GDPR and AI in practice means that companies may use AI, but not casually, secretly, or without purpose, legal basis, safeguards, and clear rules. Customer data, employee data, and confidential information belong only in approved systems. A solid AI rollout requires tool approvals, training, works council involvement, privacy review, and a usable AI policy.
Why is GDPR and AI no longer just a privacy department topic?
GDPR and AI has become an operational management issue. It is no longer limited to the data protection officer or the legal team. It affects sales, customer service, HR, IT, marketing, project work, documentation, internal communication, and customer-facing processes. As soon as employees use ChatGPT, Copilot, Gemini, Claude, Perplexity, NotebookLM, or other AI tools, new data flows appear. Some are harmless. Some are sensitive. Some are not acceptable without formal approval.
The main mistake many companies make is treating AI as either completely forbidden or completely open. Neither approach works well in practice. A blanket ban often creates shadow AI: employees continue using private accounts because the tools make their work faster. Uncontrolled permission creates the opposite problem: customer data, internal calculations, employee information, proposals, or confidential documents may end up in systems that nobody has properly reviewed.
In Germany, the Datenschutzkonferenz published guidance on artificial intelligence and data protection in 2024. The guidance is intended to help organizations select, implement, and use AI systems under data protection law. Its focus is not abstract technology, but accountability, purpose, legal basis, transparency, risk assessment, and privacy by design.
What are companies generally allowed to do with AI?
Companies are allowed to use AI when they meet data protection requirements. That can sound legalistic, but it translates into practical questions: Which tool is being used? For what purpose? Which data is processed? Who has access? Are personal data involved? What legal basis applies? Is the vendor contractually covered? Are security and deletion rules defined?
Many tasks are usually low-risk when they do not involve personal or confidential data. Examples include drafting a generic article outline, creating a neutral email template, preparing an internal training structure, explaining a technical concept without customer data, generating a checklist, or summarizing an anonymized scenario.
The situation changes when real names, email addresses, customer numbers, quote details, contract content, applicant data, health information, internal complaints, HR conversations, or project internals are processed. Then the company needs deliberate approval. Not every AI system is unsuitable for this, but the selected tool must fit the data, the purpose, and the company’s privacy documentation.
Can customer data be entered into ChatGPT?
The careful answer is: not just like that. Customer data should only be entered into ChatGPT or another AI system if the specific use case has been reviewed and approved. The decisive factors are subscription type, contractual terms, data use, retention periods, technical safeguards, international transfers, processor agreements, deletion concept, and internal purpose.
For example, “Write a friendlier reply to Mr. Smith, customer number 4711, about complaint XY” is very different from “Draft a neutral reply to a customer complaint without using personal data.” In the second case, AI is used as a writing assistant. In the first case, the tool processes specific personal and business information.
For mid-sized companies, the practical rule is simple: customer data belongs only in approved AI systems. If no approved system exists, employees should work with placeholders, anonymized examples, or abstract descriptions. That is not perfect, but it is much safer than uncontrolled input into private accounts.
Is ChatGPT GDPR-compliant?
ChatGPT is not automatically GDPR-compliant and not automatically unlawful. The answer depends on the concrete use case. OpenAI states that customer data from Business and Enterprise offerings is not used for model training by default and that organizations retain control over their business data. However, companies still need to review whether the actual contract, settings, purpose, and data categories fit their own GDPR documentation.
Private or freely accessible accounts create different risks than Business or Enterprise environments. If employees use private accounts, the company loses control over access, roles, logging, data handling, and company knowledge. If the company introduces an enterprise-controlled environment, defines rules, and separates sensitive data, many risks can be reduced significantly.
So the right question is not simply “Is ChatGPT GDPR-compliant?” The better question is: “For which data, which purpose, which user group, and under which contract do we want to use ChatGPT?”
What should companies not do with AI?
Companies should not process personal data in uncontrolled AI tools without legal basis, purpose limitation, safeguards, and transparency. This includes copying sensitive customer cases, applications, personnel files, sick notes, complaints, internal conflicts, or confidential business information into unapproved systems.
Hidden employee monitoring is also highly problematic. If an AI system evaluates job performance, analyzes writing behavior, prioritizes tickets, measures productivity, or reviews communication patterns, employment law and co-determination questions quickly arise.
