GDPR · Microsoft 365 Copilot

Is Microsoft 365 Copilot GDPR-compliant?

Short answer: conditionally – closer to compliant than ChatGPT or Claude with the right setup.

From a data protection standpoint, Microsoft 365 Copilot is clearly better positioned than the consumer variants of other cloud LLMs: DPA in place, EU Data Boundary available, no model training on customer content. Yet three issues remain: Microsoft is a US corporation (CLOUD Act), Bing Grounding can send data outside the tenant, and for professionals bound by § 203 of the German Criminal Code the combination stays risky.

See the sovereign alternative Request a consultation
Conditional

Realistic to use with an enterprise setup and EU Data Boundary – but not for every use case and not for every industry.

  • DPA in the Enterprise Agreement
  • EU Data Boundary configurable
  • US CLOUD Act still applies
  • Bing Grounding sends data outside the tenant
Sort first

Which Copilot variant do you mean?

„Copilot" is Microsoft's umbrella brand for several products with very different privacy profiles. Confusing them leads straight to a compliance incident.

Microsoft 365 Copilot
Enterprise · with DPA

The classic for businesses: Microsoft 365 E3/E5 plus the Copilot licence. With DPA, tenant binding and EU data processing as an option. For professional use in the DACH region the only seriously auditable variant.

Copilot Pro
Consumer · no DPA

Personal variant for private users. No DPA, no tenant, unsuitable for company use. Anyone typing customer data here regularly breaches the GDPR.

Copilot in Bing/Edge
Consumer · highly critical

The free web variant. Inputs may be processed in Microsoft cloud services outside the EU. Not intended for professional content.

Copilot Studio
Custom agents · with care

Tool for building custom AI agents on the Copilot stack. Inherits the privacy properties of the underlying tenant – only as safe as the setup.

What Copilot does better

Why Microsoft is ahead here from a privacy standpoint

Compared with the consumer tiers of ChatGPT or Claude, Copilot Enterprise offers three hard advantages – and a soft one that only delivers with consistent configuration.

DPA at no extra cost

The Microsoft 365 Enterprise Agreement includes the data processing agreement by default. Unlike ChatGPT Plus or Claude Pro, the „no DPA available" hurdle is gone.

EU Data Boundary

Configurable mode that keeps Microsoft 365 and Copilot data processing primarily in EU data centres. Reduces the third-country risk – but does not fully eliminate it because of the CLOUD Act.

No training on customer content

Microsoft contractually does not train its foundation models on content from your M365 tenant. That is an important difference compared with the consumer plans of other vendors.

Sensitivity Labels & Purview

Microsoft Purview enables classification of documents and emails. Copilot respects these labels and hides protected content accordingly – if Purview is properly set up.

The caveats

Six GDPR questions that remain open even with Copilot

Even in the Enterprise variant with EU Data Boundary there are residual risks that German supervisory authorities consistently raise.

01

US CLOUD Act still applies

Art. 44–49 GDPR · Schrems II

Microsoft is a US corporation. The CLOUD Act forces US parents to hand over data from their subsidiaries – even when storage is in the EU. The Schrems II ruling remains the underlying problem.

02

Bing Grounding sends data outside the tenant

Default configuration

When Copilot includes web search results (Bing Grounding), prompt content leaves the protected tenant and is processed in Bing cloud services. On by default, but can be disabled in the admin centre.

03

A DPIA is mandatory

Art. 35 GDPR

Before rolling out Copilot, a data protection impact assessment is mandatory. Often skipped in practice – then the justification record vis-à-vis supervisory authorities is missing.

04

Professional secrecy stays risky

§ 203 German Criminal Code

Doctors, lawyers, tax advisors, pharmacists, insurers, banks: even with M365 Copilot Enterprise, third-country transfer in the sense of professional secrecy stays problematic. Criminal liability is not excluded.

05

Plug-ins and connectors

Third-party agreements

Copilot extensions (Salesforce, ServiceNow, SAP) forward data to the respective vendors. Each individual extension needs its own legal assessment and DPA.

06

Information duties towards customers

Art. 13 & 14 GDPR

If customer data is processed in Copilot workflows, data subjects must be transparently informed – about recipients, third-country transfer and legal basis. Most privacy policies do not cover this.

Decision aid

When may I use Copilot – and when not?

A quick self-check: if your configuration and use case fit the left column, Copilot is usually acceptable. If anything in the right column applies, you need a better solution.

Most likely OK

  • M365 E3/E5 Enterprise Agreement active
  • EU Data Boundary configured, Bing Grounding off
  • DPIA performed and documented
  • Sensitivity Labels set up via Purview

Not without further measures

  • Copilot Pro or Bing consumer variant in use
  • Professional secrecy under § 203 StGB involved
  • Special categories under Art. 9 GDPR (health etc.)
  • Data protection impact assessment pending
If Copilot isn't enough

What alternatives are there?

Three paths – ranked by protection level. If Copilot doesn't fit or the residual risks are too high, here are your options.

Recommended · highest protection

KOSMO on-premise

KOSMO runs on your own hardware. No US corporation, no CLOUD Act, no third-country transfer, full access to internal sources. Also suitable for § 203 StGB professions.

  • Data never leaves your network
  • No DPA needed (no external processor)
  • RAG on your own knowledge sources
More about KOSMO on-premise
Conditionally suitable · keep Copilot

M365 Copilot with strict policy

If you keep Copilot: disable Bing Grounding, clear usage policies, employee training, regular spot checks and a documented DPIA.

  • Disable Bing Grounding
  • Label sensitive content with Purview
  • Refresh the DPIA annually
Alternative

EU vendor with DPA

Specialised European AI vendors hosting in the EU, offering a DPA and transparent model policy. Lower third-country risk than Copilot, but typically more cumbersome to integrate with Microsoft.

  • Verify the DPA and EU hosting
  • Check the parent company and CLOUD Act exposure
  • Opt out of training on your inputs
Frequently asked

FAQ – the detailed questions about Copilot

Microsoft 365 Copilot is the Enterprise variant with DPA, tenant binding and EU Data Boundary as an option. Copilot Pro is the consumer variant without a DPA, intended for private users. For professional use with customer data, only M365 Copilot is a serious option – Copilot Pro is practically never GDPR-compatible for companies.

Sources & further reading

This page draws on the following public and official sources:

Related topics on Splitbot.ai

ChatGPT & DSGVO
Sister page: ChatGPT, Claude and Gemini compared under GDPR
RAG & Datenschutz
What the DSK guidance on RAG systems means for SMEs
On-Premise KI
Run KOSMO locally — data sovereignty through your own hardware
EU AI Act
Splitblog: What the EU AI Act means for public bodies and companies

Full control instead of residual risk

KOSMO runs on your own hardware or in sovereign EU data centres. No US corporation, no CLOUD Act, no Bing Grounding – just your data and your knowledge.

Discover KOSMO on-premise Free consultation

This page provides a general overview and is not a substitute for legal advice. For specific cases – particularly involving special category data, professional secrecy or cross-border data transfers – consult your data protection officer or a specialised law firm.

Partners & supporters