AI Phone Assistant & GDPR: What's Legally Allowed (2026) | Hanc.AI
AI Guides

AI Phone Assistant & GDPR: What's Legally Allowed (2026)

HANC.ai Team · · 24 min di lettura
#GDPR #Compliance
AI Phone Assistant & GDPR: What's Legally Allowed (2026)

You know the math. Roughly 30% of calls to small and mid-sized businesses go unanswered, and each missed call is worth somewhere between €80 and €150 in lost revenue. An AI phone agent that picks up every time — during peak hours, after hours, on weekends — looks like the obvious fix. And yet many owners hesitate, not because of the price or the technology, but because of one specific worry: “Is this even allowed under the GDPR — and could I be fined?”

This article answers that question directly, and in more depth than either the purely legal explainers or the vendor landing pages tend to offer. The short version up front: yes, an AI phone agent is generally GDPR-compliant and permitted in Germany, Austria, and Switzerland. Compliance is not a property of the software — it is the result of how you set it up: the legal basis you rely on, how transparent you are, where the data is hosted, and whether you obtain consent for recording.

The essentials in brief:

  • A legal basis under Art. 6 GDPR is required — usually contract performance or legitimate interest, and consent for recording.
  • You must label the AI as an AI. The EU AI Act Art. 50 transparency obligation applies from 2 August 2026.
  • A data processing agreement (DPA) under Art. 28 is mandatory whenever an external provider processes data on your behalf.
  • EU hosting removes the third-country transfer problem entirely — the simplest path to compliance.
  • Consent is needed only for recording or full transcription, not for live processing.
  • No fully automated binding decisions: the agent must not conclude a binding contract on its own (Art. 22).

One disclaimer, prominently and early: this article is a well-researched orientation, not legal advice for your specific case. When in doubt, consult your data protection officer (DPO) or a lawyer. What it does give you that pure legal sites and vendor pages leave out: copy-paste greeting and consent scripts, a go-live checklist, and a neutral vendor-vetting catalog. You can also create an agent for free and test an EU-compliant setup yourself, without a credit card.

Is an AI Phone Agent GDPR-Compliant? The Short and Long Answer

Yes. An AI phone agent processes personal data — the caller’s voice, name, request, and phone number — in a GDPR-compliant way, provided there is a legal basis, the caller is transparently informed, a data processing agreement is in place, and the data is processed with data minimization in mind and within the EU.

This is where a common confusion needs clearing up. “GDPR-compliant” is not a certification stamped onto a piece of software. The exact same software can be operated in a compliant way or a non-compliant way, depending on your configuration and your provider’s setup. Compliance is an outcome, not a product feature.

Responsibility is also worth pinning down. You — the business deploying the agent — are the “controller” within the meaning of Art. 4(7) GDPR. The AI provider acts as your “processor.” That relationship is precisely why a data processing agreement is required, a point we return to in detail below.

When does the GDPR apply to AI systems?

The moment personal data is processed. For a phone agent, that is practically always: a phone number alone is personal data, and the spoken request usually is too. The fact that processing happens by “AI” or “automated systems” changes nothing about that threshold — the rules are the same as for any other tool that touches personal data.

The rest of this article works through the four levers that actually determine compliance: the legal basis, transparency and the AI Act, recording and consent, and hosting and third-country transfers. Treat the sections that follow as a map. If you want the technical and security background in parallel, see our security overview.

Every processing of personal data needs a legal basis under Art. 6(1) GDPR. For a phone agent at the front desk, three are relevant in practice.

  • Contract performance or pre-contractual steps (Art. 6(1)(b)) — for inbound requests such as booking an appointment or preparing a quote. The caller wants something that leads to or fulfills a contract, so the processing is justified.
  • Legitimate interest (Art. 6(1)(f)) — for general reachability and service quality, for example taking a callback request. This requires a balancing test weighing your interest against the caller’s rights, and you should document it.
  • Consent (Art. 6(1)(a)) — mandatory for recording or transcription and for any marketing outbound calling.

