Grok (xAI)

Plain-English risk rating: 5 of 5 (Consumer Grok) / 3 of 5 (Grok API)

Consumer Grok is the highest-risk consumer AI product in this database — a 5 of 5.

The reason is structural, not behavioural. Every other consumer AI in this database (ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity) trains by default on the conversations you have with it. Grok does that plus trains on every public post you have ever made on X, including posts that pre-date your awareness Grok exists, including posts from before xAI existed. The training data ingestion surface is the entire X platform, not just your interactions with the AI. There is no consumer AI product in this database with comparable data scope.

Grok API sits at 3 of 5. Enterprise tiers exist but are less commonly contracted than competitors, and the parent platform's default-aggressive training behaviour means SMB owners using Grok API should verify their contractual exclusions explicitly rather than assume them.

Recommended for

  • Sole proprietor: Honestly, no. Use ChatGPT, Claude, or Gemini consumer with training opt-out. Grok's value proposition is real-time X integration, which most SMB owner-operators don't need
  • Small team (2-10 people): No. There is no Grok offering that competes with Claude Team or ChatGPT Business on the privacy axis at typical SMB price points
  • Regulated industry: Strongly no. The breadth of default data ingestion is incompatible with regulated-data handling. We are not aware of a Grok deployment pattern that produces HIPAA, PCI, or comparable compliance
  • The honest answer for most 1-10 employee businesses: Skip Grok for business use entirely. If your team uses X personally, ensure they understand that their personal X posts have been training Grok by default since 2024 — opt them out and treat their X presence as a permanent public-data exposure they cannot fully retract

What makes Grok structurally different

The other AI vendors in this database have a "conversation in, training out" data flow: you talk to ChatGPT, ChatGPT may train on the conversation. Grok has that flow plus a parallel "everything you've ever posted publicly on X, training in" flow.

The xAI privacy policy and X's data-sharing terms (effective November 15, 2024 and subsequently updated) confirm Grok is trained on:

  • Your public X posts (including historical posts predating Grok)
  • Your engagements (likes, reposts)
  • Your conversations on X Spaces
  • Your profile information (bio, display name)
  • Your interactions with Grok itself
  • Grok's outputs and your feedback
  • Your conversation history with Grok

The opt-out controls:

  • Training opt-out is desktop-only (not available in the X mobile app — must be set on the desktop website)
  • Some users report the opt-out toggle is grayed out unless they set an account date of birth (regulatory artefact, related to the UK Age Appropriate Design Code)
  • Opt-out applies to future use only; data already used in training cannot be retracted
  • Making your X account private (Settings → Privacy and safety → Audience → Protect your posts → ON) excludes you from Grok training and remix tools per X's 2026 policy. This is functionally the strongest available protection but it also means your account stops being public

For SMB use, this matters because: any employee who has used their personal X account to discuss work topics (industry observations, frustrations with vendors, professional opinions) has been feeding Grok training data through that account, separate from any direct Grok usage.

Data retention default

  • Grok conversations: Retained per xAI privacy policy; conversation history available to the user
  • Private Chat mode: Sessions deleted within approximately 30 days
  • X posts ingested for training: Effectively permanent — once incorporated into a training run, data cannot be removed retroactively
  • Grok API: Per xAI commercial terms; verify per-contract

Training opt-out

TRAINING IS ON BY DEFAULT across all consumer surfaces.

To opt out (desktop only):

  1. Open X in a desktop browser
  2. Settings and privacy → Privacy and safety
  3. Click "Grok & Third-party Collaborators"
  4. Uncheck "Allow your posts as well as your interactions, inputs and results with Grok and xAI to be used for training and fine-tuning"

Important: this opt-out controls future training only. Posts and conversations already ingested into existing model training runs cannot be removed.

For EU users: GDPR Article 21 provides a right to object to processing for AI training. Send a written objection to privacy@x.ai stating you object to your personal data being processed for the purpose of training Grok under Article 21. xAI must acknowledge and either comply or provide compelling legitimate grounds. xAI does not appear to train on EU user data by default per the published privacy policy, but the GDPR objection mechanism is a backstop.

For sensitive conversations specifically: Use Grok's Private Chat mode (sessions delete within ~30 days, not used for training).

Zero Data Retention availability

  • Not offered in the same form as ChatGPT/Claude/Perplexity API ZDR
  • Grok API contractual terms vary by customer; SMB owners should verify training exclusions and retention windows directly with xAI sales rather than assuming them

Plan tiers and pricing (as of early 2026)

TierPrice (USD)Training on your data?Suitable for
Grok (free, on X)Included with X FreeYes, unless opted out — and trains on all public X postsNot recommended for business use
X Premium$8-16/monthYes, unless opted outPersonal X use; not appropriate for client work
X Premium+$40/monthYes, unless opted outSame caveats
SuperGrok~$30-300/month tier rangeYes, unless opted outPersonal heavy use
Grok APIPay-per-tokenPer contract; verifyDevelopers building applications, with caveats

Pricing for higher Grok tiers has changed multiple times during 2025-2026. Verify current pricing at grok.com / x.ai before subscribing.

