Map data flows for each AI use case. Choose a lawful basis. Minimize and pseudonymize training data. Explain when AI is in the loop. Honor data rights, secure training sets, and run DPIAs when risk is high or data is sensitive.

It’s a public, always-current page listing vendors your processor uses to handle customer data. It supports GDPR Art. 28 duties (pre-authorization and change notices) and reduces procurement friction.