Research the GDPR
with trusted AI.

Cite the regulation to the article. Answer data-subject requests, pin down your lawful basis, and document processing, all in seconds.

European Union Austria Belgium Bulgaria Croatia Cyprus Czech Republic Denmark Estonia Finland France Germany Greece Hungary Ireland Italy Latvia Lithuania Luxembourg Malta Netherlands Poland Portugal Romania Slovakia Slovenia Spain Sweden United Kingdom Norway Switzerland Iceland Liechtenstein

Built for the GDPR. Answers you can cite.

A modern glass tower against the sky
99 articles + 173 recitals indexed
A legal library overlooking a European cathedral
1 month to answer a DSAR, Article 12(3)
A modern glass tower at dusk
6 lawful bases Article 6(1)(a)–(f)
A private boardroom overlooking a European city
€20M or 4% max fine, Article 83
A boardroom overlooking a European cityscape
24 languages every EU official language
A modern legal office
Daily EDPB guidance & DPA decisions
GDPR coverage
Regulation text · Recitals · EDPB guidelines · DPA decisions · National implementing law · CJEU case law
How it works

From a data-subject request to a cited answer.

Answer DSARs & data-subject rights

Work out exactly what an Article 15 access request entitles the individual to, and check the rights to rectification, erasure, restriction, and portability (Articles 16–20), with the deadlines and exemptions spelled out.

Establish your lawful basis

Test a processing activity against the six lawful bases in Article 6, weigh a legitimate-interests assessment, and check the extra conditions for special-category data under Article 9.

Build records of processing

Draft and gap-check your Article 30 records of processing activities and DPIAs (Article 35), and map breach-notification duties (Articles 33–34), every answer cited to the regulation, recitals, and EDPB guidance.

What do I have to provide when I answer a subject access request?

Article 15: the right of access

You must confirm whether you are processing the person's data and, if so, give them a copy of that data together with the information listed in Article 15(1) of Regulation (EU) 2016/679.

What the copy must include

  • The purposes of processing and the categories of personal data
  • The recipients and any transfers to third countries (Art. 15(1)(c),(2))
  • The retention period and the data subject's rights to rectification, erasure, and objection
  • The source of the data and any automated decision-making (Art. 15(1)(g),(h))

Deadline

Respond without undue delay and within one month (Art. 12(3)), extendable by two further months for complex requests. The first copy is free of charge.

Trusted by DPOs and compliance teams across Europe.

"

The best AI for any research related to EU law and regulations. It always comes up with the best answer.

"

eulaw.ai is the only tool I trust for EU regulation. It has cut our compliance research time by at least 30%.

"

eulaw.ai enables us to take on clients from industries and jurisdictions we previously would have had to decline.

"

A single fabricated case citation can lead to professional sanctions. eulaw.ai is built so there is no fabricated legislation or case law: every reference traces back to a source in your results.

Your GDPR work stays inside the EU.

EU Data Residency

Your documents, queries, and chat history are stored and processed only within the EU.

Built for GDPR

Engineered for full GDPR compliance, so your data-protection research never works against your own duties.

No Model Training

Your case files and personal data never train AI models. Model providers never receive or store your content.

Encryption

All customer data is encrypted at rest and in transit using modern protocols including TLS 1.3.

ISO 27001:2022 & SOC 2

Run from ISO 27001:2022 and SOC 2 certified data centres.

Audits & Vulnerability

Regular external security reviews, with continuous vulnerability scanning.

Your first GDPR citation in 30 seconds.

Free trial · no credit card · cancel anytime.

Looking for how we handle your data? Read our GDPR compliance statement.