Customer communication creates another risk layer. If AI drafts or sends messages in the company’s name, the content must be checked. False promises, invented legal statements, unclear responsibilities, or automated rejections can quickly create liability and trust problems.
Which mistakes are most common in AI and data protection?
Many mistakes do not come from bad intent. They come from convenience. An employee wants to write a customer email faster. A manager wants help preparing a difficult employee conversation. A sales person uploads a tender document. A project manager asks an AI tool to summarize meeting notes. Each situation may sound harmless until personal data, confidential prices, internal assessments, or customer secrets are processed.
Common mistakes include:
| Situation | Risk | Better approach |
|---|---|---|
| Employees use private AI accounts | No central control, unclear data use, no logging | Approved company accounts with AI policy |
| Customer data is entered directly | Personal data, confidentiality, possible international transfer | Anonymization, placeholders, or approved system |
| AI output is sent without review | False statements, invented details, liability risks | Human review for sensitive communication |
| Works council is not involved | Co-determination risk for technical systems | Early information and clear works agreement |
| Employees are not trained | Good rules are not understood | Short practical training with examples |
| No approved tool list exists | Shadow AI and uncontrolled tool sprawl | Allowlist with permitted, restricted, and prohibited tools |
What role does the works council play in AI adoption?
The works council is not a formal obstacle. It is part of a robust AI rollout. The German Federal Ministry of Labour and Social Affairs emphasizes that works councils have an important role in workplace AI adoption and can help shape technology through co-determination rights.
Co-determination becomes especially relevant when AI systems are capable of monitoring employee behavior or performance. Legal assessments frequently refer to Section 87(1) No. 6 of the German Works Constitution Act. Software-based or web-based AI applications can quickly touch this area if usage data, productivity, communication behavior, or work results are evaluated.
For mid-sized companies, the lesson is practical: involve the works council early, not after the tool has already been purchased. Buying licenses first and clarifying co-determination later often creates distrust. A better approach is to define the shared picture: Which tools? Which purposes? Which data? Which controls? Which limits? Which training?
When does a company need a data protection impact assessment?
A data protection impact assessment, or DPIA, becomes relevant when processing is likely to result in a high risk to the rights and freedoms of natural persons. With AI, this can happen when employee data, customer profiling, automated decisions, large-scale evaluation, sensitive data, or monitoring functions are involved.
Not every AI use case automatically requires a DPIA. A generic text template without personal data is different from an AI system that ranks applicants, scores customer behavior, prioritizes support cases, or analyzes employee performance. The relevant factors are purpose, data scope, affected individuals, automation level, transparency, and potential impact.
In practice, every meaningful AI implementation should begin with a structured privacy review. That review determines whether a DPIA is required. The preliminary review is often more valuable than the abstract legal debate because it reveals which data and risks are actually involved.
Why is an AI policy not enough on its own?
An AI policy is necessary, but it is only paper if employees do not understand it. Many policies fail because they are too abstract. Employees do not need a legal essay. They need clear answers: Which tool may I use? Which data may I enter? When must I anonymize information? When do I need approval? Which AI results can I use directly? Which results must be reviewed?
A useful AI policy should include at least these elements: approved tools, prohibited tools, data classes, examples, approval process, responsible roles, documentation duties, customer communication rules, internal document rules, error handling, and consequences for violations.
A simple traffic-light structure often works well. Green: generic texts, anonymized examples, internal drafts without personal data. Yellow: customer cases, contract content, technical documents, internal analysis. Red: health data, personnel files, applicant data, passwords, trade secrets, and confidential customer data without approval.
How should employees be trained?
Employee training must be practical. Most teams do not need a two-hour lecture on every article of the GDPR. They need realistic examples from their work. Sales, service, HR, IT, marketing, and management use AI differently. Training should not only explain what is prohibited. It should show how AI can be used safely.
Good training works with concrete situations: anonymizing a customer email, summarizing a tender, improving an internal process description, checking a support response, cleaning meeting notes, or drafting a technical instruction. Employees must also learn to challenge AI output instead of accepting it because it sounds fluent.
The most important training message is simple: AI is not a confidential colleague. AI is a tool that processes data. This shift in perspective prevents many mistakes.
How should AI be governed in customer communication?
