Share Smart FAQ Translations

FAQs: Changes to Personal Email, Personal Web-Based File Sharing, and AI Tools

General Questions

1. What is Share Smart?

Data is one of BW’s most valuable assets — and protecting it is everyone's responsibility. “Share Smart” is our commitment to ensuring that the information we create, use, and share every day stays in the right hands, travels through the right channels, and never ends up somewhere it shouldn’t.

Share Smart isn’t about distrust. It's about ownership. When we own our data — truly own it — we know where it lives, how it moves, and who can access it. That means making smart, intentional choices every time we share a file, send a message, or collaborate with a colleague.

The Share Smart program is an initiative underway at BW to ensure that confidential business data and personal data are shared in responsible, secure ways.

2. What is changing?

There are three main areas of focus for this phase of the Share Smart program — here’s a summary. Additional details for each of the three focus areas are covered throughout this FAQ document.

BW will monitor the use of personal email, like Gmail. With Share Smart, file uploads as attachments to personal emails will be blocked. For our European team members, BW will block access to personal email altogether.
BW will monitor all file transfers — uploads and downloads — to non-BW web-based file shares like Google Drive, Dropbox, and personal OneDrive. Personal file uploads will be prohibited. For our European team members, access to personal web-based file-sharing services such as Google Drive will be prohibited. We understand that there are valid business reasons to transfer files to a client’s or customer's Google Drive, Dropbox, etc. These will be permitted on a case-by-case basis.
BW will monitor prompts submitted in a browser to AI tools. As the use of AIs continues to grow, so too does the risk of unwanted exposure of confidential business or personal data.

3. Other regions are able to access personal email and personal web-based file shares. Why are Europeans not allowed to do so?

European team members benefit from stronger workplace protections due to local privacy and labor laws. To comply with such laws, BW is required to find, and committed to honoring, the right balance between its legitimate interest in protecting the business and the rights and freedoms of team members, including their right to private life and correspondence. As part of this effort to balance data loss prevention with respect for team members’ rights and freedoms, BW has decided to fully block access to personal email accounts (like Gmail) and personal file sharing platforms (like Google Drive and Dropbox) on BW PCs. This approach enables BW to safeguard sensitive company information without monitoring European team members’ private communications or unnecessarily intruding into their personal lives.

4. Why is BW focusing now on personal web-based email services (like Gmail) and personal web-based file sharing platforms (like Google Drive)?

Transferring files from BW PCs to personal web-based email or file sharing platforms (e.g., Gmail, Google Drive, Dropbox) poses a significant risk of accidental data exposure. Blocking these types of uploads helps protect sensitive company information and personal data while helping ensure business file sharing happens through approved BW tools like OneDrive for Business.

Business file sharing should use BW-approved platforms for security and compliance like OneDrive for Business and SharePoint. How to Share Files Using OneDrive

Personal Email

5. Can I still access my personal email (e.g., Gmail) on my BW PC?

It depends on where you work.

Americas/Middle East/Africa/Asia: Team members based in the Americas, the Middle East, Africa, and Asia may access personal email on BW PCs, but it is not recommended because personal email accounts often receive more spam, phishing attempts, and malicious attachments than business emails. Use of personal email on a BW PC is subject to the BW Acceptable Use Policy. In addition, access to personal email may be blocked for team members who have privileged access to IT systems.
Europe: Access to personal email will be blocked for team members in Europe.

All team members: See Sections 1, 5, and 7 in the pre-published version of the Acceptable Use Policy for more information. Special note for German team members: Details referenced in this announcement may not apply to you in part due to agreements with local Works Councils. Please consult with your local People Team or IT contact for specific guidance.

6. Will I be able to receive attachments in a personal email?

Americas/Middle East/Africa/Asia: Yes, attachments in personal emails that you receive are permitted, but will be scanned by IT Security tools for malicious content. If malicious content is found, the attachment will not be downloaded with the email message.
Europe: Access to personal email will be blocked for team members in Europe.