A simple mapping helps avoid the typical pitfalls:

Use caseLegal basisWatch out for
Inbound appointment bookingArt. 6(1)(b)Only the data needed for the booking
General callback intakeArt. 6(1)(f)Document the balancing test
Recording the conversationArt. 6(1)(a)Active, provable consent required

There is also a special category to flag. Art. 9 GDPR covers sensitive data — health, religion, trade-union membership. A medical practice, for instance, may take in health-related information, and then you additionally need an exception under Art. 9(2). More on industry specifics further down.

One contentious point deserves a clean answer, because the legal explainers and the vendor sites tend to talk past each other here. A voice recording is not automatically biometric data under Art. 4(14). It only becomes Art. 9 data when the voice is deliberately processed to uniquely identify a person — a voiceprint, speaker authentication. Simply understanding what the caller wants (speech-to-text with no intent to identify) does not, as a rule, trigger Art. 9.

The practical takeaway: if you do not use voiceprints or speaker authentication, you do not need Art. 9 consent for speech processing as such. You may still need consent for recording — but that is a separate matter with a separate basis. Whichever basis you choose, document it; the accountability principle expects you to be able to show your reasoning.

Must I Tell Callers They Are Talking to an AI? (EU AI Act Art. 50 & Art. 13 GDPR)

Yes. You must clearly and unmistakably inform callers at the start of the conversation that they are speaking with an AI system. This follows from the transparency obligation in EU AI Act Art. 50 — which applies from 2 August 2026 — and from the information duties in Art. 13 and 14 GDPR.

What does Art. 50 actually require, concretely? That the AI interaction is recognizable to a natural person, and that artificially generated or synthetic voice content is labeled as such. In plain terms, this answers the question many callers ask: “How do I recognize an AI on the phone?” You recognize it because a compliant operator tells you, up front.

A word against the scaremongering: a normal AI phone agent for reception or appointment booking is, as a rule, not a high-risk system under the EU AI Act. Only the transparency obligation applies — not the heavy high-risk regime. Providers who wave high-risk warnings around to create urgency are overstating the situation.

On the GDPR side, the disclosure goes a little further than just “I’m an AI.” The caller should also be pointed to the data processing and where to find more information — your privacy policy. On the phone, that is handled with a short spoken notice referring to the website, and a link from your privacy page.

This connects to the right to reach a human. A serious solution always offers a human fallback — “speak to a member of staff” at any time. That is good practice in its own right, and it also supports Art. 22 (covered below). For an example of how a compliant operator approaches this: platforms such as Hanc.AI are explicitly built around EU AI Act Art. 50 and identify themselves as AI at the start of the call. You can configure these greetings yourself when you set up an agent role.

A taste of the copy-paste scripts that follow: “Hello, this is the digital assistant for [Company]. I’m an AI, and I’m happy to help you.”

Here is the distinction that matters most, and the one most explainers blur. Live processing — where the AI understands and responds without permanently storing audio — is far easier to justify than a permanent audio recording or a full transcript. The latter generally require active consent.

Think of it as a traffic light:

LightScenarioStatus
GreenLive understanding, a note or summary on a valid legal basisGenerally fine
YellowStoring a full transcriptConsent recommended
RedSecret audio recordingNot permitted, potentially criminal

The red light is not hyperbole. In Germany, secretly recording the spoken word that was not meant to be public is a criminal offense under § 201 StGB — and that includes silently recording a phone call, and can extend to transcripts. The consequence is simple: never record without a prior notice and consent.

There are three consent mechanics on the phone, and it is worth seeing all three side by side, because no one usually lays them out in full:

  1. DTMF keypress — “To allow recording, press 2.”
  2. Spoken “yes” in response to a clear question.
  3. Implied consent — “stay on the line if you agree.”

Now to settle a genuine dispute between sources. Some argue that “stay on the line” is defensible; others say it does not suffice. The honest answer: implied consent is legally contested and not audit-proof. The safe default is active confirmation — a spoken “yes” or a DTMF keypress — which has the added benefit of being loggable.

