A review of data protection and compliance for the four major AI models – Claude, ChatGPT, Gemini and Copilot

It is two years since generative AI moved into workplaces in earnest. Today the question is rarely whether a business should use AI tools, but how to do so responsibly. For businesses that process personal data – and that is almost all of them – this is not an optional extra. It is a precondition for the use being lawful at all.

Our experience is that most businesses ask the wrong question first. They ask “which tool is best?” when they should be asking “what does it take for us to use an AI tool lawfully, and which of the providers meet that standard?” This article takes the second question. We go through the legal requirements, and then compare the four providers that businesses across Norway, Sweden, Finland and Denmark are most likely to encounter.

Why AI use is a data protection question

When an employee pastes a document into an AI chat, or asks the assistant to summarise an email thread, personal data is being processed. The document typically contains names, contact details and information about identifiable individuals – customers, employees, opposing parties. In the language of the GDPR, the business is the controller of that data, and the AI provider acts as a processor on the business’s behalf.

That triggers a series of requirements. The business must have a legal basis for the processing. It must have a data processing agreement with the provider. It must know where the data is processed, and whether it is transferred outside the EU/EEA. And it must assess whether the use requires a data protection impact assessment (DPIA). None of these requirements are new or specific to AI – they apply to any use of an external processor. But AI tools make them pressing, because the threshold for sharing large volumes of information has become so low.

On top of this comes the EU Artificial Intelligence Act, the AI Act, which is being phased in towards the summer of 2026 and applies across the Nordics – directly in Sweden, Finland and Denmark, and in Norway through the EEA Agreement. The regulation classifies AI systems by risk. For most businesses using an ordinary AI assistant for research and drafting, the tool is not in itself a high-risk system, and the obligations are limited. But they are not absent.

The most concrete obligation that applies regardless of risk class is the requirement of sufficient AI literacy among those who use the system on the business’s behalf. That means employees must have a basic understanding of what the tool does, what it is suited for, and what its limitations are. In addition, the way the tool is used matters: if a business uses AI for decisions affecting individuals – for example in recruitment or credit assessment – the use may fall into a stricter category, regardless of which tool is used. It is the use, not the tool alone, that decides.

The distinction that matters most: business version versus consumer version

If we are to point to the single factor that most often decides whether a business’s AI use is responsible or not, it is this: is a business version or a consumer version being used?

All four major providers offer free or consumer versions – ChatGPT Free and Plus, Claude Free and Pro, the personal Gemini app, free Copilot. These are generally governed by consumer terms. What they have in common is that the provider often reserves the right to use what the user enters to train its models. With several of the providers this setting is on by default, and the user must actively turn it off.

The business versions – with names like Team, Enterprise, Business or Workspace – are governed by commercial terms. Here the default rule is the opposite: the provider does not, as a rule, train its models on the business’s content, and a data processing agreement is included. For a business that will process personal data through AI, a business version is in practice a precondition. An employee using their private ChatGPT account to work on a client document is carrying out processing without a data processing agreement, and potentially with model training on the content.

The six questions a business must ask

Before a business adopts an AI tool for work involving personal data, it should have clarified the following six questions. They apply regardless of which provider is being considered.

1. Is our content used to train the model?

For the business versions of all four providers, the main answer is no – content is not, as a rule, used for model training. But there is one recurring exception to be aware of: feedback functions. With several providers, giving feedback on a response – a “thumbs up” or “thumbs down” – may mean that the entire conversation is stored and can be used to improve the model. The business should either disable this centrally or address it expressly in its routines.

2. Do we have a data processing agreement?

GDPR Article 28 requires a data processing agreement when an external party processes personal data on the business’s behalf. All four providers offer such an agreement for their business versions, usually incorporated into the commercial terms. The business must actively confirm that the agreement applies to its subscription, and archive the dated version as documentation.

3. Where is our data processed and stored?

This is the question with the greatest variation between providers, and the one we examine most closely below. The key point is that there is a difference between where data is processed and where it is stored, and that “processing in the EU” does not always mean that no data leaves the EU/EEA. A business that needs personal data to stay within the EU/EEA must investigate this specifically for the product and licence it is considering.

4. Is data transferred to a third country, and do we have a basis for it?

If a tool involves transferring personal data outside the EU/EEA – typically to the United States – a valid transfer basis is required. In practice this is either the EU Standard Contractual Clauses (SCC) or, for the US, the EU–US Data Privacy Framework where the provider is certified under it. If Standard Contractual Clauses are used, a transfer impact assessment (TIA) is also required – a concrete assessment of whether the data actually receives an adequate level of protection in the recipient country.

5. Does the use require a data protection impact assessment?

When processing is likely to result in a high risk to the individuals concerned, GDPR Article 35 requires a data protection impact assessment (DPIA). Adopting a new AI tool that processes personal data at a certain scale will often trigger such an obligation – particularly where it involves a third-country transfer. A completed DPIA is also good documentation, towards the relevant supervisory authority, that the business has acted with due care.

