Does your AI startup need a Data Processing Agreement with OpenAI, Anthropic, and Google?
In-depth analyses of real-world cyber incidents and emerging threat trends, authored exclusively by our analysts.
It is a question that tends to arrive late at night, often the evening before a big enterprise demo, when a founder suddenly wonders whether they have the right paperwork in place for the AI providers their product depends on. Do you actually need a Data Processing Agreement with OpenAI, Anthropic, and Google? This article answers that directly, provider by provider, so you can stop wondering and check the boxes.
It is the short, practical answer to a specific question, not a deep legal essay. If you want the fuller background on what a Data Processing Agreement is and why it matters, that is a separate topic. Here, we are answering the yes or no and telling you what to do about it.
The short answer
Yes. If your product sends personal data to OpenAI, Anthropic, or Google, you need a Data Processing Agreement, usually called a DPA, with each provider whose service you actually use. This is not optional or a nice to have. Under UK and EU GDPR, when a third party processes personal data on your behalf, a contract governing that processing is legally required.
The important word is each. A DPA with OpenAI does nothing for your use of Anthropic. If your product calls more than one provider, you need the agreement in place for every one that touches personal data. The good news is that all three make this reasonably straightforward, and the steps differ slightly for each.
Do you need one with OpenAI?
If you send personal data to the OpenAI API, yes. OpenAI provides a Data Processing Addendum that covers exactly this relationship and supports your GDPR obligations.
The practical points to know. For paid API use, the DPA is incorporated into OpenAI's commercial terms, but you should confirm you have accepted those commercial terms rather than assuming they apply automatically. A common and serious mistake is running company workloads through a personal account, where the right terms are not properly in place. Make sure your usage sits under a proper business account with the commercial terms accepted, and keep the executed agreement on file where you can find it.
Do you need one with Anthropic?
If you send personal data to Anthropic's API or to Claude for business use, yes, the same logic applies. Anthropic provides the contractual terms to cover this as a data processor acting on your behalf.
As with OpenAI, the key practical step is making sure you are on the correct commercial terms rather than consumer ones, since the protections differ. Confirm that the data processing terms apply to your account and usage, and retain the record. The principle is identical across providers. Using the service is not the same as having the agreement properly in place, so verify rather than assume.
Do you need one with Google?
If you use Google's AI services, such as the Gemini API, and send personal data, yes again. Google's AI offerings are generally covered by its cloud and platform data processing terms, which flow from the relevant Google Cloud or Workspace agreement.
The practical point specific to Google is that the data processing terms usually sit within your broader Google Cloud or Workspace contract rather than as a separate one off document, so the step is confirming that those terms apply to your project and that you have configured any relevant settings, such as data region, correctly. Again, the agreement existing in principle is not the same as you having confirmed it covers your actual usage.
What about other providers and self hosting?
The same rule extends to any third party model provider you send personal data to. If you add another provider tomorrow, you need the agreement in place for them too before that data starts flowing.
The one exception worth knowing is self hosting. If you run an open model entirely on your own infrastructure, such as a Llama or Mistral model you host yourself, no third party is processing the data, so there is no third party DPA to sign for that processing. You become responsible for it directly instead. This is sometimes a reason founders with particularly sensitive data consider self hosting, though it brings its own security responsibilities.
Why this matters before that enterprise demo
Here is why this question keeps founders up at night, and rightly so. When an enterprise buyer's security team reviews you, one of the first things they check is whether you have Data Processing Agreements in place with the third parties in your stack. If your product calls OpenAI and you cannot produce the agreement, that is an immediate red flag, and it suggests personal data may be flowing out of your product without the legal protection the law requires.
So this is not just a compliance technicality. It is one of the concrete, checkable things that decides whether you pass the data protection part of a security review. Having all your provider agreements in place and on file is one of the simplest ways to look like a vendor who takes data seriously.
Your quick checklist
Before that demo, run through this.
- List every AI provider your product sends data to.
- For each one, confirm you have the data processing agreement in place and that you are on business or commercial terms, not consumer ones.
- Check you are not running company workloads through any personal accounts.
- Save every executed agreement somewhere you can produce it instantly.
- Note each provider in your records of processing, so you can answer questions about your data chain.
If you can tick all five, the DPA question is handled, and you can walk into that demo without it hanging over you.
The honest takeaway
If your AI product sends personal data to OpenAI, Anthropic, or Google, you need a Data Processing Agreement with each of them, and the same goes for any other provider in your stack. All three make it achievable, but none of it happens automatically just because you signed up. The work is in confirming you are on the right terms, configuring your settings, and keeping the records.
It is a small piece of work that prevents a large problem, and getting it sorted before a buyer asks is far better than discovering the gap in the middle of a security review.
Not sure your provider agreements would hold up in a security review?
Book a free review and we'll check your data agreements and the wider security of your AI product.
KI-Sicherheitseinblicke
AI bias testing: what it is and why it's becoming a procurement question
Until recently, bias in AI systems was mostly a conversation for researchers and ethicists. That has changed quickly. I…
Artikel lesenSecurity diligence at Series A vs seed: what actually changes
Founders raising a seed round rarely think about security diligence at all, and for good reason, because most seed inve…
Artikel lesenThe security bar Y Combinator and top accelerators expect
Founders researching this topic are usually looking for one thing, a checklist of security requirements Y Combinator ha…
Artikel lesenSelf-hosting an open source LLM: the security trade-offs nobody mentions
Self-hosting an open source model is having a real moment. Llama, Mistral, Qwen and others have closed much of the gap…
Artikel lesenMore insights, delivered monthly
Get the latest insights on AI security and compliance.

