What are the GDPR implications of using AI in the UK?

8 June 2026

The short answer: AI makes GDPR evidence harder, not optional

The main GDPR implication is simple: if an AI system processes personal data, UK GDPR applies. It does not matter whether the tool is called AI, automation, machine learning, an agent, a chatbot, Copilot, a recommender, a classifier or a workflow assistant. If it uses information about identifiable people, your business needs a lawful basis, a clear purpose, proportionate data use, transparency, security and proof that the system can respect people's rights.

The risk is higher than many leaders think because AI is often introduced informally. A member of staff pastes a customer email into ChatGPT. A sales team connects a CRM enrichment tool. HR tests CV screening. Support uses AI to summarise tickets. Marketing builds segments from behavioural data. None of those examples is automatically unlawful, but all of them can create GDPR exposure if nobody has checked the data flow, supplier terms, retention setting, lawful basis, access control or accuracy of the output.

UK adoption is still uneven, which makes governance maturity patchy. DSIT's 2026 AI Adoption Research found that around 1 in 6 UK businesses, 16 percent, were using at least one AI technology, while 80 percent neither used AI nor had plans to adopt it. Among businesses that had adopted AI, natural language processing and text generation were the most common uses, at 85 percent of AI adopters. That matters because text tools are exactly where staff are most likely to paste personal data casually.

The honest position is this: using AI with personal data is not a quick software decision. It is a data processing decision. You need to be able to show what data the AI uses, why that use is lawful, whether the AI is necessary, how people are informed, how errors are corrected, how access is controlled and what happens if someone challenges a decision.

Sources: DSIT AI Adoption Research 2026 and ICO guidance on AI and data protection.

You usually need a DPIA before high-risk AI goes live

A data protection impact assessment, or DPIA, is one of the first practical controls to put in place. The ICO says that in the vast majority of cases, AI will involve processing likely to result in a high risk to people's rights and freedoms, which means a DPIA is legally required. Even where you decide a DPIA is not required, you should document how you reached that conclusion.

A DPIA should not be a box-ticking PDF written after the project has already launched. It should describe the data flow, purpose, lawful basis, data categories, scale, sensitivity, suppliers, risks, mitigation measures, human involvement and residual risk. For AI, it should also explain why AI is the right tool, whether a less intrusive option would work, what level of error is acceptable, how bias will be tested and how the system will be monitored after launch.

This is where many UK businesses fail. They buy the AI tool first and ask the data protection question later. That sequence is backwards. If the tool reads customer accounts, ranks leads, summarises health or care notes, scores job applicants, detects fraud, recommends credit decisions, triages complaints or automates support responses, the DPIA should be started before procurement is finalised. Otherwise you may discover too late that the supplier trains on your inputs, stores data outside the UK or EEA, lacks an adequate deletion process, cannot support rights requests or cannot explain how significant decisions are made.

The DPIA also helps you avoid waste. DSIT found that uncertainty around regulation was seen as a significant barrier by 72 percent of businesses that cited barriers to AI adoption, with finance and real estate firms particularly likely to report unclear regulation as significant. A proper DPIA turns uncertainty into a decision record. It shows what the business considered, what it rejected and what controls were chosen.

Practical minimum: complete a DPIA before any AI use that involves special category data, automated scoring, employee monitoring, children, vulnerable groups, financial eligibility, recruitment decisions, biometric data, large-scale profiling or data from multiple systems being matched together.

Source: ICO accountability and governance guidance for AI.

Lawful basis, transparency and data minimisation still apply

AI does not give you a new lawful basis. You still need one of the UK GDPR lawful bases for processing personal data, such as contract, legal obligation, legitimate interests, consent, public task or vital interests. For special category data, such as health data, biometric data, ethnicity, political opinions, trade union membership or sex life and sexual orientation, you also need an Article 9 condition.

The practical problem is that AI systems often blur purposes. A helpdesk ticket may be collected to resolve a support issue, then later used to train a chatbot, classify customers, generate sales insight or benchmark staff performance. Those are not automatically compatible purposes. You need to decide whether the new use is compatible with the original purpose, whether people have been told, whether the data can be minimised or anonymised and whether the supplier is allowed to use it for its own training.

