Glossary
GDPR
The GDPR (General Data Protection Regulation) is the EU law that has governed personal data since 2018. It gives you rights (to access, correct and delete your data) and it applies to AI chatbots too: that's why they offer European users opt-outs and deletion tools.
The GDPR is the reason AI companies treat European users with extra care. In force since May 2018, it sets the rules for handling personal data anywhere in the EU, and it applies to any company serving EU users, including OpenAI, Anthropic and Google.
For you, it translates into concrete rights: you can ask what data a company holds about you, have it corrected, have it deleted, and object to certain uses, including, in many cases, the use of your chats for training. Those “export my data” and “delete my account” buttons in chatbot settings exist largely because of this law.
If you run a business, the GDPR also applies to you the moment you process customer data, even through a chatbot. A plumber pasting a client list into an AI tool is processing personal data and is responsible for doing it lawfully (see data controller).
We explain what the rules say; for a specific situation, a national data protection authority or a professional is the right source. Check how each chatbot treats your data with the paste checker.
Where you’ll meet this
- Chatbot privacy policies, which all have GDPR sections for EU users
- “Data Controls” and data-export options in ChatGPT, Claude and Gemini settings
- The EDPB and your national authority’s website for official guidance
Related terms
Put it to work
- Free Skuto Paste Checker Check before you paste: pick what you're about to share and which AI you use, and see in seconds if it's safe — with the vendor's actual terms and a safer alternative.
- Free Get More From AI Already using AI but feel you're scratching the surface? Answer a few questions and get a personal plan to level up: the right assistant for what you do, the plan that's actually worth it, and the settings and prompts that unlock more.