Data minimization is your best default strategy here (Art. 5(1)(c)). Store only a summary or structured note, not a full audio archive. That single choice reduces both your risk and your need for consent at the same time. And one boundary: outbound marketing calls are a separate, stricter topic (consent under unfair-competition law and the GDPR) and are not the subject of this reception-focused article.

This is the part competitors rarely provide — full, usable building blocks rather than a single example sentence. Adapt them to your case and your DPO.

Block 1 — Greeting with AI disclosure (Art. 50), no recording. Use this when you process live only.

“Hello, this is the digital assistant for [Company]. I’m an AI and I can help you book an appointment or answer your questions. How can I help?”

Block 2 — Greeting plus GDPR notice (Art. 13), referring to your privacy policy.

“Hello, this is the AI assistant for [Company]. To help you, I’ll process the details you give me. You’ll find more on data protection at [website]. How can I help?”

Block 3 — Active consent to recording (spoken yes).

“This call may be recorded to handle your request. Do you agree to the recording? Please answer yes or no.” If no: “Understood, I won’t record. How can I help?” — and processing continues live only.

Block 4 — Consent via DTMF keypress.

“If you agree to this call being recorded, please press 2 now. If you’d rather not, simply don’t press any key, and I’ll help you without a recording.” (Log the keypress with a timestamp.)

Block 5 — Human fallback.

“You can speak to a member of staff at any time — just say ‘agent’.” (Supports Art. 22 and transparency.)

Three industry-specific full greetings, since this is missing everywhere:

  • Medical practice (health data, Art. 9): “Hello, this is the digital assistant for [Practice]. I’m an AI. I can book appointments and take your details. Please don’t share diagnoses or sensitive health information — a member of staff will handle that personally.”
  • Law firm (confidentiality, § 203 StGB): “Hello, you’ve reached the AI assistant for [Firm]. I’m an AI and can take your contact details and your matter in general terms. For confidential details, I’ll connect you to a member of the team.”
  • Trades (job intake / callback): “Hello, this is the digital assistant for [Company]. I’m an AI. I can take your job and arrange a callback. What can we do for you?”

If you operate in more than one language, the greeting and consent must be delivered in the caller’s language — consent is only valid if it is informed. Solutions that switch language mid-call and cover many languages make this much easier. As before: these are templates, to be adapted to your case and your DPO.

Data Processing Agreement (DPA) & EU Hosting: The Provider as a Privacy Risk

A data processing agreement under Art. 28 GDPR is mandatory. The moment an external AI provider processes personal data on your behalf, you must conclude a DPA with them. Without one, the deployment is formally unlawful — regardless of how good the technology is.

At a minimum, a DPA should cover: the subject and purpose of the processing, the requirement to act only on your instructions, confidentiality, technical and organizational measures, the handling of sub-processors, and the deletion or return of data at the end.

That sub-processor point is often glossed over. A serious provider discloses which sub-processors are involved — telephony, the speech model, hosting — and where they sit. This matters most when a US-based model provider is in the chain.

By far the simplest route is an EU or Germany server location. If processing happens entirely within the EU, the third-country problem disappears completely. There is nothing to assess and nothing to document about transfers, because there are none.

If a US provider is involved, you need a transfer mechanism: either the EU-U.S. Data Privacy Framework (in place since July 2023) or Standard Contractual Clauses (SCC) plus a Transfer Impact Assessment. Without one of these, the transfer is exposed. And there is one question to put to any provider, in writing: are my conversation data used to train your AI models? A compliant provider rules this out contractually.

As a positive reference: Hanc.AI is operated by Good Point GmbH (FN 618845t, Vienna, verifiable on firmenbuch.at), hosts on Microsoft Azure EU (West Europe), and transfers no data out of the EU — so the third-country question never arises. A DPA is available, and the setup is compliant with the GDPR, the Austrian DSG, and the Swiss revDSG. The technical security details (encryption and so on) come next; you can also review the integrations that determine where data flows.

