Governance & Compliance

Data Security in Enterprise AI - Data Residency, GDPR and EU AI Act

How do you ensure data security in enterprise AI? Data Residency, EU-only processing, Row-Level Security, tenant isolation. Architecture decisions for CISOs and DPOs.

Dieter Gogolin
Dieter Gogolin
CEO & Co-Founder 5 min read

The Central Question: Where Is the Data?

When an AI agent reads an invoice, processes a sick leave notification, or answers a compliance question, it processes organizational data. Invoice data, personnel data, trade secrets. The first question every CISO and DPO asks: Where is this data processed? Who has access? How long is it stored?

When using ChatGPT, Gemini, or Copilot, the answer is: Data is transmitted to external servers, processed by a third-party provider, and potentially used for training purposes. For regulated organizations, that is not an acceptable answer.

Three Deployment Models

The Gosign architecture supports three deployment models. The choice depends on the protection requirements of the data.

Self-Hosted: All components — models, agents, databases — run in the customer’s own infrastructure. No data leaves the corporate network. This includes the language models: open-source models such as Llama, Mistral, or DeepSeek can be operated locally.

Cloud (EU-only): Processing in EU data centers on Azure, GCP, or AWS. Data Processing Agreements, Standard Contractual Clauses. The models are cloud models (Claude, ChatGPT, Gemini), but processing remains within the EU.

Hybrid: Sensitive data (personnel data, financial data) is processed self-hosted. Non-critical data can run through cloud models. Routing between self-hosted and cloud is rule-based and automatic.

Data Residency in Detail

Data Residency goes beyond the location of the servers. It encompasses:

Processing location: Where is the language model executed? For self-hosted: in the organization’s own data center. For cloud: in a defined EU data center.

Storage location: Where is the processed data stored? Audit trails, decision records, documents. All in the same region as the processing.

Transit path: How does data reach the model and return? For self-hosted: internal network. For cloud: encrypted connection to the EU data center. No transit through third countries.

Backups: Where are backups stored? Backups must meet the same Data Residency requirements as the primary data.

Tenant Isolation

For audit firms, tax advisory practices, and shared service centers, tenant isolation is business-critical. Data from one tenant must not be visible to other tenants — including to the AI system itself.

Isolation is implemented in multiple layers:

Workspace separation: Each tenant has its own workspace with separate API keys, separate document storage, and separate model configurations.

Row-Level Security: At the database level, Row-Level Security ensures that queries only return data belonging to the current tenant. Even if an agent inadvertently issues a cross-tenant query, the database returns only results for the authorized tenant.

Prompt isolation: Prompts and rule sets are tenant-specific. One tenant’s agent has no access to prompts or rule sets of other tenants.

GDPR Compliance

The GDPR (General Data Protection Regulation) sets requirements for processing personal data. In the AI context:

Legal basis: Processing personal data through AI agents requires a legal basis. In the employment context, this is typically: performance of a contract (Art. 6(1)(b) GDPR) or legitimate interest (Art. 6(1)(f) GDPR). In Germany, the Federal Data Protection Act (BDSG) adds sector-specific requirements, particularly for employee data under Section 26 BDSG.

Data minimization: The agent processes only the data required for the specific purpose. No permanent storage of documents in the model. No use of customer data for training purposes.

Right of access: Data subjects can request information about which data was processed. The audit trail documents every processing of personal data.

Erasure: Data is deleted after the retention period expires. Deletion includes the audit trail after the statutory retention periods have elapsed.

The EU AI Act Dimension

Since the EU AI Act entered into force, data security in enterprise AI has a second regulatory layer. The EU AI Act requires:

Data governance for high-risk systems: AI systems used in HR, finance, or legal processes must implement data governance measures — including data quality checks, bias monitoring, and documentation of training data provenance.

Transparency obligations: Organizations must document which data their AI systems process, how decisions are made, and which safeguards are in place. The Decision Layer provides this documentation through its Audit Trail.

Human oversight: For high-risk applications, the EU AI Act requires effective human oversight. This intersects directly with data security: the Human-in-the-Loop mechanism must have access to the relevant data without creating new data security risks.

Employee Representation and Data Security

In Germany, works councils (Betriebsrat) have co-determination rights over the introduction of AI systems under the Works Constitution Act (BetrVG). Across the EU more broadly, employee representation bodies play a key role in ensuring that AI deployments respect employee data rights.

Employee representation bodies typically require transparency about:

  • Which employee data is processed by AI agents
  • Where this data is stored and for how long
  • Who has access to AI-generated decisions about employees
  • How employees can contest automated decisions

These requirements align with GDPR’s transparency obligations and the EU AI Act’s human oversight requirements. The technical implementation — tenant isolation, audit trails, Data Residency — provides the evidence base that employee representatives need.

Architecture Decisions for CISOs

Data security in enterprise AI is not a policy question. It is an architecture question. The decisions are made at the infrastructure level:

  • Self-hosted vs. cloud vs. hybrid — based on data classification
  • EU-only processing zones — enforced by infrastructure, not by contract alone
  • Tenant isolation — enforced by Row-Level Security, not by application logic alone
  • Audit trails — immutable, time-stamped, accessible for auditors and employee representatives

The right architecture makes compliance verifiable rather than promissory.

More on this: LLM Self-Hosting

Book a consultation - We will show you the Data Residency options for your requirements.

Data Residency GDPR Data Security EU AI Act Tenant Isolation
Share this article
LinkedIn X Email

Frequently Asked Questions

Does data leave the organization when using enterprise AI?

That depends on the architecture. With self-hosted models, no data leaves the customer's infrastructure. With cloud models, Data Processing Agreements, Standard Contractual Clauses and regional processing zones ensure GDPR compliance. The deployment model determines the data boundary.

What is Data Residency in the context of AI?

Data Residency means that data is processed and stored within a defined geographic region. For EU-based organizations this typically means: processing exclusively in EU data centers, no transfer to third countries, and backup storage subject to the same residency requirements.

How does tenant isolation work with AI agents?

Each tenant has an isolated workspace. Models, prompts, documents and results of one tenant are invisible to other tenants. Isolation is enforced technically through Row-Level Security, separate API keys and workspace separation.

What does the EU AI Act require for data security?

The EU AI Act requires that high-risk AI systems implement appropriate data governance measures. This includes data quality, bias mitigation, and ensuring training and operational data meet defined standards. Combined with GDPR, it creates a comprehensive data security framework for enterprise AI.

Which process should your first agent handle?

Talk to us about a concrete use case.

Schedule a call