GDPR-Compliant AI: How to Use LLMs Without Sharing User Data

To use LLMs in a GDPR-compliant way, run fine-tuned models locally on your own infrastructure so that user data never leaves your network — this eliminates the need for third-party Data Processing Agreements, international transfer assessments, and complex sub-processor management. According to the European Data Protection Board, every API call that transmits personal data to a cloud LLM constitutes data processing under GDPR Article 28, triggering a cascade of compliance obligations. GDPR enforcement is significant: DLA Piper's GDPR fines tracker reports that cumulative GDPR fines exceeded EUR 4.5 billion by early 2025, with data transfer violations among the largest penalties.

This guide explains the specific GDPR risks of cloud AI APIs, what compliance actually requires, and how local inference with fine-tuned models solves the problem at its root.

The Problem with Cloud AI and GDPR

Every API Call Is Data Processing

Under GDPR, sending personal data to a third-party API constitutes data processing. When your application sends a user's text to an LLM endpoint, you've transmitted personal data (or potentially personal data) to a processor. This triggers several obligations:

• Data Processing Agreement (DPA) — you need a legally binding agreement with the API provider covering how they process the data, retention periods, and breach notification procedures.
• Lawful basis — you need a valid legal basis for this processing (consent, legitimate interest, or contractual necessity).
• Data minimization — you must only send the minimum data necessary for the processing purpose.
• Right to erasure — if a user requests deletion, you need to ensure the API provider also deletes any retained data.
• Transfer safeguards — if the API provider processes data outside the EU/EEA, you need Standard Contractual Clauses or another transfer mechanism.

Where It Gets Complicated

Most cloud AI providers' terms of service are written to give them broad latitude with submitted data. Even when they promise not to use your data for training, the data still:

• Transits their network infrastructure
• Is processed on their servers (potentially across jurisdictions)
• May be logged for abuse detection, debugging, or safety monitoring
• Could be subject to government data access requests in the provider's jurisdiction

For applications handling sensitive categories of personal data — health information, financial data, biometric data — the risks multiply. GDPR Article 9 imposes additional restrictions on processing special categories of data, and most cloud AI DPAs don't provide the specific safeguards required.

What GDPR Compliance Actually Requires

For Cloud AI APIs

If you choose to use cloud AI APIs with personal data, you need at minimum:

1. A compliant DPA with the API provider that specifies processing purposes, data categories, retention periods, and sub-processor lists
2. A Data Protection Impact Assessment (DPIA) — required under Article 35 when processing is likely to result in high risk to individuals
3. Updated privacy notices — informing users that their data is processed by the AI provider
4. Transfer impact assessments — if data leaves the EU/EEA
5. Technical measures — encryption in transit, access controls, data minimization
6. Records of processing activities — documenting the AI processing in your Article 30 records

This is achievable but creates ongoing compliance overhead. Every change to the API provider's terms, sub-processor list, or data center locations requires review.

For Local Inference

When the model runs on your infrastructure and data never leaves your network:

• No third-party processor — no DPA needed for AI inference (you're the controller and processor)
• No international data transfers — data stays in your infrastructure
• Full control over retention — delete data on your terms
• Simplified DPIA — lower risk profile when data doesn't leave your perimeter
• Simpler privacy notices — no need to disclose third-party AI processing

This doesn't eliminate GDPR obligations — you still need a lawful basis for processing, must honor data subject rights, and must implement appropriate security measures. But it removes an entire category of compliance complexity.

The Local Inference Approach

Architecture

User → Your Application → Local Model → Response
         (your infrastructure — data never leaves)

Compare with the cloud approach:

User → Your Application → Cloud API → Response
         (data crosses organizational and possibly jurisdictional boundaries)

How to Implement

1. Fine-tune a model on your domain data — the model learns your task without needing to retrieve personal data at inference time
2. Export as GGUF — a portable format that runs on standard hardware
3. Deploy on your infrastructure — your servers, your VPC, or your on-premise hardware
4. Serve locally — use Ollama, llama.cpp, or vLLM as the inference engine

The fine-tuning step happens once (or periodically as you improve the model). All subsequent inference is entirely local.

What About Training Data?

