Using ChatGPT and co. GDPR-compliantly: a guide for SMEs
In most SMEs people already work with AI, just secretly and with private accounts. That is the real data protection risk, not the AI itself. This guide shows the clean path: the right provider and tier, the data processing agreement, EU hosting options and an AI policy that makes shadow AI unnecessary. As of July 2026.
Published on July 12, 2026 · Daniel Gläser

Why this is urgent: shadow AI is the norm
The numbers are unambiguous. According to Bitkom, employees in 8 percent of companies widely use private AI accounts for work, twice as many as the year before; in another 17 percent it happens in isolated cases and a further 17 percent suspect it. At the same time only 23 percent of companies have rules for AI use and only 26 percent officially provide generative AI to their staff. The global KPMG study with the University of Melbourne completes the picture: 57 percent of employees worldwide hide their AI use, and in Germany 43 percent admit to adopting AI results without checking them.
The actual risk
Bans create shadow AI: employees copy customer data into private ChatGPT accounts, without a contract, without control, without logs. An official, properly configured offering plus clear rules is almost always better for data protection than a ban nobody follows.
What the data protection authorities say
The authoritative reference in Germany are two guidance documents by the Datenschutzkonferenz (DSK): the guidance on AI and data protection from May 2024, aimed at companies using AI (legal bases, purpose limitation, data subject rights, impact assessment), and the guidance on technical and organisational measures for AI systems from June 2025 for development and operation. Follow these two papers and you have the supervisory authorities' expectations on the table.
- Clarify the legal basis: processing personal data in AI tools needs a basis under Art. 6 GDPR, in day-to-day business usually legitimate interest with a documented balancing test, or contract performance.
- Take data minimisation seriously: not every prompt needs real names. Where possible, leave out or pseudonymise personal data.
- Keep data subject rights in mind: access, rectification and erasure must work even when data has flowed through AI tools.
- Check the impact assessment: extensive or sensitive processing may require a data protection impact assessment under Art. 35 GDPR.
The data processing agreement: what you need in writing
As soon as an AI provider processes personal data on your behalf, Art. 28 GDPR requires a data processing agreement (DPA) with the legally required minimum content. With the big providers, the DPA is part of the business and enterprise tiers and is concluded online. Check three points:
- Training excluded: the tier must guarantee that your inputs are not used to train the models by default. Consumer tiers and private accounts often lack this, which is exactly why they are off-limits for company data.
- Sub-processors: the DPA lists which service providers the vendor uses and where processing happens.
- Processing location and transfer mechanism: with US providers you additionally need a basis for the third-country transfer, currently usually the EU-US Data Privacy Framework, or genuine EU processing.
EU hosting options compared
If you want to defuse the third-country debate, choose offerings where processing demonstrably happens in the EU. The main options, as of July 2026:
| Option | EU processing | Watch out for |
|---|---|---|
| Azure OpenAI (Microsoft) | Yes, with the Data Zone EU deployment type (data centres in nine European countries) | Careful: Global standard deployments may process prompts outside the EU even if the resource sits in an EU region. The deployment type decides, not the region. |
| OpenAI directly | EU data residency since February 2025, but only for Enterprise, Edu and API | Check current terms for smaller tiers; DPA via the data processing addendum. |
| IONOS AI Model Hub | Yes, open-source models hosted entirely in Germany | OpenAI-compatible API, per-token billing, integrated vector database for RAG; model selection limited to open models. |
| Local models on your own premises | Yes, data never leaves the company at all | No DPA needed for model usage; in return, own hardware and operations. Details in the local AI versus cloud AI cost comparison. |
The most common Azure misconception
An Azure resource in the West Europe region does not automatically mean EU processing. Only deployments of type Data Zone EU guarantee that prompts are processed within the EU data boundary. Hardly any German guide explains this difference properly, yet it decides your GDPR argumentation.
Getting shadow AI under control: offering beats banning
- Provide an official tool: a business tier with a DPA and training exclusion, for everyone who needs AI day to day. That removes the reason for shadow use.
- Explicitly exclude private accounts: company data never belongs in private AI accounts; communicate that in writing and with reasons.
- Check instead of blindly adopting: AI results are drafts. Reusing them unchecked risks errors with external impact; the 43 percent from the KPMG study are a warning.
- Build AI literacy: since February 2025 the AI literacy duty under Art. 4 of the EU AI Act applies anyway (slightly softened by the 2026 Digital Omnibus: companies must support their staff in building AI literacy). A short, recurring training session fulfils this and lowers the risk.