7. I need to send a file to my child’s school. Before Share Smart, I used my personal Gmail. Is personal use of BW corporate email allowed so I can send the file that way?

Americas/Middle East/Africa/Asia: Yes, you can send the file to your child’s school using BW corporate email. Personal use of BW corporate email is allowed for team members outside of Europe, but all activity must comply with the Acceptable Use Policy and local laws, be kept reasonable, and not interfere with job duties.
- All use of BW corporate email activity is monitored. BW does this to prevent the loss or misuse of confidential business data as well as to protect personal data. For example, BW needs to track activity if a team member’s email address is compromised by a malicious actor. BW must be able to track what the malicious actor did while in BW’s system, so we can mitigate the impact and alert others of potential risk.
Europe: Personal use of BW corporate email is not allowed.

8.. What information about my personal email is collected by BW?

For personal email like Gmail, BW logs information such as the email application (for example, Gmail, Hotmail), sender’s email address, recipient’s email address, and the name of any file attachments. While the content of a received or sent personal email will not be inspected, any file attachments downloaded will be inspected for malicious content, such as a phish. This information is required in case malicious software slips through the security tools and we need to determine the “zero hour” when the co de entered BW’s environment. So, if you receive a personal email with information from your doctor, BW will log that the email came from the doctor’s email address to you and at what time. If there were any attachments, such as “Lab Results,” BW will record the name of the attached file(s). If the attached file is determined to have malicious code in it, BW will block the download and record the name of the file and the reason for blocking the download.

See the Team Member Privacy Notice for more details on what information is processed.

9.. What information on the use of BW corporate email is collected by BW?

For business email, BW logs information such as the sender’s email address, recipient’s email address, attached file name, attached file, email content, and subject line.

See the Team Member Privacy Notice for more details on what information is processed.

10. Who has access to the logs created by monitoring emails on BW systems?

Access to logs is restricted to a limited number of system administrators within the Corporate IT department. IT administrator roles are only granted after a rigorous, documented approval process involving multiple levels of authorization. Logs are used for security investigations, such as activity by a compromised account, or to track the spread of malicious software. Logs are also used to improve the performance of the IT network and applications.

See the Team Member Privacy Notice for more details on what information is processed.

Web-based File Shares

11. Can I use personal web-based file sharing services (Dropbox, Google Drive, iCloud) to upload or download files on my BW PC?

Americas/Middle East/Africa/Asia: Uploading to personal file shares like Google Drive and personal OneDrive is blocked to prevent loss of company data. Please note that each attempt to upload a file, even if unsuccessful, will be logged with information such as the team member’s name and email address, file name, file size, and application details (for example, Google Drive or Dropbox).
- Downloading from personal file shares like Google Drive or personal OneDrive is allowed but not recommended. Please note that each file downloaded will be inspected for malicious content. In addition, BW will record the team member’s name and BW email address, file name, file size, and application details (for example, Google Drive or Dropbox) for each file downloaded.
Europe: Use of personal web-based file sharing services is not allowed for European team members.

All team members: See Sections 1, 5, and 7 in the pre-published version of the Acceptable Use Policy for more information. Special note for German team members: Details referenced in this announcement may not apply to you in part due to agreements with local Works Councils. Please consult with your local People Team or IT contact for specific guidance.

12. After Share Smart go-live, what if I need to collaborate with someone outside the company who requires that I use their OneDrive, Google Drive, or Dropbox? Will that be blocked?

After Share Smart go-live, file uploads to any external web-based file share will be blocked. But any BW team member, in Europe or the rest of the world, may request an exception for file transfers by contacting your Service Desk for assistance. Please note that approval by your direct leader and IT Security will be required.

13. I use my personal Gmail address today to log into a customer’s Google Drive. Will this be blocked after Share Smart go-live?

Yes, it will be blocked, but an exception for that Google Drive can be made. Contact your Service Desk. Exceptions can be created for all BW team members upon request, when supported by a valid business reason.