Fine-tuning itself involves data processing. If you use personal data for training, you need:

• A lawful basis for using that data to train a model
• The data to be appropriately de-identified where possible
• A DPIA covering the training process
• Appropriate retention policies for training data

With Ertas, fine-tuning runs on managed cloud GPUs but the training data handling is governed by a DPA. Once training is complete, the model weights (which don't contain recoverable personal data) are exported as GGUF for local deployment.

Practical Compliance Checklist

Before Building

• Determine if your AI feature will process personal data
• Identify the lawful basis for processing
• Decide between cloud API and local inference based on risk assessment
• Complete a DPIA if processing is high-risk

For Local Deployment

• Fine-tune a model on appropriately de-identified data
• Deploy the model within your infrastructure perimeter
• Implement access controls on the inference endpoint
• Log inference requests for your own audit purposes
• Document the processing in your Article 30 records
• Update privacy notices to reflect AI-assisted processing (no third-party disclosure needed)

For Cloud API (if unavoidable)

• Execute a DPA with the API provider
• Verify sub-processor list and data center locations
• Implement data minimization — strip unnecessary personal data before API calls
• Complete a transfer impact assessment if data leaves EU/EEA
• Update privacy notices to disclose the AI processor
• Establish a process for handling data subject access/deletion requests across both your systems and the API provider

Beyond GDPR

The same principles apply to other privacy regulations:

Local inference doesn't just solve GDPR compliance — it simplifies compliance with virtually every privacy regulation by removing the third-party data flow entirely.

How Ertas Helps

Ertas provides the training infrastructure to create fine-tuned models that you then deploy locally:

• Studio — fine-tune models on managed cloud GPUs with a visual interface
• Vault — enterprise-grade encrypted storage with audit trails for training data
• GGUF export — download your model for deployment on any local infrastructure

The training phase uses Ertas's cloud. The inference phase is entirely yours. This separation means you get cloud convenience for the computationally expensive training step while maintaining full data control where it matters most — at inference time, when real user data is being processed.

Lock in early bird pricing at $14.50/mo for life — increases to $34.50/mo at launch. Join the waitlist →

Frequently Asked Questions

Is using ChatGPT GDPR compliant?

Using ChatGPT or similar cloud LLM APIs with personal data is not automatically GDPR compliant. Every API call that includes personal data constitutes data processing under GDPR, requiring a Data Processing Agreement with the provider, a valid lawful basis, a Data Protection Impact Assessment for high-risk processing, and updated privacy notices. OpenAI does offer a DPA and data processing controls for enterprise customers, but the compliance burden falls on you as the data controller to ensure all requirements are met — including international data transfer safeguards if data is processed outside the EU/EEA.

Can I fine-tune AI models with personal data under GDPR?

Yes, but you need a lawful basis for using personal data as training data (such as legitimate interest or consent), must de-identify the data where possible, and should complete a DPIA covering the training process. The resulting model weights do not contain recoverable personal data, so the fine-tuned model itself can be deployed without the same processing concerns. If you use a cloud service for fine-tuning, you also need a DPA with that provider covering the training phase.

What GDPR article applies to AI processing?

Several GDPR articles are relevant to AI. Article 28 governs the controller-processor relationship (relevant when using third-party AI APIs). Article 35 requires Data Protection Impact Assessments for high-risk processing, which AI typically qualifies as. Article 22 restricts automated decision-making that significantly affects individuals. Articles 44-49 govern international data transfers, critical when AI providers process data outside the EU/EEA. Article 9 adds extra protections for special categories of data (health, biometrics) that AI systems often handle.

How do GDPR fines work for AI violations?

GDPR fines can reach up to EUR 20 million or 4% of annual global turnover, whichever is higher. According to DLA Piper's GDPR Fines Survey, cumulative fines exceeded EUR 4.5 billion by early 2025. Data transfer violations have attracted some of the largest penalties — Meta was fined EUR 1.2 billion in 2023 for transferring EU user data to the US. As AI regulation increases under the EU AI Act, enforcement around AI-specific data processing is expected to intensify.

Further Reading

• Privacy-Conscious AI Development — the broader case for privacy-first AI
• Running AI Models Locally — hardware, tools, and deployment options
• The Hidden Cost of Per-Token AI Pricing — the economic case for local inference