The company AI policy: 10 points that belong in it
- 1. Which AI tools and tiers are officially approved, including their configuration state.
- 2. That private AI accounts are off-limits for company data, without exception.
- 3. Which data categories may go into AI tools and which never (such as health data, credentials, trade secrets).
- 4. That personal data is left out or pseudonymised where possible.
- 5. That AI results are professionally reviewed before reuse, with clear responsibility.
- 6. When AI use is disclosed to customers or recipients, including the labelling duties under Art. 50 of the AI Act from August 2026.
- 7. Who in the company is responsible for AI questions and approvals.
- 8. How new AI tools are requested and vetted (DPA, training exclusion, processing location).
- 9. What happens in case of incidents: report to the responsible person, if applicable the data breach process.
- 10. That the policy is reviewed regularly, because tiers, models and the legal situation change quickly.
What the EU AI Act additionally requires: the short version
The GDPR is one half, the EU AI Act the other. Short version for AI users, as amended by the June 2026 Digital Omnibus: the prohibitions and the AI literacy duty have applied since February 2025, the transparency and labelling duties under Art. 50 arrive on 2 August 2026 (with a grace period until 2 December 2026 for machine-readable labelling of pre-existing systems), and the high-risk obligations were postponed to December 2027 and August 2028 respectively. The full timeline with all duties is in the article The EU AI Act for SMEs.
And if your data protection requirements are especially high, look at a setup where the data never leaves the building in the first place: the local AI versus cloud AI cost comparison shows from what point an own AI server pays off. I build both, properly configured cloud AI and local setups, as part of my AI automation services.
Sources
- Datenschutzkonferenz: Orientierungshilfen (KI und Datenschutz, TOMs bei KI-Systemen)
- Bitkom: Beschäftigte nutzen vermehrt Schatten-KI (Oktober 2025)
- KPMG / University of Melbourne: Trust, Attitudes and Use of AI (2025)
- Microsoft Learn: EU Data Boundary (Übersicht)
- Microsoft Learn: Azure OpenAI Deployment-Typen (Data Zone EU vs. Global)
- OpenAI: Datenresidenz in Europa (Februar 2025)
- IONOS: AI Model Hub (Open-Source-Modelle, in Deutschland gehostet)
- Art. 28 DSGVO (Auftragsverarbeitung)
- Rat der EU: Digital Omnibus, Einigung zur Vereinfachung der KI-Regeln (Mai 2026)
This article is carefully researched guidance, not legal or tax advice. For binding information, please consult your tax advisor or lawyer.
Frequently asked questions
Can I use ChatGPT in my company in a GDPR-compliant way?+
Yes, with the right building blocks: a business or enterprise tier instead of a private account, a data processing agreement, training on your data excluded, and a clarified processing location or transfer mechanism. Plus clear internal rules about which data may go in.
Do I need a DPA for every AI tool?+
As soon as the tool processes personal data on your behalf, yes (Art. 28 GDPR). Formally not for use without personal data, but in practice you can rarely rule that out reliably. Business tiers of the big providers include the DPA by default.
What is shadow AI and why is it dangerous?+
The use of private AI accounts for company purposes without the company knowing. According to Bitkom this happens widely in 8 percent of companies and in isolated cases in 17 percent, while only 23 percent have AI rules at all. It is dangerous because company data ends up with third parties without a contract, control or logs.
Is an Azure server in Europe enough for the GDPR?+
Not automatically. With Azure OpenAI the deployment type decides: only Data Zone EU deployments guarantee processing within the EU data boundary; global deployments may process prompts outside the EU even if the resource sits in an EU region.
Which German alternative to the US providers exists?+
For example the IONOS AI Model Hub: open-source models hosted entirely in Germany, with an OpenAI-compatible API and per-token billing. Or local models on your own premises, in which case the data never leaves the company at all.
Do I have to train my employees in using AI?+
Yes. The AI literacy duty under Art. 4 of the EU AI Act has applied since 2 February 2025, including for companies that only use AI; the 2026 Digital Omnibus softened it slightly (support instead of ensure). A compact, regular training session fulfils this and is at the same time the most effective protection against shadow AI and unchecked results.
Adopt AI without data protection stomach aches
I set up AI tools so they run GDPR-compliant: the right tier, DPA, EU processing or a local setup, plus the AI policy and a short team training. From Chemnitz for SMEs in Saxony and across Germany.

Daniel Gläser
Owner of Gläser IT-Solutions, Chemnitz
I build software and run IT infrastructure for small and medium businesses, from the first analysis to day-to-day operations. Everything here comes from real projects and is backed by sources.


