Skip to main content

GPT and GDPR-compliance

Can GPT Be Used in Compliance With GDPR Regulations?

With LoyJoy, you have full control over how and for what purpose you use generative AI like GPT to drive your business. However, some businesses are concerned that the use of GPT does not comply with the European GDPR and that customer data is stored outside of the EU. In this guide, we will take a look at the facts of using GPT for businesses in Europe and how integrating GPT technology with the LoyJoy platform is GDPR compliant.

GPT Solution for Businesses

OpenAI provides two versions of GPT. One is the web-based version, the consumer product that can be used by anyone with an OpenAI account. There is a free version and a Pro version. The other is the business API offered by OpenAI and Microsoft Azure (Azure is available in the EU and the US, while OpenAI is only available in the US). Both companies provide access to the GPT API. Using Microsoft Azure, companies can choose a storage location, including Western Europe. LoyJoy by default uses the Western Europe location. Therefore, customer data will not be stored outside the EU. Both providers do not use user data to improve or train the AI algorithms. In addition, data is only stored for a retention period of 30 days and then deleted automatically. To comply with current data protection regulations, both companies offer up-to-date Data Processing Agreements (DPAs) that are GDPR compliant. LoyJoy has signed DPAs with Microsoft and OpenAI.

Use GPT With LoyJoy

At LoyJoy, we use the Microsoft Azure service to ensure that data is only stored within the EU. Therefore, using GPT should not pose any risk. In this way, many successful customer solutions using the GPT API have been developed. For further information visit one of our GPT webinars.