Jurisdiction

  • Primary processor: X Corp. and xAI Corp., both US-based (Texas-headquartered)
  • Cloud infrastructure: xAI operates its own data centres (the "Colossus" supercomputer cluster in Memphis, Tennessee, expanded through 2024-2026)
  • Data processed in the United States; EU residency not offered for consumer Grok
  • EU users protected by GDPR Article 21 right to object (see opt-out section); xAI does not appear to train on EU user data by default per privacy policy

Breach history (public incidents)

November 15, 2024 — X Terms of Service change activating training-by-default

Not a breach in the security sense, but a material policy change worth treating in the breach-history section because the scope of unauthorised-from-user-perspective data ingestion is comparable. X's November 15, 2024 Terms of Service update added a clause that gave X permission to use user data for AI training, including training xAI's Grok. The setting was switched on by default for existing users without opt-in notice. Multiple privacy advocates and security professionals publicly criticised the change — including Vanta CISO Jadee Hanson, who called training on customer data without notification "a major concern" — but the default has remained on.

Sources: SiliconRepublic; TechCrunch; Variety; Yahoo Tech (multiple, July-November 2024)

Ongoing — Grayed-out opt-out toggle for users without account date of birth

Multiple users have reported that the Grok training opt-out toggle in X settings is grayed out and unclickable unless the user has set a date of birth on their X account. The cause appears to be the UK's Age Appropriate Design Code, which requires privacy-protective settings to be the default for users under 18 — X's implementation apparently denies opt-out adjustment to any user whose age cannot be confirmed. The practical effect for SMB owners: if your X account does not have a date of birth set, you may not be able to opt out of Grok training without first providing that information.

Source: Roboin.io reporting (January 2026)

Note on Grok "Private Chat" branding: Grok's Private Chat mode does provide functional protection (sessions deleted ~30 days, not used for training) but the naming creates the same false-sense-of-privacy issue we saw with Perplexity's "Incognito" mode allegations. The protection is real for the specific chat, but does not extend to the user's broader X account activity, which remains in the training pool. SMB owners should not assume that using Private Chat once provides any protection for their other X activity.

Note on direct messages: Per xAI's documented policy, private direct messages on X are NOT used for Grok training (only public posts and explicit Grok interactions). However, given the platform's track record of policy changes implemented as default-on, this should be re-verified periodically rather than treated as a permanent guarantee.

Note on infrastructure breaches: No public confirmed breach of xAI's core model serving or training infrastructure has been reported as of May 2026. The risk picture is dominated by the policy-level data ingestion scope, not infrastructure failures.

What this means in plain English for SMB owners

Three honest takeaways:

  1. Grok is not a credible business AI choice for the privacy-conscious SMB owner-operator. The default-on data ingestion is structurally broader than any competitor in this database, the opt-out is desktop-only and may require providing a date of birth, and there is no enterprise tier that addresses the underlying platform-wide training problem.
  1. If you or your employees use X personally, opt out of Grok training today, even if you don't use Grok. Your public X posts have been training material since November 2024 by default. Opting out now stops future ingestion. Past posts already in training data cannot be retracted, but the marginal harm reduction from opting out today is real.
  1. For the specific use case Grok is good at — real-time analysis of X content, conversation context from current X discussions, news-adjacent queries — there is no privacy-compatible substitute. This is one of the cases where the honest recommendation is: if you need this capability, do not use Grok with sensitive prompts at all. Use Perplexity or ChatGPT with web search instead for news-adjacent research, accepting that they lack the deep X integration. The capability that makes Grok unique is the same capability that makes it incompatible with confidential business work.

Sources

  • xAI privacy policy and X data sharing terms (via Privacy Portal x.ai/privacy-portal, verified 2026-05-22)
  • Anonyome Knowledge Center: Grok privacy analysis (April 2026)
  • Roboin.io: How to opt out of Grok training 2026 edition (January 2026)
  • mePrism: X Grok AI training opt-out guide (2026)
  • Tom's Yahoo/TechCrunch: Grok training default reporting (2024-2025)
  • SiliconRepublic: Grok AI training on user data by default (July 2024)
  • Variety: Elon Musk's X activates Grok training default (2024)
  • TrustScan: How to opt out of Grok xAI data training 2026 guide (April 2026)
  • AgainstData: Opt Out of X Twitter AI guide (December 2025)

Related on AI Leakage