Table of contents
- Public ChatGPT – what really happens to your data
- What is RAG architecture and how it works
- Comparison: public ChatGPT vs. dedicated LLM + RAG
- Data security – what to look out for
- How to evaluate if you need RAG yourself – step by step
- Step 1: Map AI use cases in the company
- Step 2: Examine data flow
- Step 3: Build a small POC (Proof of Concept)
- Step 4: Evaluate answer quality
- When public ChatGPT is enough
- Frequently asked questions
More and more companies use ChatGPT for daily tasks – writing emails, summarizing documents, generating reports. The problem starts when data that should never leave the organization hits this interface. This article – prepared by the vollelabs team – explains the difference between using public ChatGPT and deploying a private LLM model connected to an internal knowledge base via RAG (Retrieval-Augmented Generation) architecture.
We will also show you how to evaluate on your own whether your company needs a dedicated solution, and what tools can help with that.
Public ChatGPT – what really happens to your data
When an employee pastes a piece of a contract into ChatGPT, this data goes to OpenAI's servers. Tools like ChatGPT were not designed with corporate privacy in mind. Data – prompts, metadata, usage patterns – can be stored, analyzed, or shared with third parties.
This isn't a theory. Samsung experienced a severe data leak when employees shared confidential information three times in a single month through ChatGPT – including source code, internal meeting notes, and hardware data. As a result, Samsung banned the use of generative AI tools.
The scale of the problem is massive. According to telemetry data by LayerX (2025), 45% of users in companies actively use generative AI platforms. These tools account for 32% of unauthorized corporate data flow to the outside. Nearly 40% of transmitted files contain personally identifiable information (PII) or payment card details.
OWASP Top 10 for LLM Applications 2025 puts "Sensitive Information Disclosure" in second place among risks for LLM-based applications. This is a jump from the sixth place in the previous edition. LLM models embedded in applications risk disclosing sensitive data, algorithms, or confidential business details, leading to privacy breaches and intellectual property violations.
What is RAG architecture and how it works
Retrieval-Augmented Generation is an architectural pattern that combines a language model with an external knowledge source. RAG is a process where the system retrieves relevant documents (or parts of them) from a trusted source, and then generates an answer based on them. It can be compared to an "open-book" exam – the model reads before it writes. Unlike fine-tuning, RAG doesn't modify the model's parameters; it just updates the data.
In practice, it looks like this:
- A user asks a question (e.g., "What is the payment term for client X?").
- The system searches the company's knowledge base – contracts, invoices, terms of service – using a vector database (e.g., FAISS, Pinecone, Weaviate).
- The best matching snippets go to the LLM model as context.
- The model generates an answer based exclusively on those documents.
The data never leaves the company's infrastructure. The model doesn't "learn" on it, nor does it store it after the session.
Comparison: public ChatGPT vs. dedicated LLM + RAG
| Aspect | Public ChatGPT | Dedicated LLM + RAG |
|---|---|---|
| Where data goes | OpenAI servers | Company infrastructure |
| Knowledge of the company | Zero – model only knows training data | Full – system searches internal base |
| Control over answers | Limited (prompt engineering) | Full – sources, filters, permissions |
| GDPR/RODO compliance | Hard to prove | Easier – data stays within the organization |
| Deployment cost | Low (subscription) | Higher, but predictable at scale |
| Hallucinations | Frequent when asking about specialized knowledge | Significantly less – answers are grounded in documents |
The topic of hallucinations deserves clarification. RAG reduces hallucinations compared to "pure" LLM models, but it doesn't eliminate them entirely. A study published in PMC (2025) showed that an advanced RAG architecture (MEGA-RAG) reduced the hallucination rate by over 40% compared to baseline models in medical applications. However, the result depends on data quality in the knowledge base.
Data security – what to look out for
Deploying a private model doesn't automatically mean your data is safe. You need to consciously design several layers:
Data isolation. The LLM model and vector DB should run in a virtual private cloud (VPC) or an on-premise server. No query should leave to a public API unless you choose so.
Access control. Not every employee should have access to the same documents. The RAG system should inherit permissions from the corporate directory (e.g. Active Directory / SSO).
Input and output sanitization. LLM applications should perform appropriate data sanitization to prevent user data from leaking into the training model. In practice, this means filtering PII on input and output.