6. Do we have routines and competence in place?

Finally: the technical and contractual is not enough on its own. The business must have internal routines that tell employees what they may and may not enter into the tool, and training that ensures they understand both the opportunities and the limitations. This is also an express requirement under the AI Act, which obliges businesses to ensure sufficient AI literacy among those who use the tools.

For some businesses there is a further layer. Professions bound by statutory confidentiality – lawyers, healthcare staff, auditors – handle information subject to stricter protection than the GDPR alone. For these, it is not enough that the data protection rules are satisfied; the use must also be compatible with the duty of confidentiality and with professional conduct rules. In practice this means a lower threshold for what is entered, and often that certain matters are kept out of AI tools entirely. Businesses in regulated sectors should assess AI use in light of their own regulatory framework, not just the general data protection rules.

The four majors: how they differ

We now go through the four providers that businesses are most likely to encounter. The review is based on the providers’ own documentation as it stood in the spring of 2026. An important caveat: terms for AI services change quickly. What is set out here is a starting point for an assessment – not a substitute for checking the current terms at the time of contracting.

Claude (Anthropic)

Claude is provided by the American company Anthropic. The business variants are called Claude Team and Claude Enterprise, sold collectively as “Claude for Work”. Both are governed by Anthropic’s commercial terms, and Anthropic does not, as a rule, train its models on content from these. There is a data processing agreement with Standard Contractual Clauses, and Anthropic is certified under, among others, ISO/IEC 27001 and ISO/IEC 42001, the management standard for artificial intelligence.

The most important caveat concerns data location. When Claude is used through the ordinary claude.ai interface, Anthropic itself states that data for commercial products is stored in the US. Processing can be routed to several regions, but the storage itself takes place in the US. This means that using Claude Team through claude.ai involves a transfer to a third country, which must be secured with Standard Contractual Clauses and a transfer impact assessment. Genuine processing entirely within the EU/EEA is, for Claude, in practice only achievable through a different delivery route – via the cloud platforms Amazon Bedrock or Google Vertex AI with a European region configured.

A practical pitfall with Claude is the feedback function: if a user gives feedback via “thumbs up/down”, the entire conversation may be stored for up to five years and used to improve the model. The function can be switched off centrally for the whole organisation, and it should be.

ChatGPT (OpenAI)

ChatGPT is provided by OpenAI. The business variants are called ChatGPT Business (formerly Team) and ChatGPT Enterprise. OpenAI states that content from the business products and from the API is not, as a rule, used for model training, and that the business owns its own input and output. There is a data processing agreement with Standard Contractual Clauses, and OpenAI holds certifications such as ISO/IEC 27001 and SOC 2 Type II.

On data location, ChatGPT differs from Claude on one point: OpenAI has in recent years built out data residency for business customers, and now offers storage in several regions, including Europe. For a business that needs data stored within the EU, ChatGPT Enterprise with European data residency may be an option that is easier to defend than Claude via claude.ai. This presupposes that the business actually configures it and confirms it with OpenAI.

For ChatGPT too, feedback on responses may mean a conversation is used for model improvement. This should be addressed in the business’s routines. The consumer versions ChatGPT Free and Plus are governed by consumer terms and should not be used for work involving personal data.

Gemini (Google)

Gemini is provided by Google and exists both as a standalone app and integrated into Google Workspace. For businesses, it is the Workspace integration and Google’s business variants that are relevant. Google states that content from Workspace with Gemini is not used to train the models, is not shared outside the business without permission, and is not used for advertising purposes. The use is covered by Google’s data processing terms.

Gemini has, like ChatGPT, a relatively strong offering on data location: Google offers data residency in European regions for its business variants, and Workspace has long had regionalised data processing options. For a business that already uses Google Workspace, Gemini has the advantage that the AI tool inherits the data processing terms and security settings the business already has in place.

The personal Gemini app, used with a private Google account, is a different matter. It is governed by consumer terms, and data may be logged and used in ways that differ from the Workspace version. The distinction between “Gemini in Workspace” and “the Gemini app, private” is the decisive one for businesses.

Copilot (Microsoft)

Copilot is Microsoft’s AI assistant, tightly integrated into Microsoft 365. Here it is particularly important to distinguish between the variants, because most businesses with a Microsoft 365 subscription already have Copilot in some form.

Microsoft 365 Copilot Chat is the web-based AI chat that comes with many Microsoft 365 subscriptions at no extra cost. It is web-grounded and does not automatically draw on the business’s documents, but the user can paste content in. Microsoft 365 Copilot with a full licence is a paid add-on. It differs substantially, because it is “work-grounded” – it has access to email, SharePoint, Teams and documents through Microsoft Graph, and can draw in information without the user actively pasting it. For both, Microsoft does not, as a rule, train its foundation models on the business’s data, and data is kept within the business’s tenant.

