside a NightGuides-controlled boundary; the Claude API processes outside it and is not trained on the data; a Google Doc and email are delivered out.
The records stay on infrastructure the client controls. The model processes, it does not learn.

Four questions to ask before you say yes

You do not need to understand the technology to protect yourself here. You need four answers.

If a tool or a builder cannot answer the first two plainly, that is your answer. If the third answer is yes, your client records are improving someone else's product. And the fourth question separates renting a system from owning one: the businesses that get this right can change tools, change builders, or change their mind, because the data and the workflow were theirs the whole time.

Before the clever part

Control like this gets designed in at the start. Retrofitting it later, after your records have already spent a year inside someone else's tool, is a much harder job, and sometimes not possible at all.

So when the next AI tool crosses your desk, let it be clever second. First make it answer for where your data goes. Your business already runs on trust: the people in your records gave you theirs. Keeping those records on ground you control is how it stays kept.

Your logic. Your servers. Your data.

If you have not mapped where your own systems and data actually live, the AI Opportunity Scan is a place to start. Five minutes, in the browser, no sales call.