14. What is BW doing to ensure that our business operations, which require file sharing to non-BW web-based file shares like Google Drive, are not interrupted?

We’re working with the Platform IT leaders to define a list of team members who regularly use non-BW web-based file shares like Google Drive for valid business reasons. Prior to Share Smart go-live, we will create individual exceptions for these team members to access the customer’s Google Drive, Dropbox, etc. We will contact the team members for whom exceptions are being created prior to go-live for that platform. If you are not on the list provided by your Platform IT leader, after go-live please contact your Service Desk to request permission.

15. Currently, my customer provides me with an email address for their system, which I use to log into their email service and OneDrive. Will this be blocked after Share Smart go-live?

The connection to a non-BW web-based file share, like Google Drive, OneDrive or SharePoint site as well as the customer’s email service will be blocked, but an exception can be made for all BW team members globally to access that external web-based file share or email service. Access to a customer’s email service using credentials provided by the customer is allowed, but sending any attached files will require an exception. Contact your Service Desk to request an exception. If such file transfers are routine, we anticipate that the exception will be approved by your leadership prior to Share Smart go-live.

16. How do I share large files (like equipment videos) with external clients?

Use BW OneDrive for Business to share large files (up to 250GB). Transfer files to OneDrive and share from there. Note that all file transfers are monitored.

How to Share Files Using OneDrive
See the Team Member Privacy Notice for more details on what information is processed.

17. How can I transfer personal files from my BW PC before these Share Smart changes go live?

During the time before Share Smart go-live, you can directly transfer personal files from your BW PC via business or personal email, as well as using business or personal web-based file shares. Please note that the transfer of business files to a personal storage device, personal email, or personal web-based file share is prohibited per the Acceptable Use Policy. For large files, it may be easier to use BW’s OneDrive - How to Share Files Using OneDrive

Please note that all file transfer activity will be monitored by BW.

See the Team Member Privacy Notice for more details on what information is processed.
See Sections 1, 5, and 7 in the pre-published version of the Acceptable Use Policy for more information. Special note for German team members: Details referenced in this announcement may not apply to you in part due to agreements with local Works Councils. Please consult with your local People Team or IT contact for specific guidance.

18. Once Share Smart goes live, can I request an exception to upload files to a personal file-sharing service or personal email for business purposes?

Exceptions will typically not be granted to use personal web-based file sharing services or personal email for business. Business use of personal email or personal web-based file shares is only permitted for software testing.

19. Is there a record of my file transfers?

Yes, BW logs all file transfers from BW networks, servers, and computers to external storage devices and locations like web-based file shares and email servers. Logs include username, date/time, file name, size/type, content, source, and destination. Logs are stored for up to 90 days and then deleted.

See the Team Member Privacy Notice for more details on what information is processed.

20. Who has access to the logs created by the monitoring of file transfers on BW systems?

See the Team Member Privacy Notice for more details on what information is processed.

AI Prompt Management

21. Why is BW monitoring all AI prompts?

Including confidential data in an AI prompt risks exposing sensitive information to the model's developers or third-party reviewers who monitor inputs for quality and safety. Furthermore, many AI platforms use user prompts to retrain their models, meaning your proprietary and perhaps very personal data could potentially resurface in responses generated for other users.

22. Is BW using new software for AI prompt monitoring?

Yes, BW is using SentinelOne’s Prompt AI. BW has used SentinelOne software for several years now to protect our PCs and servers. Using SentinelOne’s Prompt AI will help ensure that BW’s IT security tools all work well together.

23. Can I use any AI after Share Smart goes live?

Once Share Smart goes live, you will be able to use most AIs. This is a big change from the current policy, where BW limits access to around 50 AI sites! Some AIs have been classified as unsafe, and access to those AI tools will be blocked. We will also block access to the same category of AI sites we block today for internet browsing.

The goal is to allow broad AI use while reducing information security risk.

