GDPR / AVG

GDPR Compliance

IntraGPT is fully designed with privacy-by-design. No data to America. No training on your data.

The risk of Big Tech AI for European privacy

Many organisations use American AI tools without realising the privacy risks. The CLOUD Act forces US companies to hand over data, regardless of where it's stored.

US government can request data via CLOUD Act

Your data may be used for model training

No transparency on data processing

Schrems II makes US transfers legally risky

Regulators tightening AI oversight

How IntraGPT ensures GDPR compliance

Data Minimisation

We only process necessary data. No tracking, no profiling.

Transparency

Full visibility into what data is processed, by whom, when and why.

Data on Dutch Soil

All data stored and processed in Dutch data centres. No transfers outside the EU.

Right to Erasure

Full support for data deletion on request.

DPIA Support

Documentation and support for Data Protection Impact Assessments.

Data Processing Agreement

Standard DPA available meeting all GDPR requirements.

Our privacy promise

Your data is never used for training. Never leaves the Netherlands. Always under your control.

Sources & legislation

Regulation (EU) 2016/679 — General Data Protection Regulation (GDPR)
US CLOUD Act (H.R.4943) — compels US companies to hand over data regardless of storage location
FISA Section 702 — NSA surveillance of non-US persons
Schrems II (C-311/18) — CJEU: US provides inadequate protection
Dutch Data Protection Authority (AP) — GDPR supervisory authority in the Netherlands

Free whitepaper

AI in Europe: AI Act & GDPR in practice

Why organisations deploying AI in Europe choose local, open-weight AI like IntraGPT to truly comply with the AI Act and GDPR.

AI Act risk classification and what it means for your use cases
GDPR & data processing: why Big Tech APIs are legally problematic
Practical checklist for compliant AI implementation
Why local hosting + open-weight is the only sustainable route