Glossary
GDPR & AI
What the General Data Protection Regulation means for AI assistants.
The GDPR (General Data Protection Regulation) governs how personal data may be processed in the EU. For AI assistants it is highly relevant: as soon as a chatbot talks to real users, it processes personal data — often in every message. Principles such as legal basis, purpose limitation, data minimisation, transparency and the rights of data subjects therefore apply.
What matters most with AI
Four points are decisive for AI assistants: EU hosting to avoid third-country transfers; a data processing agreement (DPA) with the provider; controlled retention that doesn’t store data longer than necessary; and the protection of personal data (PII) that users carelessly type into a chat box.
GDPR & AI at Kyros
Kyros is built for the DACH market from the ground up: EU-hosted, German-first and available bilingually. Moderation withholds personal data before it reaches the model or gets stored; retention is configurable (default 30 days, disabled or a custom period); an audit log with 21 action types provides traceability; and the chat widget ships with a GDPR-worded privacy panel. You’ll find details on the GDPR page and in the article GDPR-compliant AI chatbots.
Frequently asked question
AI that keeps privacy in mind.
14-day free trial. No credit card. EU-hosted.