Data Minimization, Retention & Security Measures in Practice

Data minimization (Art. 5(1)(c)) means collecting only what the purpose requires. A phone number and the caller’s request — yes. An unnecessary audio archive — no. Where possible, redact or pseudonymize personal identifiers.

A deletion concept is the part most explainers only skim. Define clear retention periods for conversation and contact data, and enforce them automatically — for example, automatic deletion after a set number of days. Periods vary by industry and by overlapping obligations (tax, professional rules), so set them deliberately rather than by default.

The concrete technical measures that mark out a serious provider are largely the market standard, and you should be able to confirm them: encryption at rest (for example AES-256) and in transit (TLS 1.3), access controls, automatic deletion jobs, and where available an external attestation such as SOC 2.

The single best default setting is “summary instead of audio.” A structured conversation note rather than raw audio reduces data volume, risk, and the need for consent all at once. And check the factory defaults: is recording on or off out of the box? Privacy by Default (Art. 25) expects the data-minimizing setting to be the preset. All of these feed directly into the vendor checklist that follows. For a fuller picture of the safeguards in place, see the security overview.

Checklist: How to Spot a GDPR-Compliant AI Phone Agent (Vendor Vetting)

Which AI systems are GDPR-compliant? The ones that pass the points below. Vendor pages praise themselves; almost no one offers a neutral grid. Here is one you can copy and use. Work through it provider by provider:

  1. Is the server location in the EU or Germany?
  2. Is any data transferred out of the EU, or are there US sub-processors?
  3. Is a DPA under Art. 28 available and ready to sign?
  4. Are sub-processors disclosed?
  5. Are conversation data used for model training — yes or no?
  6. Is recording off by default (Privacy by Default)?
  7. Are retention periods configurable?
  8. Is AI labeling under Art. 50 supported?
  9. Is a human fallback possible?
  10. Is encryption — and ideally a certificate — demonstrated?
  11. Is the provider legally reachable (EU seat, verifiable in a public register)?

The direct answer to “which AI systems are GDPR-compliant?” is: the ones that meet these points. It is not the buzzword on the landing page that decides — it is hosting, the DPA, the default settings, and the contractual exclusion of training use.

Red flags, conversely: no DPA on offer, US-only hosting with no transfer mechanism, recording on by default, no answer on model training, and a provider that is not legally reachable.

As a worked reference line: Hanc.AI — EU hosting on Azure West Europe, no EU data transfer, DPA available, EU AI Act Art. 50 labeling, operator verifiable in the Firmenbuch. For the full picture and a feel for what to weigh, the pricing page and the features overview round out the buying view.

Go-Live Checklist: Roll Out an AI Phone Agent in 8 GDPR-Compliant Steps

A real step-by-step roadmap, with who owns each step — because the competition tends to stay abstract.

  1. Define the use case and legal basis (Art. 6). Owner: management / DPO.
  2. Select a provider against the vetting catalog and sign the DPA (Art. 28).
  3. Build the greeting and consent script from the templates, and integrate AI labeling (Art. 50).
  4. Switch on data-minimizing settings (summary instead of audio, recording only with consent) and set retention periods.
  5. Update the website privacy policy to cover AI telephony, and reference it in the spoken notice.
  6. Update your Record of Processing Activities (ROPA), and check whether a DPIA is needed (next section).
  7. Set up a data-subject-rights process (access, erasure, withdrawal must be workable) and switch on consent logging.
  8. Brief your staff, test the human fallback, then go live — and adjust iteratively.

A practical note: with a setup that requires no programming, the technical part is ready in 60 seconds. The care goes into the data protection setup, not the technology. You can create an agent for free, with no credit card, and run through this checklist on a real EU-hosted setup.

Accountability (Art. 5(2)) means you must be able to demonstrate compliance — the chosen legal basis, the DPA, consents obtained, and the deletion concept, all documented.