Two more recent developments deserve attention. First, Microsoft has introduced an arrangement whereby Copilot processing, at times of high load, can be routed out of Microsoft’s so-called EU Data Boundary – to the US, among other places. For newer business accounts this arrangement may be active by default, and it should be checked and deliberately assessed in the admin centre. Second, Microsoft has made Claude models available in parts of Copilot; these are currently outside the EU Data Boundary and are, as a rule, switched off for European customers. Both points illustrate a general lesson: even a provider with strong European data processing commitments may have exceptions that require an active decision.

Overview

The table summarises the main features. It is a simplification – the details depend on the specific variant, licence and configuration, and should be verified against the current terms.

A European alternative worth mentioning: the French provider Mistral, with its assistant Le Chat, positions itself on European data processing and is often raised by businesses that want an EU-based provider. It is less widely used than the four majors, but may be relevant where data location carries particular weight.

Data location: the factor that demands the most attention

Of the six questions we examined, data location is the one that causes the most confusion – and where businesses most often assume something that is not correct.

The most common misconception is that choosing an “EU region” eliminates the need to think about third-country transfers. That is not necessarily so. First, providers distinguish between where data is processed and where it is stored – a service may process data in Europe yet still store it in the US. Second, internal processes at the provider – security review, customer support, incident handling – may take place in other countries even when the main data processing is regionalised. And third, as the Copilot example shows, there may be exception arrangements that move processing out of the European zone when needed.

The consequence is not that businesses should avoid American AI providers. The four majors are all American, and a transfer to the US can be handled lawfully – through Standard Contractual Clauses and a transfer impact assessment, or through the EU–US Data Privacy Framework where the provider is certified. The consequence is that the business must know what actually happens to the data, and document the assessment. A business that believes it has a pure EU solution, but does not, is in a weaker position in the event of a supervisory inspection than one that has acknowledged the transfer and handled it.

It is also worth being aware that the legal position in this area is not finally settled. The EU–US Data Privacy Framework, which simplifies transfers to certified American businesses, is contested, and its validity has been brought before the Court of Justice of the EU. Earlier transfer arrangements between the EU and the US have been struck down twice before. For a business, that means Standard Contractual Clauses, combined with its own transfer impact assessment, are a robust basis to build on – one that does not fall away even if the framework were to be invalidated. Businesses should follow developments, but need not wait for them in order to act.

From assessment to practice: what the business should do

Responsibly introducing AI tools is less about choosing the “right” provider, and more about taking a set of concrete steps regardless of which provider is chosen. We recommend the following order.

1. Choose a business version, and only a business version. Settle the licence, and expressly prohibit the use of private accounts for work involving the business’s information.
2. Confirm and archive the data processing agreement. Make sure the agreement applies to the specific subscription, and keep the dated version.
3. Map data location and transfer. Obtain written confirmation of where data is stored and processed, and clarify whether a third-country transfer takes place.
4. Carry out the necessary assessments. A data protection impact assessment where required, and a transfer impact assessment where the use relies on Standard Contractual Clauses.
5. Switch off what should be switched off. Feedback functions, and with some providers arrangements that route data out of Europe, should be reviewed and set deliberately.
6. Adopt an internal policy, and train your staff. The policy should state clearly what may and may not be entered, which matters are kept out, and who to ask in case of doubt.
7. Establish a regular review. Terms change. The assessments should be reviewed at least annually and on any material change at the provider.

For businesses that process particularly sensitive information – health data, data on criminal offences, or information subject to statutory confidentiality – we additionally recommend that, in an initial phase, such information and matters are kept out of the AI tools. This significantly reduces the consequence of any incident, and gives the business time to build experience before it potentially widens its use.

Concluding advice

Generative AI has become an ordinary working tool, and it is neither possible nor desirable to keep it out of businesses. But the tools process personal data, and when they do, the same rules apply as for any other data processing. The good news is that the requirements are manageable. A business that chooses a business version, has a data processing agreement in place, knows where the data ends up, carries out the necessary assessments and trains its staff, can adopt AI tools on a solid footing.

The four major providers are more alike than different on the most important point – none of the business versions, as a rule, train on the business’s content. Where they differ is on data location and on the less obvious pitfalls. That is where a business should put its investigative effort, and that is where good advice makes the greatest difference.

About the author

Kjell Steffner is a partner at Nordia Law. He works in particular with technology contracts, data protection and the legal aspects of artificial intelligence, advising businesses on the responsible adoption of AI.

The content in this article is based on the providers’ publicly available documentation as it stood in the spring of 2026. Terms for AI services change quickly, and businesses should verify the current terms at the time of contracting. The data protection framework is substantially harmonised across Norway, Sweden, Finland and Denmark, but the concrete assessment should be made under the law of the relevant jurisdiction.