What about GDPR/DSGVO and data sent to AI?

Georg_Wittmann · June 30, 2025, 2:04pm

lstypka · July 9, 2025, 6:10am

Hi Georg!

When it comes to GDPR/DSGVO compliance and sending data to AI, we are considering several approaches. The final choice will be left to the customer and configurable based on their preferences and compliance requirements:

OpenAI Enterprise License – With this license, data is not used to train models, and enhanced privacy and security measures are in place, making it suitable for GDPR-compliant use cases.
Data Anonymization Layer – We plan to introduce dedicated tools that anonymize sensitive data before it’s sent to the AI platform. These tools (e.g., MCP wrappers for customer, order, and return data) will replace personal information with placeholders and maintain a secure mapping. Only anonymized data is shared with the AI, and real values are restored after the AI response—before it’s returned to the customer.
Custom/Open-Source LLMs – Customers will also have the option to integrate with their own custom or open-source language models, giving them full control over data processing and compliance.

Regards,
Łukasz

Topic		Replies	Views
Other Services than OpenAI possible? Powered by AI	3	15	July 9, 2025
Which validations are done to make sure to not expose data from other customers? Powered by AI	1	9	July 9, 2025
Does the ai any security checks? Like verifying that a mail is not faked? Powered by AI	1	12	July 9, 2025
Do you have ISO certification? Technology security	1	5	January 23, 2025
Is automatic translation possible? Technology ai	1	8	January 23, 2025

What about GDPR/DSGVO and data sent to AI?

Related topics