🆕Data policies: Control file uploads and copy-paste to AI assistants
Learn how to use data policies to control which files users upload to ChatGPT, Claude, and Copilot and how to review those uploads in your records.
Introduction: Why control file uploads to AI assistants?
People increasingly use AI assistants such as ChatGPT, Claude, and Microsoft Copilot in their daily work. Every file they upload or every text they paste into a chat leaves your organization, and sensitive company data can end up in an external AI service unnoticed. The AI assistants destination type in data policies gives you control over these uploads. You can allow them, log them, notify users, or block them completely, either for the three AI assistants at once or for each individually.
What Safetica controls
With the AI assistants destination type, Safetica controls what users insert into an AI assistant, for example by attaching, pasting, or dragging into the chat. The protection covers these apps and their web versions:
- Claude Desktop
- ChatGPT
- Microsoft Copilot
With the AI applications destination type, you can restrict:
- 🪟 Windows devices:
- File uploads
- Text pasted or dragged into an AI assistant
- 🍏 macOS devices:
- File uploads
How to control what users send to AI assistants
Add the AI assistants destination type to a data policy and choose what happens when a user sends data to them (learn more about data policies here).
-
Go to Policies > Data tab.
-
Click Add policy or click an existing data policy.
-
Select the data classification the policy should protect, or keep All data.
-
Click Add destination type and select the AI assistants you want the policy to apply to. You can choose from Claude Desktop, ChatGPT, or Microsoft Copilot.

-
Select the policy action: Allow, Log, Notify, Block (with override), or Block.
-
To set a different action for individual AI assistants, enable Advanced control of individual destination types and choose an action for each assistant.

-
Click Save.
Safetica applies the selected policy action whenever a user tries to upload a file (and, on Windows, copy or drop text) to the covered AI assistant, in the desktop app or on its website.
How to review what users sent to AI assistants
Every transfer that matches a policy creates a record, so you can audit what users send to AI assistants.
In Data operations, click Add filter and select:
- Operation > Sent to AI assistant to filter files uploaded to AI assistants.
- 🪟 Windows devices: Operation > Pasted into data transfer app to filter texts pasted or dragged to AI assistants.
Each record shows who uploaded which file to which AI assistant and what action Safetica took. You can also export the records, for example for an audit.
FAQ
Q: Does Safetica control what users type into AI assistants?
A: No. Safetica controls files inserted into AI assistants and, on Windows, also text pasted or dragged into them. Text that users type directly into the chat is not affected.
Q: Does blocking uploads block the AI assistant itself?
A: No. Users can keep working with the AI assistant. The policy only controls the files (and on Windows also pasted text) that users try to insert into it.
Q: Can I control uploads to other AI tools, such as Gemini?
A: The AI assistants destination type covers the apps listed in this article. To control file uploads to other AI websites, use the Upload to web destination type.
