Most organisations adopted generative AI tools before their legal teams fully understood the GDPR implications. Now the regulators are catching up. DPAs across the EU have issued guidance, fines are being levied, and the EU AI Act adds a second compliance layer on top. This guide covers exactly what data controllers need to have in place to use generative AI tools lawfully.
The Core GDPR Problem with Generative AI
GDPR is built around a simple principle: personal data should only be processed for specific, lawful purposes, with appropriate safeguards. Generative AI creates four tensions with this principle that don't exist with conventional software:
- Unpredictable processing: When a user pastes personal data into ChatGPT, it's impossible to predict exactly how the model will "process" it — which internal representations will be created, whether the data will influence future outputs, or how long it's retained in session context.
- Sub-processor uncertainty: AI vendors use their own sub-processors (cloud infrastructure, fine-tuning partners). Each link in the chain must be covered by GDPR-compliant DPAs.
- Training data risk: Personal data submitted to AI systems may influence model training, creating a theoretical risk of the data surfacing in responses to other users.
- Data subject rights: If personal data is embedded in a model's weights, exercising a right to erasure becomes technically complex or impossible.
Legal Basis: What Justifies Processing Personal Data in AI Prompts?
Before any personal data enters an AI system, you need a valid GDPR legal basis under Article 6. For enterprise use cases:
Legitimate Interests (Art. 6(1)(f))
Using AI to draft internal documents, summarise non-personal business content, or assist with tasks not involving personal data
⚠A Legitimate Interests Assessment (LIA) must be documented. Personal data of employees or customers must be minimised or excluded.
Contract Performance (Art. 6(1)(b))
Using AI to process customer data to fulfil a contract with that specific customer
⚠Narrow scope — only covers data directly necessary for the contractual service. Cannot be used as a blanket basis for all AI usage.
Consent (Art. 6(1)(a))
Using AI to process customer data for purposes beyond contract performance (e.g. personalisation, marketing analysis)
⚠Consent must be freely given, specific, informed, and unambiguous. Difficult to obtain and easy to withdraw — not practical for internal operational AI use.
Legal Obligation (Art. 6(1)(c))
Using AI to assist with compliance-related tasks (e.g. AML screening, fraud detection)
⚠Must be grounded in a specific legal obligation — not a general regulatory duty.
The practical implication: for most internal AI tool usage, Legitimate Interests is the correct basis — but only if a documented LIA is on file, and only if personal data of third parties is not freely entered into AI systems.
Article 28: Data Processing Agreements Are Mandatory
Any AI vendor that processes personal data on your behalf is a "processor" under GDPR. Article 28 requires a written Data Processing Agreement (DPA) with every processor. This is non-negotiable — no DPA means every interaction that involves personal data is unlawful.
What a GDPR-compliant AI vendor DPA must include
- The subject matter, duration, and purpose of processing
- The nature of the processing and the categories of personal data
- The data controller's instructions to the processor
- Obligations on the processor (sub-processors, security measures, breach notification)
- A prohibition on using the data for any purpose other than providing the contracted service (this must explicitly prohibit model training on your data)
Which major AI vendors offer GDPR-compliant DPAs?
| Vendor / Product | DPA Available | Training Opt-Out |
|---|---|---|
| ChatGPT Enterprise | Yes | Yes (default off) |
| ChatGPT Team | Yes | Yes |
| ChatGPT Free / Plus | No | Opt-out available |
| Claude for Work | Yes | Yes |
| Gemini for Workspace | Yes (via Google Workspace) | Yes |
| GitHub Copilot Business/Enterprise | Yes | Yes |
| GitHub Copilot Individual | No | Opt-out available |
If employees are using free-tier AI tools to process customer data, your organisation is almost certainly in violation of Article 28. Audit your AI tool inventory and mandate enterprise tiers for any use case involving personal data.
Data Minimisation: The Most Ignored Principle
Article 5(1)(c) requires that personal data is "adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed." In generative AI context, this means your employees should submit the minimum personal data necessary to accomplish the task.
In practice, this principle is almost universally violated because there are no technical controls enforcing it. A support agent who pastes an entire customer ticket thread — when only the product error code was needed to get an AI-assisted answer — has violated data minimisation.
Technical implementation of data minimisation for AI
- Deploy a DLP agent that automatically strips personal data from AI prompts when the task doesn't require it (e.g. redact customer names and emails from support tickets before AI-assisted drafting)
- Configure category-specific redaction rules: emails that begin with a customer service query automatically have email addresses, phone numbers, and national IDs redacted before AI processing
- Train employees on what constitutes personal data under GDPR — it's broader than most people expect (IP addresses, cookie IDs, device fingerprints, and combinations of pseudonymous data can all constitute personal data)
Building a GDPR-Compliant AI Programme: The Minimum Viable Setup
- AI system inventory — document every AI tool used, its vendor, and the categories of data it processes
- Legal basis documentation — for each AI use case, document the Article 6 legal basis and any required LIA
- DPAs with all AI vendors — execute and file DPAs; upgrade to enterprise tiers where free tiers lack DPA coverage
- DPIA for high-risk use cases — Article 35 requires a Data Protection Impact Assessment before processing that is "likely to result in a high risk"
- Technical controls — deploy endpoint DLP to enforce data minimisation and prevent processing without a legal basis
- Data subject rights procedures — document how you would respond to access, erasure, and portability requests for data that has been processed by AI systems
AI-Guardian's admin dashboard generates a monthly compliance report covering AI data categories processed, redaction event counts, and a summary suitable for DPA documentation. If you need help structuring your GDPR AI programme, book a compliance consultation.