At a glance: GDPR-compliant AI requires a legal basis, a data processing agreement (DPA), and a data protection impact assessment (DPIA). Most cloud AI tools meet these requirements only partially. On-premise AI eliminates third-country transfers, DPA obligations, and third-party training entirely.
In early 2025, Germany’s Federal Data Protection Commissioner (BfDI) launched a public consultation on the data protection assessment of AI models. The background: since 2024, complaints have been mounting from employees whose personal data was transmitted to OpenAI servers in the US without a DPA and without a data protection impact assessment. In parallel, Italy’s data protection authority escalated enforcement against OpenAI — a signal for all of Europe. Since the Schrems II ruling and the entry into force of the EU AI Act, European enterprises face one clear question — what does GDPR-compliant AI look like in practice?
The answer is less complicated than most vendors make it sound. But it requires understanding where the actual risks lie — and where they do not.
What makes AI relevant under the GDPR?
Not every use of AI raises data protection issues. The decisive question: are personal data being processed? When an employee asks ChatGPT a general question — say, “Explain the rules for IFRS revenue recognition” — that is uncritical. But the moment customer names, email addresses, employee data, or contract content enter an AI system, GDPR obligations apply.
The three core requirements:
1. Legal basis (Art. 6 GDPR) Every processing of personal data needs a legal basis. For AI tools, this is usually Art. 6(1)(f) (legitimate interest) or (a) (consent). For sensitive data (health, union membership), the stricter rules of Art. 9 GDPR apply.
2. Data processing agreement (Art. 28 GDPR) If an external AI vendor processes your data, you need a data processing agreement (DPA). For US vendors like OpenAI, Google, or Microsoft, an additional issue applies: under the Schrems II ruling, Standard Contractual Clauses without supplementary measures are not sufficient when the vendor is subject to the US CLOUD Act. That covers practically every major cloud AI service.
3. Data protection impact assessment (Art. 35 GDPR) Where processing presents a “high risk” to the rights of data subjects, a DPIA is mandatory. AI systems that evaluate, profile, or make automated decisions about employees or customers regularly fall into this category. The list of mandatory DPIA cases published by Germany’s data protection authorities spells out exactly when a DPIA is required.
Where most enterprises fail
The technical requirements of the GDPR are clear. Still, enterprises consistently stumble in three areas.
Problem 1: Uncontrolled data leakage
Employees use ChatGPT, DeepL, Gemini — without DPAs, without DPIAs, without approval. This is shadow AI. According to the Microsoft Work Trend Index 2024, 75% of knowledge workers use AI — and 78% bring their own unapproved tools. No DPA in the world helps when IT does not even know which tools are in use.
Problem 2: Training on enterprise data
Cloud AI vendors frequently use submitted data for model training — unless the user actively opts out. Since 2024, OpenAI offers a training opt-out even for the free version — but it is not enabled by default, and its effectiveness is not independently verifiable. That means without active intervention, your confidential data can resurface in answers given to other users. OpenAI has confirmed this in its terms of use.
Problem 3: Third-country transfer
Every data transfer to a US vendor is a third-country transfer under Art. 44 et seq. GDPR. Since Schrems II, no adequacy-decision equivalent stands unchallenged. The EU-US Data Privacy Framework (DPF) was adopted in 2023 but is already under legal attack — Max Schrems has announced he will challenge it before the CJEU.
GDPR-compliant AI: the four options
| Option | GDPR status | Control | Cost | For whom? |
|---|---|---|---|---|
| Cloud AI with DPA (e.g. Azure OpenAI Enterprise, Microsoft Copilot) | Conditionally compliant — third-country transfer remains a risk | Medium | High (per user/token) | Enterprises without sensitive data |
| EU-hosted cloud AI (e.g. Aleph Alpha, Mistral via EU hosting) | Better — no third-country transfer | Medium | High | Enterprises with EU preference |
| On-premise AI (turnkey appliance) | Fully compliant — no external processing | Full | Low (no per-user cost) | Enterprises with high compliance requirements |
| Self-hosted open source (e.g. Llama, Mistral) | Fully compliant | Full | Variable (own infrastructure required) | Enterprises with internal IT capacity |
The decision hinges on two factors: how sensitive is your data, and how much IT capacity do you have?
For most mid-market companies, the answer is: yes, sensitive data; no, we do not want to build our own AI infrastructure. That is exactly the gap turnkey on-premise solutions fill.
Checklist: Is your AI usage GDPR-compliant?
On-premise as the cleanest path
On-premise AI eliminates the three biggest GDPR problems in one move:
No third-country transfer. Not a single byte leaves your network. Art. 44 et seq. GDPR does not apply because there is no transmission.
No DPA needed. You process the data yourself — there is no external processor. Art. 28 GDPR is not triggered.
No third-party training. Local models belong to you. Nobody trains on your data. The risk that confidential information surfaces in someone else’s answers simply does not exist.
Take turnkey on-premise solutions like contboxx Vault as an example: the platform ships as a ready-to-run appliance — NVIDIA hardware, pre-installed LLMs, 40+ integrations. It connects to SharePoint, Confluence, SAP, Slack. Everything stays local. Live in 6 weeks. ISO 27001:2022 certified.
The TCO comparison between cloud and on-premise AI shows dramatic differences — especially when scaling to several hundred users.
Test GDPR-compliant AI contboxx Vault: on-premise, made in Germany, productive in 6 weeks. No data in the cloud. Book a free demo
EU AI Act: what applies on top of the GDPR
Since 2024, the EU AI Act supplements the GDPR with AI-specific obligations. For organizations deploying AI (as “deployers”), this means:
- Risk classification: Every AI system must be assigned to a risk class (minimal, limited, high, unacceptable)
- Documentation duty: High-risk AI requires technical documentation, conformity assessment, and CE marking
- Training obligation (Art. 4): All employees working with AI must be trained
- Transparency duty: Users must know when they are interacting with an AI system
The fines: up to EUR 35 million or 7% of global annual turnover. Unlike the GDPR, which focuses primarily on data, the EU AI Act regulates the system itself — regardless of whether personal data is processed.
Frequently asked questions
Is ChatGPT GDPR-compliant?
Conditionally. OpenAI offers a DPA and is certified under the EU-US Data Privacy Framework. ChatGPT Enterprise has a training opt-out. With the free and Plus versions, concerns remain: data may be used for training, and the third-country transfer remains legally vulnerable.
Do I need a data protection impact assessment for AI?
In many cases, yes. Art. 35 GDPR requires a DPIA when processing presents a high risk — for example, systematic evaluation, profiling, or automated decision-making. Germany’s data protection authorities have published a mandatory list. When in doubt: do the DPIA.
Which AI vendors are GDPR-compliant?
Only solutions without external data flow are fully compliant: on-premise AI or self-hosted open-source models. EU-hosted cloud services are a lower-risk compromise. US vendors like OpenAI or Microsoft can be used with a DPA and the DPF, but the third-country transfer remains a residual risk.
What happens in case of a GDPR violation through AI use?
Fines under Art. 83 GDPR: up to EUR 20 million or 4% of global annual turnover. On top of that, damages claims under Art. 82 GDPR. The enterprise is liable, not the employee. For AI-specific violations, additional penalties apply under the EU AI Act.
Conclusion
GDPR-compliant AI is not a contradiction — but it requires deliberate decisions. Anyone using cloud AI must vet DPAs, run DPIAs, and secure third-country transfers. Anyone choosing on-premise eliminates these problems structurally.
For European mid-market companies with sensitive data and limited IT capacity, a turnkey on-premise solution is the most pragmatic path: maximum compliance with minimal effort.