Transparency matters because people have a right to understand how their data is being used. That does not mean publishing source code or model weights. It does mean explaining, in plain English, when AI is used, what data it processes, what decisions or recommendations it supports, whether humans review outputs and how people can challenge or correct errors. If your privacy notice still says nothing about AI while your team is using AI inside CRM, HR, marketing or support, that is a gap.

Data minimisation is equally direct. Do not send a whole customer record to an AI system if the task only needs the latest support issue. Do not paste a full CV if the model only needs to draft interview questions from role-relevant experience. Do not include names, addresses, payroll numbers, medical notes or complaint history unless the use case genuinely needs them. Where possible, redact, summarise, pseudonymise or retrieve only the minimum fields needed for the task.

A useful working rule is this: if you would be uncomfortable showing the data subject exactly what you sent to the AI tool, stop and redesign the process.

Suppliers, controllers and processors need to be nailed down

AI supplier relationships are often more complicated than normal software procurement. The ICO says organisations should assess and document whether each party is a controller, joint controller or processor. Labels in a contract do not decide this on their own. The real question is who decides the purpose and means of processing.

If you choose the business purpose, provide the customer data and instruct the AI provider to process it for you, you may be the controller and the provider may be a processor for that part of the service. But if the provider uses your data to improve its own model, decide training methods, set model evaluation choices or reuse data across customers, it may be acting as a controller for some processing. That changes the risk, the contract, the privacy notice and the due diligence required.

Before using an AI supplier with personal data, ask direct questions. Will our prompts, uploaded files, outputs or feedback be used to train or improve models? Where is data stored and processed? What subprocessors are used? Can we opt out of training? Can we delete data? What retention periods apply? Can the supplier support subject access requests? Are logs available? What security certifications exist? Is there a UK, EEA or adequacy-backed transfer mechanism? What happens if the supplier changes model, region or subprocessors?

Large vendors such as Microsoft, Google, OpenAI, Anthropic, Amazon, Salesforce and Adobe usually provide enterprise documentation, data processing terms and admin controls. Smaller tools may be faster and cheaper, but their GDPR evidence can be weaker. That does not make them unusable. It means you need to match the supplier to the data risk. A low-risk drafting tool for non-sensitive internal copy is different from an AI agent connected to HR records, medical referrals, financial accounts or live customer support.

Source: ICO guidance on controller and processor relationships in AI.

Automated decisions need stronger safeguards in 2026

The most sensitive AI use cases are those that make or heavily influence decisions about people. Hiring, dismissal, credit, insurance, benefits, housing, pricing, fraud, education, healthcare and access to services all sit in this category. The Data (Use and Access) Act 2025 changed the UK framework for automated decision-making, with major data protection provisions coming into force on 5 February 2026. The direction is more permissive than the old Article 22 model in some situations, but it is not a free pass.

The practical test is whether the decision is significant and based solely on automated processing, meaning there is no meaningful human involvement. If an AI system recommends a decision and a human simply clicks approve without the authority, training, time or evidence to change the outcome, that may not be meaningful human involvement in reality. Calling a process 'human in the loop' is not enough.

For significant automated decisions, you need safeguards. At minimum, people should be informed, able to make representations, able to obtain human intervention and able to contest the decision. You also need records showing how the decision was made, what data was used, what role the AI played, what review happened and how errors are corrected.

This is not theoretical. In 2025, the ICO welcomed an Upper Tribunal judgment in the Clearview AI case. The ICO had fined Clearview AI 7.5 million pounds in 2022 and issued an enforcement notice after images of UK residents were scraped from the web and social media for a facial recognition database. The 2025 judgment clarified that companies monitoring the behaviour of UK residents can be within scope of UK data protection law even if based overseas. Clearview was a facial recognition case, but the lesson is wider: AI systems that affect UK people can attract UK data protection scrutiny.

Sources: GOV.UK Data Use and Access Act data protection changes and ICO Clearview AI Upper Tribunal update.

The cost of getting this wrong is not just a fine

The headline penalty is real. The ICO's fining guidance states that the higher maximum amount under UK GDPR is 17.5 million pounds or, for an undertaking, 4 percent of total worldwide annual turnover in the preceding financial year, whichever is higher. Most SMEs will not face anything close to that, but the maximum exists for a reason.

The more common costs are messier: pausing an AI rollout, reworking supplier contracts, deleting data, handling complaints, responding to subject access requests, rebuilding trust with staff, explaining a flawed automated decision, losing procurement opportunities or discovering that evidence does not exist when a customer, employee, insurer or regulator asks for it.