Your Record of Processing Activities (ROPA, Art. 30) should list AI telephony as a processing activity, including purpose, data categories, recipients, and retention periods.

A Data Protection Impact Assessment (DPIA, Art. 35) is triggered by certain factors: a genuinely new technology, profiling or sentiment analysis, biometrics, or large-scale reach. A simple reception assistant with no profiling and no biometrics usually does not trigger a DPIA. Add sentiment analysis, voiceprints, or large scale, and it may — and then a prior consultation (Art. 36) could be required.

On the DPO obligation: in Germany, § 38 BDSG sets a threshold for when you must appoint a data protection officer; Austria and Switzerland differ, so check your own jurisdiction.

For audit-proof consent logging — another thing no one templates — log the timestamp, the wording of the consent question, the response (yes / DTMF), and the call ID. That is how consent becomes provable (Art. 7(1)).

Make data-subject rights genuinely actionable: access including a copy of any recording (Art. 15), correction of misheard names (Art. 16), erasure (Art. 17), portability as JSON or CSV (Art. 20), withdrawal of consent even mid-call (Art. 7(3)), and objection where you rely on legitimate interest (Art. 21).

Finally, tie in Art. 22: no solely automated decision with legal effect. An AI assistant must not, for instance, conclude a binding contract on its own. Secure this with a human fallback and a final human sign-off where it matters.

Fines & Penalties: What Does a GDPR Breach Actually Cost?

Competitors stay vague on consequences. The numbers are not vague. The GDPR fine framework reaches up to €20 million or 4% of worldwide annual turnover — whichever is higher — for serious breaches. For formal breaches, such as a missing DPA, it is up to €10 million or 2%.

There is also a criminal layer. Secret audio recording under § 201 StGB is a criminal offense (imprisonment or a fine) — and that reaches the individual, not only the company.

A realistic framing for SMBs, without alarmism: the existential maximums target large corporations. What is more relevant for a small business is warnings, supervisory-authority orders, damages claims (Art. 82), and reputational harm. The risk is real — and entirely avoidable.

The most common, avoidable mistakes that lead to proceedings: a missing DPA, secret recording, missing AI labeling, an unresolved US data transfer, and a missing privacy policy. The positive framing is the honest one: with correct implementation (see the go-live checklist), this risk is fully manageable. Compliance is a matter of hours of work, not an obstacle. The detail lives on the privacy page.

Industry depth is where most coverage stops — and where the real differences sit.

Medical practices. Health data is a special category (Art. 9): stricter requirements, data minimization especially important, and the duty of medical confidentiality. The AI may take a request and book appointments, but it should avoid capturing sensitive diagnostic detail. We cover this in depth in the doctor’s office guide, and there are dedicated doctor setups.

Law firms and tax advisors. Professional confidentiality and § 203 StGB (breach of secrets) apply. The provider must be cleanly bound as a confidentiality assistant via the DPA and be EU-hosted; client data does not go to a third country. See the pages for lawyers and tax advisors.

Financial services. Here the logic can flip: MiFID II may require certain advisory or order calls to be recorded. The tension is not data protection versus recording — recording is the obligation, under a different legal framework. Keep the two apart.

Trades. Usually the least sensitive — job intake under Art. 6(1)(b), callbacks — which makes it a good entry vertical. The trades setup is a low-hurdle starting point.

Employee data. Often overlooked: for the management-facing roles (internal assistance, HR matters), § 26 BDSG is relevant. Inform employees about the AI use and observe co-determination where a works council exists. These map to the management-facing agent roles.

One more pointer: alongside the GDPR, the German TDDDG (telecommunications and telemedia data protection) may also apply for telecommunications and terminal equipment. Worth knowing, without overloading the picture.

DACH Overview: Additional Rules in Austria (DSG) and Switzerland (revDSG)

No competitor offers real DACH breadth, so here is the clear added value for Austrian and Swiss readers.