Customer communication is sensitive because it represents the company externally. If AI helps prepare an internal draft, that is usually less risky than an automated response sent directly to a customer. The closer AI gets to binding statements, prices, deadlines, complaints, contracts, or liability issues, the more review is needed.
Companies should define when AI may draft and when automated communication is allowed. For many mid-sized businesses, the safer starting point is this: AI prepares suggestions, humans review and send. Fully automated communication should only be used where content is narrow, tested, logged, and easy to escalate.
Transparency also matters. Not every AI-assisted draft needs to be announced. But if customers interact directly with an AI system, they should understand that they are not speaking to a human. There should also be a simple way to reach a human contact person.
Which numbers show why AI governance matters now?
- According to Bitkom, 97 percent of German companies rate the effort required for data protection as very high or rather high.
Source: Bitkom, Datenschutz in der deutschen Wirtschaft
https://www.bitkom.org/sites/main/files/2026-02/bitkom-studienbericht-datenschutz.pdf - Compared with the previous year, Bitkom reports that data protection effort increased for 69 percent of companies.
Source: Bitkom, Datenschutz in der deutschen Wirtschaft
https://www.bitkom.org/sites/main/files/2026-02/bitkom-studienbericht-datenschutz.pdf - The EU AI Act entered into force on August 1, 2024 and will generally become fully applicable on August 2, 2026.
Source: European Commission, AI Act
https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai - IBM puts the global average cost of a data breach in 2025 at USD 4.44 million.
Source: IBM, Cost of a Data Breach Report 2025
https://www.ibm.com/reports/data-breach
Further reading
German Data Protection Conference – Guidance on AI and Data Protection
https://www.datenschutzkonferenz-online.de/orientierungshilfen.html
European Data Protection Board – Opinion 28/2024 on AI Models and GDPR
https://www.edpb.europa.eu/news/news/2024/edpb-opinion-ai-models-gdpr-principles-support-responsible-ai_en
German Federal Ministry of Labour and Social Affairs – AI Use in the Workplace
https://www.bmas.de/DE/Service/Publikationen/Broschueren/inqa-109-ki-einsatz-im-betrieb.html
Can customer data be entered into ChatGPT?
Customer data should not be entered into private or unapproved AI tools. Processing may be possible only if purpose, legal basis, contract, vendor review, safeguards, and internal approval are clear. In practice, employees should use anonymized examples, placeholders, or approved enterprise systems when working with customer-related content.
Is ChatGPT GDPR-compliant?
ChatGPT is not automatically GDPR-compliant and not automatically prohibited. The answer depends on the version, the data being processed, the contractual terms, and the active settings. Enterprise-controlled versions can be easier to govern than private accounts. Still, every company needs its own review and clear usage rules.
Which AI tools may employees use?
Employees should use only AI tools that have been reviewed and approved by the company. A useful approval list distinguishes between permitted, restricted, and prohibited tools. It should also define which data classes may be processed and when employees must consult privacy, IT, or management before using AI.
How do companies create an AI policy?
An AI policy should be short, clear, and practical. It needs approved tools, data classes, examples, customer communication rules, requirements for reviewing AI output, and a process for new tools. The language must be understandable in daily work, not just suitable for a legal archive.
When should the works council be involved in AI adoption?
The works council should be involved early, especially when AI systems change workflows or could be used to evaluate behavior or performance. Co-determination rights under German employment law may apply. Early involvement builds trust and prevents technically useful AI projects from being blocked later for organizational reasons.
When is a DPIA required for AI?
A data protection impact assessment becomes relevant when AI is likely to create a high risk for individuals. This may apply to sensitive data, employee evaluation, profiling, automated decisions, or large-scale processing of personal data. Not every AI tool requires a DPIA, but every relevant project should undergo a structured preliminary privacy review.
What are typical privacy mistakes when using AI?
Typical mistakes include private AI accounts, direct input of customer data, missing tool approvals, unchecked AI outputs, unclear responsibilities, and no employee training. Shadow AI is especially risky because companies then do not know which data is processed or which AI-generated content influences customer communication and internal decisions.
How should AI be used in customer communication?
AI should initially support customer communication as a drafting and assistance tool. Sensitive statements about prices, contracts, complaints, deadlines, or liability must be reviewed by a human. If customers interact directly with an AI system, that should be transparent, and there should always be a way to reach a human contact.