There is also a cyber security angle. NCSC guidance says cyber security is a necessary precondition for safety, resilience, privacy, fairness, efficacy and reliability of AI systems. For generative AI and agentic workflows, prompt injection, data leakage, insecure tool access and excessive permissions can turn a data protection problem into an incident. If an AI agent can read email, search documents and update CRM, the GDPR question is inseparable from access control and logging.

A proportionate AI GDPR control set for a UK business should include an AI use register, approved tools list, staff rules on what data can be entered into AI systems, DPIA process, supplier due diligence, privacy notice updates, role-based access, logging, output review, retention settings, incident response and a process for subject access, deletion, correction and automated decision challenges.

For smaller firms, this does not need to become a 60-page policy on day one. Start with the workflows that touch personal data and rank them by risk. Customer support, HR, finance, recruitment and healthcare-related workflows usually come first. Low-risk internal drafting can be governed more lightly. The point is proportionality, not paralysis.

Sources: ICO UK GDPR maximum fine guidance and NCSC AI and cyber security guidance.

When this does NOT apply

This does not apply in the same way if your AI system does not process personal data. For example, using AI to summarise public government guidance, draft generic website copy, analyse anonymous machine telemetry, generate design ideas or classify non-personal stock data may fall outside UK GDPR. You still need confidentiality, copyright, procurement and security checks, but the data protection burden is lower.

It also does not mean every use of AI needs legal sign-off. A small business can safely use approved AI tools for low-risk internal drafting if staff are trained not to enter personal, confidential or client-sensitive data. The mistake is treating a low-risk drafting use case the same as an AI workflow that scores applicants, writes to CRM, triages vulnerable customers or reviews employee performance.

The red line is personal data plus consequence. If the AI uses identifiable data and the output affects a person, budget, access to a service, employment, reputation, complaint handling or legal rights, slow down and document the control set before deployment.

Is This Right For You?

This guidance is right for you if your UK business is using AI with customer data, staff data, sales records, support tickets, CRM notes, HR records, call transcripts, finance data, marketing lists, CVs, images, behavioural analytics or any other information that can identify a living person.

It is less relevant if your AI use is limited to public information, anonymous operational data or internal brainstorming that never includes personal data. Even then, you still need security, procurement and confidentiality controls. This is practical guidance, not legal advice. For high-risk use cases such as hiring, lending, healthcare, insurance, children, vulnerable people or automated eligibility decisions, get specialist legal and data protection advice before deployment.

Frequently Asked Questions

Can UK businesses use ChatGPT, Copilot or Gemini under GDPR?

Yes, but only with the right controls. Use business or enterprise versions where possible, check whether prompts and files are used for training, restrict what staff can enter, update policies and complete a DPIA for higher-risk personal data use.

Does GDPR apply if staff paste customer emails into an AI tool?

Yes. A customer email usually contains personal data. The business needs a lawful basis, a compatible purpose, supplier controls, security, retention rules and transparency. Casual pasting into an unapproved public AI tool is a real risk.

Do we need consent to use AI with personal data?

Not always. Consent is only one lawful basis and is often the wrong basis for employee or operational processing. Many business uses rely on contract, legitimate interests or legal obligation, but you must assess and document the basis properly.

Is anonymised data outside GDPR?

Properly anonymised data is outside UK GDPR, but the bar is high. If people can still be identified directly or indirectly, including through combinations of data, it is personal data. Pseudonymised data is still personal data.

Do we need a DPIA for every AI tool?

No. You need a DPIA where processing is likely to be high risk, and many AI uses with personal data will be. Low-risk internal drafting may not need one, but you should still record why you decided it was low risk.

What should we tell customers or staff about AI use?

Tell them when AI is used, what personal data it processes, why it is used, whether it affects decisions, whether humans review outputs, who receives the data, how long data is kept and how they can exercise their rights.

Can AI make automated decisions about people in the UK?

It can in some circumstances, but significant solely automated decisions need safeguards. People should be informed, able to obtain human intervention, able to make representations and able to contest the decision.

What is the first practical step for GDPR-safe AI adoption?

Create an AI use register. List every AI tool, owner, purpose, data type, supplier, lawful basis, risk level, DPIA status, retention setting and whether outputs affect people. You cannot govern what you cannot see.