24. Will everything I submit to an AI be monitored?

BW will inspect all AI prompts submitted in a web browser (except for those submitted using Microsoft M365 Copilot) in real time in order to look for policy violations (for example, confidential or personal data, as well as prompts about subjects that violate BW’s cultural values, such as pornography).

25. Does Prompt AI save my prompt content?

No! Prompt AI does not log or retain the actual text of your prompt.

Think of it as a safety check, not a recording.

For more information on how Prompt AI processes personal data, please review Section 5.6 of the Team Member Privacy Notice for more details on what information is processed.

26. What about attachments I upload with my prompt?

Attachments are not logged or stored by Prompt AI.

However, attachments are inspected to ensure they do not contain non‑compliant data. If sensitive data is found:

In some cases, the sensitive data may be redacted, and the prompt can continue.

Example: Certain file types, like .csv files, may allow data to be safely removed and new data inserted.

In other cases, the upload of the file to the AI tool will be blocked.

Example: If sensitive data is found in an MS Excel (.xlsx) file, the file upload will be blocked because it cannot be safely redacted in an .xlsx file.

This helps prevent accidental sharing of confidential business data or personal data with AI tools.

27. What happens if I accidentally include sensitive information in the text of the prompt?

Prompt AI will do one of two things:

Redact the sensitive data (remove or mask it) and allow the prompt to continue, or
Block the prompt entirely if:

The sensitive data cannot be safely redacted
The content of the prompt does not align with BW cultural values, for example, prompts containing pornographic, violent, or self-harm content

28. What is logged if my prompt or attachment is redacted or blocked?

If a prompt or attachment is redacted or blocked by Prompt AI, a log entry is created. Information logged includes user name, Prompt AI policy violated, information redacted (as applicable), latency (time to analyze the prompt), IP address from which the prompt originated, country from which the prompt originated (based on the IP address), browser used and version, PC operating system, URL for the AI prompt submission, AI conversation, response and activity ID.

29. Is this used to monitor my performance or behavior?

No, the Prompt AI logs will not be used to monitor performance or behavior.

Prompt AI is focused on information security, it is not aimed at evaluating how AI is used for work tasks.

30. Can Prompt AI see my personal conversations?

Americas/Middle East/Africa/Asia: Prompt AI inspects all prompts entered into AI tools on BW-managed PCs. Any personal data included in a prompt or submitted as an attachment will be analyzed by Prompt AI. Team members are responsible for carefully evaluating the data they input into AI tools on BW PCs and must ensure that all data is handled lawfully, securely, and confidentially.
Europe: European team members benefit from stronger workplace protections due to local privacy and labor laws. To comply with such laws, BW is required to find, and committed to honoring, the right balance between its legitimate interest in protecting the business and the rights and freedoms of team members, including their right to private life and correspondence. As part of this effort to balance data loss prevention with respect for team members’ rights and freedoms, BW has decided to prohibit personal use by European team members of AI tools on BW PCs.

31. Will this slow down my work or block AI tools?

In most cases, you will not notice Prompt AI at all.

You may see an impact if:

Sensitive information is detected in a prompt or attachment.
A prompt or attachment needs to be redacted or blocked to protect data.

32. What types of data are considered non‑compliant?

Examples include (but are not limited to):

Confidential business information.
Personal data such as government ID numbers, credit card numbers, other financial information, or employee details.
Regulated or protected information.

Policies are designed to focus on clear risk, not everyday work.

For more information on how Prompt AI processes personal data, please review Section 5.6 of the Team Member Privacy Notice for more details on what information is processed.

33. Who can see Prompt AI logs?

See the Team Member Privacy Notice for more details on what information is processed.

34. What should I do if a prompt or attachment is blocked, but I believe it should be allowed?

If this happens, contact your Service Desk. They can review the situation and help determine next steps.

35. Who can I contact if I have questions?

If you have questions or concerns about Prompt AI or AI usage at BW Company, contact your Service Desk.