Cookies on the Defra digital service manual

We use some essential cookies to make this service work.

We'd also like to use analytics cookies so we can understand how you use the service and make improvements.

View cookies
Skip to main content
Department for Environment, Food and Rural Affairs: AI digital toolkit
Deliver with AI

Using data with AI

What data you can put into an AI tool depends on its classification and the type of tool.

How to read this table

This table shows the default position for each combination of data and tool type. It is a starting point, not a substitute for judgement.

  • A Yes means allowed, sometimes only when a condition is met. Read the condition.
  • A No means do not do it.
  • Some cells carry a condition, like privacy settings or a Data Protection Impact Assessment (DPIA). The conditions are explained below the table.
  • If your situation does not fit a row, or you are unsure, stop and check before you proceed.

What you can put where

What data you can put into different types of AI tool
Your data Public consumer tool Enterprise tool in Defra tenant Defra-hosted
Public or open Yes Yes Yes
OFFICIAL Yes, with privacy settings on Yes Yes
OFFICIAL-SENSITIVE No Yes No
Personal data No DPIA required before use No
SECRET (SEC2 or SEC3) No No No

What the conditions mean

  • With privacy settings on. Model training and chat history are turned off. See Choosing a tool.
  • DPIA required. The assessment must be completed and signed off before any processing begins.
  • The defaults can move. A specific data set or use case may need more or fewer controls.

For personal data, the DPIA route is for a service you are building to process it, not a way to paste it into an everyday tool. For everyday use, remove personal data first.

What the tool types mean

The type of tool decides what data you can use with it. Check which type you are using.

  • Public consumer tool. A tool anyone can use over the internet on a free or personal account, like the free tier of ChatGPT. Your data may leave the UK and train the model unless you turn that off.
  • Enterprise tool in the Defra tenant. A tool you use through your Defra account in Microsoft 365, like M365 Copilot. Defra's data boundary and security controls apply.
  • Defra-hosted. A model running on infrastructure Defra controls, like Azure OpenAI or Bedrock in a Defra tenancy. It is not self-serve for OFFICIAL-SENSITIVE or personal data, so talk to the AI Capability and Enablement team (AICE) first.

Which device you can use

Your device matters as much as the tool. The rules here assume a Defra-managed device, such as a Defra laptop or virtual desktop.

On a personal or business device that Defra does not manage, sometimes called bring your own device or BYOD:

  • you can use approved AI tooling with public or OFFICIAL information
  • you must never put OFFICIAL-SENSITIVE content or personal data into an AI tool

OFFICIAL-SENSITIVE content and personal data are only allowed on a Defra laptop or virtual desktop, through Microsoft 365 Copilot in the Defra environment.

If you are unsure what your device allows, stop and ask AICE.

If you do not know how your data is classified

Ask your project's information asset owner, or talk to AICE. If you do not know who your information asset owner is, your delivery manager or service owner can tell you. Do not proceed until you know.

What to do next

For data handling rules in detail, see Keeping data safe.

Ask AICE about data

Check a specific data set, or get advice when a row in the table does not fit your situation.