GDPR + AI: training on user data in 2026 — what's allowed, what isn't

Most AI-first SaaS have the same temptation: 'we'll train on user data, because that makes the product better.' Legally this is never obvious — in 2026, GDPR and the AI Act both apply.

Legal bases — short version

• Consent: broadest, but revocable — once revoked, the data can't stay in the model.
• Legitimate interest: strict balancing test; rarely holds up for training.
• Contract performance: only if training is literally part of the service. Not a general bucket.

The pitfall everyone underrates

Under GDPR, users have a right to erasure. If personal data is baked into a model, in theory it has to be removable. In practice you can't extract it — that's the right-to-be-forgotten vs. machine unlearning tension the EU started taking seriously in 2026.

What we actually do today

1. Anonymise at the pipeline entry — training never sees personal data.
2. Consent log: who, when, what they agreed to (timestamp + version).
3. Opt-out tracking: on revocation, filter before retraining / release.
4. Model card: what you trained on, when, which version. Auditable.
5. Tenant-level isolation for multi-tenant embeddings.

Where 2026 is heading

Stronger DPA enforcement, bigger fines, and real progress on machine unlearning. Our take: every model pipeline should ship with a consent flag and an opt-out retraining cycle. Retrofitting is brutal.

Takeaway

Training on user data isn't banned, but cutting corners is expensive. If it helps, we'll take your pipeline apart with you in half a day — compliance risk map plus a concrete fix list.