Audit and logs. GDPR principles apply to any personal data in RAG stores – they cover lawfulness, purpose limitation, and data minimization. Where processing involves high risk, a data protection impact assessment (DPIA) should be conducted.
It's also worth knowing the list of threats. OWASP Top 10 LLM for 2025 includes things like: prompt injection, sensitive information disclosure, data and model poisoning, vector and embedding weaknesses, misinformation, and unbounded resource consumption. [The list is available at: https://genai.owasp.org/llm-top-10/]
How to evaluate if you need RAG yourself – step by step
Before you call anyone, check a few things yourself:
Step 1: Map AI use cases in the company
Write down what employees actually use ChatGPT for. Common scenarios: answering client questions, summarizing documents, generating proposals, finding info in regulations. If sensitive data appears in these scenarios – it's a sign that a public model is not enough.
Step 2: Examine data flow
Use a tool like Nightfall AI (nightfall.ai) or Microsoft Purview to scan what data employees paste into AI tools. According to LayerX (2025) data, users pasting text to GenAI tools do it on average 6.8 times a day, out of which over half (3.8 times) is confidential corporate data. This activity bypasses traditional DLP systems, firewalls, and access controls.
Step 3: Build a small POC (Proof of Concept)
You don't have to deploy a production system right away. Open-source tools let you spin up a RAG prototype in a few hours:
- LangChain or LlamaIndex – frameworks for building RAG pipelines in Python.
- ChromaDB – lightweight vector database, ideal to start.
- Model: Llama 3 (Meta) or Mistral – they run locally, without sending data outside.
- Interface: Streamlit for rapid UI prototyping.
Drop a dozen documents (e.g. company FAQ) into the system and test answer quality. If the results are promising – you have an argument to move forward.
Step 4: Evaluate answer quality
To evaluate, use the RAGAS framework (https://github.com/explodinggradients/ragas). RAGAS is a popular framework for testing RAG applications. It measures metrics like answer faithfulness, context relevance, and hallucinations. Once issues are detected, you can improve the retrieval pipeline or change the model.
What you can do yourself ends roughly at the POC stage. A production deployment – with access control, integration into existing systems (ERP, CRM, SharePoint), monitoring, and scaling – requires an experienced team.
When public ChatGPT is enough
Not every company needs a private model. ChatGPT (especially the Enterprise version or API with disabled data training) will work well when:
- You only process public or non-sensitive data.
- You don't need answers based on an internal knowledge base.
- You're building a prototype or testing an idea.
- The scale of usage is small (a few employees, occasionally).
However, a dedicated LLM + RAG makes sense when:
- Client data, contracts, or financial data appear in prompts.
- You need company-specific answers (procedures, pricing, rulebooks).
- You operate in a regulated industry (finance, health, law).
- You must demonstrate compliance with GDPR or sector-specific regulations.
The RAG market, valued at $1.2B in 2024, is set to reach $11B by 2030, growing at a 49.1% CAGR (Grand View Research, 2024). It's not a fad – companies see concrete results. According to a Deloitte study from late 2024, 42% of organizations expect substantial gains in productivity, efficiency, and costs thanks to generative AI deployments.
Frequently asked questions
Is ChatGPT Enterprise secure enough for my company? ChatGPT Enterprise offers better terms than the free version – OpenAI declares zero training on corporate data and provides encryption at rest. However, data still goes to OpenAI's servers, which in the case of regulated industries (finance, health) might not meet GDPR or sector regulations. A dedicated model running on company infrastructure grants full control over data flow.
How much does deploying a custom RAG system cost? A simple POC based on open-source tools (LangChain + ChromaDB + Llama 3) can be spun up basically for free – aside from labor time. A production deployment with integration, access control, and monitoring is typically a project of 4–12 weeks, depending on the complexity of the knowledge base and security requirements. Maintenance costs depend on whether the model runs in the cloud (e.g. AWS, Azure) or on-premise.
How quickly can I test if RAG works for my company? A working prototype can run in 1–2 days. You need: Python, LangChain or LlamaIndex framework, ChromaDB vector base, and the Llama 3 or Mistral model. Load a dozen documents and ask test questions. If the answers are accurate and based on sources – you have a solid foundation for next steps.
