A consulting firm I know spent three months building a Notion workspace. The team was using Notion AI to summarise meeting notes, draft client proposals, and search across their project wiki. It was genuinely useful. Then their solicitor flagged that client names, case notes, and contact details were sitting in a US-based cloud system with no data processing agreement in place. The AI features had been sending prompts, including extracts of client records, to a third-party processor nobody had assessed.
They were not careless. They had just picked the tool before they understood what the architectural choice meant.
What choice are you actually making?
The architectural difference between Notion and Obsidian matters more than the feature list. Notion stores your pages and databases on cloud infrastructure, processed in the US. Obsidian stores notes as Markdown files on your own device, with no cloud involvement unless you choose to add it. Where your data lives shapes your UK GDPR obligations, your AI options, and how much disruption a future tool change will cause.
Notion Labs operates Notion as a cloud SaaS product. The Plus plan runs at around £6-7 per user per month; add Notion AI and you are looking at an additional £8-10 per user per month. For a 10-person team with AI enabled across the board, the annual cost lands between £1,700 and £2,000.
Obsidian stores your notes as plain Markdown files on your device. The core product is free for personal use; a commercial licence costs around £40 per user per year. Obsidian Sync, the optional cloud layer, adds £8 per user per month if you want it. You can run Obsidian entirely offline and never involve a third-party server.
When does Notion make sense?
Notion suits owner-managed businesses where knowledge work is genuinely collaborative and the team needs to share, comment on, and edit documents in real time. The built-in Notion AI layer handles summarisation, drafting, and Q&A over shared content without any extra engineering. If your firm already runs on Slack, HubSpot, or Google Workspace, Notion’s API integrations keep your knowledge base inside that data flow rather than sitting beside it.
The data protection position requires attention. Notion processes data on US infrastructure. Under UK GDPR, you remain the controller for any personal data stored there. That means signing Notion’s Data Processing Addendum, confirming your transfer mechanism for data leaving the UK, and making sure staff understand what should and should not go into a shared workspace. The ICO’s guidance on UK GDPR and international transfers sets out what that assessment must cover. These are compliance steps, not optional extras.
Notion’s block-and-database format is also not standard Markdown. If you decide to move platform later, exporting is possible but the clean-up is significant, particularly for linked databases and complex page structures.
When does Obsidian make sense?
Obsidian suits individual knowledge work where data sensitivity makes local storage the cleaner position under UK GDPR. Lawyers, consultants, and advisers handling client-confidential material keep their files on their own devices, decide which AI tools ever touch that data, and avoid the question of what a US-based sub-processor does with their notes. The trade-off is that AI is not built in, and real-time collaboration is not available.
Any AI capability on an Obsidian vault comes through community plugins, the majority of which connect to external APIs. If you use a ChatGPT-backed plugin, your notes are still leaving your device. The only way to keep everything local is to run a self-hosted language model alongside Obsidian, for example using Ollama with an open-source model. That gives you AI summarisation and retrieval over your vault without external API calls, but it requires technical capacity that many owner-managed businesses do not have in-house.
Obsidian has no real-time collaboration. Multiple people can share a vault through Obsidian Sync or a version-controlled folder, but edits are asynchronous. If your knowledge base needs to double as a live project hub, Obsidian will frustrate the team quickly. Where it earns its keep is portability: plain Markdown files work in any editor, they do not belong to a vendor format, and the long-term cost of ownership is significantly lower than a per-seat SaaS with AI add-ons.
What does it cost to get this wrong?
The cost of switching platforms after building a knowledge base is higher than many owner-managers expect. Notion’s block-and-database format does not export cleanly to Markdown, so a move to Obsidian means manual reformatting, broken internal links, and lost database relationships. A 20-person firm spending 8 hours per person on migration and retraining runs to roughly £6,400 in labour alone.
The data protection risk is harder to measure and often harder to recover from. If your Notion workspace absorbs client names, contact details, and case notes without a data processing agreement in place, you are in breach of UK GDPR. The ICO’s enforcement against British Airways, resulting in a £20 million fine, was for exactly this type of configuration failure: personal data processed on third-party infrastructure without adequate controls. For an owner-managed business, the realistic exposure is not a fine at that scale. It is the ICO investigation following a staff member pasting client data into a shared workspace, or a data subject access request that reveals what you actually stored and where. That conversation with a client carries its own cost.
The third cost is capability lock-in. If you build your AI workflows around Notion AI and Notion changes its data-use policies or pricing structure, your AI layer is hostage to those decisions.
What to ask before you commit
Before choosing a platform, three questions clarify the decision more reliably than any feature comparison. Who is the knowledge base primarily for, one person or a shared team? What categories of data will live there? And what AI role do you want in the next 12 months? The answers resolve the choice in almost every case without a trial or a demo.
Who is it primarily for? If institutional memory and team onboarding are the main goals, a shared Notion workspace gives you real-time collaboration, comments, and access controls from day one. If the primary value is in individual knowledge systems, where senior people maintain their own linked notes on clients, sectors, or strategy, Obsidian suits that model better.
What data will live there? Map the categories before you choose. If your knowledge base will hold client personal data, legal files, or anything your sector treats as sensitive, work through where that data will be stored and processed before signing up to any cloud tool. The NCSC’s Cloud Security Principles provide a useful checklist for the questions to put to Notion or any AI plugin vendor before you give them access to that content.
What AI role do you need? If you want built-in summarisation and Q&A across your workspace without extra engineering, Notion AI delivers that today. If you want to control exactly which model touches your notes, or you are considering on-device models for confidentiality reasons, Obsidian’s file-based architecture fits that ambition, provided you have the technical capacity to set it up.
One final point: many owner-managed businesses end up using both. Notion for shared operations, SOPs, and project wikis; Obsidian for individual research and sensitive client notes. AI can ingest both through separate pipelines. If a hybrid is where you are headed, design for it from the start rather than discovering it through a migration.
