AI EngineeringWiki

Privacy Practices

Compliance · 5 min

Practical steps to implement data protection in your AI projects.

Technical & Organizational Measures (TOM)

Encryption at rest and in transit
Access controls and authentication
Logging and monitoring
Regular security testing
Staff training
Incident response plan

Data Processing Agreement (DPA)

Contract with all processors
Processors must meet GDPR standards
Right to audit
Sub-processor approval required

Documentation

Art. 30 Processing Records
Data Protection Impact Assessment (DPIA)
Consent management
Processing purposes
Retention schedules

Data Subject Rights

Right	Deadline
Access	1 month
Rectification	1 month
Erasure	1 month
Portability	1 month

AI-Specific Considerations

Log AI decisions for accountability
Document training data sources
Implement human oversight
Regular bias testing
Transparency in AI communications

Next step: operationalize compliance

Use ready-to-run GDPR templates, checklists and practical guidance for AI systems that need documentation and auditability.

View Products View all products

Why AI Engineering

Local and self-hosted by default
Documented and auditable
Built from our own runtime
Made in Austria

Not legal advice.