International Data Transfers in AI

·

Choosing an AI service with an EU data region does not, on its own, prove there are no international transfers. Hosting, support, telemetry, sub-processors, backups and remote access all need to be checked. Whenever personal data is made available to an entity outside the EEA, Chapter V of the GDPR applies on top of every other processing obligation.

Map the real data flow

The first step is to build an inventory covering every data flow involved in using the AI service:

For each flow, record the exporter, the importer, the country, the purpose, the data category, the frequency, the transfer mechanism and the retention period.

A data region is not the same as no access

A provider can store data in the EU and still allow support from third countries, or rely on sub-processors with a global footprint. The assessment must therefore be based on the contract and the actual architecture of the service, not on the region selector shown in the interface.

The question to answer is who can access the data, with what credentials, from where, and whether that access is technically possible, regardless of where the data is advertised to reside.

Order of mechanisms

Adequacy decision

If the European Commission has recognised an adequate level of protection for the destination country, data can flow under that decision, subject to its scope and conditions.

Article 46 safeguards

Absent an adequacy decision, standard contractual clauses (SCCs), binding corporate rules or other valid mechanisms can be used. The 2021 SCCs require specific annexes and a genuine description of the measures actually applied, not a generic boilerplate reference.

Article 49 derogations

These are designed for specific, one-off situations and must not be used to support transfers that are massive, repetitive and structural.

SCCs and annexes

The annexes to the standard contractual clauses must identify:

Copying the phrase “encryption and access control” without describing how it is actually implemented is not enough to support the required safeguards.

Transfer impact assessment (TIA)

A transfer impact assessment (TIA) examines whether the law and practice of the destination country could undermine the agreed safeguards. It should cover:

  1. the transfer and the mechanism used;
  2. the country and the importer;
  3. relevant legislation in the destination country;
  4. documented experience, where relevant;
  5. the possibility of public authority access to the data;
  6. applicable supplementary measures;
  7. residual risk after applying the measures;
  8. approval and periodic review.

A TIA must not rely solely on the provider's own representations.

Supplementary measures

Technical

Contractual

Organisational

If no measure can guarantee protection essentially equivalent to that of the EU, the transfer must not go ahead.

AI-specific considerations

AI services can generate derived data, embeddings or inferences. Even when they do not reproduce the original data verbatim, these outputs can still be personal data and must be included in the transfer analysis.

It is also necessary to check whether the provider uses the content to improve its own models. That purpose can change its role in the processing and require a different legal basis, more information for data subjects, and tighter control by the customer.

Sub-processors

The contract must set out the list, location, role and change mechanism for sub-processors. A general authorisation requires prior notice and a genuine right to object under the applicable terms, not a clause that empties it of substance.

A long chain of sub-processors increases uncertainty. It must be possible to identify who hosts the data, who moderates it, who monitors it and who provides support at every link in the chain.

Transfers through connected tools

An AI agent can send data to search engines, email, CRM systems or connected plugins. Each tool is an independent flow that must be assessed separately. Permissions and recipients must be explicitly restricted; the model itself cannot be left to decide the destination jurisdiction.

Records and transparency

The record of processing activities (RPA) must reflect the transfers and the safeguards applied. Information given to data subjects must mention the destination countries or categories, the mechanisms used, and how to obtain a copy of the safeguards where applicable.

Transparency alone does not legitimise a disproportionate transfer: a legal basis and a genuine need must exist first.

Ongoing review

Several triggers require the analysis to be revisited:

The contract and its analysis are monitored on an ongoing basis; they are not filed away once and forgotten.

Review plan

Week 1

Technical and contractual inventory.

Week 2

Roles, countries and mechanisms.

Week 3

Transfer impact assessment (TIA) and supplementary measures.

Week 4

Decision, documentation and configuration.

Common mistakes

  1. Relying solely on the provider offering an EU region.
  2. Ignoring support access and telemetry.
  3. Signing the SCCs without completing the annexes.
  4. Using Article 49 routinely instead of as an exception.
  5. Failing to assess embeddings as possible personal data.
  6. Not knowing who the sub-processors are.
  7. Leaving the agent's connected tools uncontrolled.
  8. Encrypting with keys managed by the same provider without assessing the risk.
  9. Not informing data subjects.
  10. Not reviewing later changes to the service.

Checklist

Frequently asked questions

Does hosting in Europe avoid international transfers?

Not necessarily. Support, sub-processors and remote access from outside the EEA must also be reviewed.

Are the SCCs always enough?

No. The context of the destination country must be assessed, and supplementary measures applied where needed to achieve protection essentially equivalent to that of the EU.

Is an embedding personal data?

It can be, if it relates to an identified or identifiable person, or allows them to be singled out or inferred. It must be assessed case by case, depending on the context.

Can consent be used as the basis for these transfers?

The Article 49 derogations (including explicit consent) are restrictive and are rarely an adequate basis for structural, recurring services.

Official sources consulted

Summum Consultoría can map the data flows, review the SCCs and TIA, and coordinate the necessary technical and organisational measures.