Your company uses Notion as its internal wiki. HR documents, strategy decks, salary data, product roadmaps — all in Notion. Turn on Notion AI and that content goes through third-party AI models. Your trade secrets, processed by an AI you don't own, under a privacy policy that allows "improvement" of the service. The internal wiki became an external AI training set. An IT admin clicks one toggle. Every document in your company's Notion workspace — HR notes, salary data, product roadmaps, legal discussions — is now processed by third-party AI. Individual employees aren't asked. The toggle doesn't list which documents will be fed to AI. One click, entire company exposed.
What they claim: Notion describes AI features as optional productivity tools
What we found: Notion AI processes workspace content — including documents, databases, meeting notes, and internal communications — through third-party AI providers. Enterprise customers storing sensitive business data in Notion discovered their content was being processed by external AI models. Notion's privacy policy allows using customer data to "improve" AI features. Companies using Notion as their internal wiki are feeding business secrets into an AI training pipeline they don't control.
What they claim: Notion promotes AI as an optional productivity feature
What we found: Notion AI is enabled at the workspace level — meaning an admin can turn it on for an entire organisation. Individual employees may not know their documents are being processed by external AI models. Meeting notes, HR discussions, salary negotiations, product strategies — all potentially processed by third-party AI providers because an IT admin clicked a toggle.