Austria. The GDPR applies directly, supplemented by the Austrian Data Protection Act (DSG). The supervisory authority is the Datenschutzbehörde. Criminal protection against secret recording exists analogously, and AI labeling and the DPA requirement apply just the same.

Switzerland. Switzerland is not an EU member. The revised Data Protection Act (revDSG, in force since 1 September 2023) applies — similar principles of transparency, proportionality, and commissioned processing, but with its own terminology and without the GDPR’s fine ceilings. From an EU perspective, transfers to Switzerland are covered by an adequacy decision.

The practical consequence: if you are EU-hosted and GDPR-compliant, you generally satisfy the Austrian DSG too, and you are on the safe side for the Swiss revDSG. One common standard covers all of DACH. Hanc.AI, for example, is explicitly built for the GDPR, the Austrian DSG, and the Swiss revDSG — one setup for the whole region.

A note on the EU AI Act: it applies directly across the EU, including Austria. Switzerland aligns with it but is not directly bound — yet transparency remains best practice. For the technical underpinnings, see the security overview.

Frequently Asked Questions

Is an AI phone agent GDPR-compliant? Yes, when it is implemented correctly. That means a valid legal basis under Art. 6, transparent disclosure to the caller, a data processing agreement, EU hosting, and consent where you record or transcribe. Compliance is an outcome of your setup, not a fixed property of the software.

Must I tell callers they are talking to an AI? Yes. The EU AI Act Art. 50 transparency obligation (from 2 August 2026) and Art. 13 GDPR require a clear notice at the start of the call. A short spoken disclosure that identifies the agent as an AI, with a reference to your privacy policy, is enough.

When does the GDPR apply to AI systems? As soon as personal data is processed — which, for phone calls, is practically always. A phone number alone is personal data, and the spoken request usually is too. The “AI” label does not change that threshold; the same rules apply as for any other tool.

Which AI systems are GDPR-compliant? The ones with EU hosting, an available DPA, data-minimizing defaults, and a contractual exclusion of using your data for model training. Use the vendor checklist above — hosting, DPA, defaults, and training exclusion decide it, not the marketing claim.

May I record phone calls with the AI? Only with prior consent. Secret recording is a criminal offense under § 201 StGB. The safe approach is active consent — a spoken “yes” or a DTMF keypress — which is also loggable. For most reception use cases, a summary instead of full audio avoids the issue entirely.

Is the voice biometric data? Not automatically. A voice recording becomes Art. 9 biometric data only when it is deliberately processed to uniquely identify a person — a voiceprint or speaker authentication. Simple speech-to-text to understand the request, with no intent to identify, does not, as a rule, trigger Art. 9.

Do I need a DPIA? A simple reception assistant usually does not. A Data Protection Impact Assessment is triggered by factors such as profiling, sentiment analysis, biometrics, or large-scale reach. If your setup involves those, run a DPIA and, where required, a prior consultation under Art. 36.

Are US providers allowed? Only with a transfer mechanism — the EU-U.S. Data Privacy Framework, or Standard Contractual Clauses plus a Transfer Impact Assessment. The simplest and safest path is an EU-hosted provider, which removes the third-country question altogether.

Conclusion: Compliant AI Calling Is About How, Not Whether

An AI phone agent is permitted and practical across Germany, Austria, and Switzerland. What decides the matter is the implementation: a sound legal basis, transparency under Art. 50, a data processing agreement, EU hosting, consent where you record, and data minimization throughout.

There is no hype in the call to action. With the go-live checklist and the vendor-vetting catalog above, you can reach compliance in a manageable amount of time. If you want to see it in practice, create an agent for free and test an EU-hosted setup yourself — no credit card needed; pricing details are on the pricing page.

One last disclaimer: this is orientation, not legal advice. When in doubt, bring in your DPO or a lawyer. And a closing note on trust — for an example of a verifiable, EU-hosted operator, Hanc.AI is run by Good Point GmbH in Vienna (FN 618845t), confirmable on firmenbuch.at.


← Torna al blog
Book a Meeting