Agent

One agent. Every customer moment.

The customer-facing side of Unless — one AI Customer Agent across acquisition, retention, expansion, and support, with the Help Center it auto-generates as its public face. Browse a moment, or see the full overview.
Acquisition

Qualify, convert, educate. 24/7 on your marketing site.

Retention

See churn coming. Act before it does, inside the customer's product.

Expansion

Catch upsell signals early. Route them to the right owner.

Support

Resolve, co-pilot, learn — across every helpdesk and channel.

Engine

The platform underneath.

The back-of-house side of Unless — a Living Knowledge library that maintains itself, plus the Train → Test → Deploy → Analyze loop that keeps every Customer Agent sharper after every conversation. See how the engine compounds.
Train

Always current. Always ready. Living Knowledge + Living Context.

Test

Before a customer sees it. Preview, simulate, audit.

Deploy

One agent. The whole journey. Memory across all of it.

Analyze

Performance, value, AI maturity. All visible. All live.

Trust

Built for the EU from day one

The architecture that lets your DPO, security, and procurement teams sign off without slowing your team down. Browse the page, or jump straight to a section.
Privacy Vault

Twelve numbered measures keep sensitive identifiers home.

Compliance posture

Three pillars — sovereignty, AI Act readiness, sector readiness.

Architecture

Five EU-resident layers — touchpoints to LLM constellation.

Frameworks

EU AI Act, GDPR, DORA, OWASP — built into the platform, not bolted on.

Customers

Trusted by leaders

How regulated-Europe brands — from Visma to Onguard — turned customer success into a revenue engine with Unless.
Visma Enterprise AS

Norway's leading ERP — modernized self-service with Unless.

Helping patients

Patient self-service surged within weeks of deploying Unless.

Enhancing credit software

Financial service Onguard powers their support operations with Unless.

Ticket deflection at scale

Meet Sally, Kontek’s AI support colleague in regulated finance.

Resources

Search resources and support articles

Documentation, articles, and recipes for getting the most out of your Unless deployment — plus a help desk when you need a human.
Help center

Get-started guides and advanced playbooks for the platform.

Security and compliance

Privacy measures, security by design, and compliance guidelines.

Developer documentation

Find reference documentation for the javascript API.

The Unless cookbook

Bite-sized examples for every stage of the customer lifecycle.

Pricing

Pay per outcome. You choose.

Two equal-weight plans, both built around outcomes. Browse the page, or jump straight to a section.
The two plans

Flex (€0.99 per outcome) or Fixed (€1,999/month). Equal weight.

What's included

Full platform on both — Living Knowledge, Memory, Context.

Flex modules

Productized add-ons. À la carte on Flex, bundled into Fixed.

Frequently asked

What counts as an outcome, fair use, and switching mid-year.

Blog

Privacy in the EU and Large Language Models (LLMs)

Learn how to ensure data privacy with Large Language Models (LLMs) while complying with GDPR and global regulations.

Play

Updated 10 February 2026

Introduction

The rise of Large Language Models (LLMs) has revolutionized industries by enabling advanced data processing and text generation capabilities. However, the unregulated use of these powerful tools poses significant risks, particularly concerning data privacy. Organizations leveraging LLMs must navigate the intricate landscape of data protection regulations such as the GDPR (General Data Protection Regulation) in Europe, the CCPA (California Consumer Privacy Act) in the United States, and similar laws worldwide. Failing to comply could result in costly violations and damage to reputation. This article evaluates three scenarios—public APIs, locally hosted models, and cloud-provided solutions—to understand the privacy implications and propose the most effective approach.

Problem Statement

One of the major challenges with LLMs is their inability to selectively delete or “unlearn” specific data points, such as an individual’s name or date of birth. This limitation is particularly problematic given the “right to be forgotten” enshrined in privacy regulations across many jurisdictions, including Europe. Without the capability to erase specific data, businesses face significant risks in complying with these laws. This article explores three potential solutions to mitigate these risks while leveraging the benefits of LLMs.

Scenario Evaluation

1. Public APIs

Public APIs offered by large LLM providers, such as OpenAI, are convenient and powerful but fall short from a privacy standpoint. These models are often hosted in various jurisdictions, making it difficult to understand and control what happens to your data. Fine-grained data access, rectification, or erasure options are usually impossible. Without transparency into the backend operations and data handling practices, using public APIs can lead to inadvertent breaches of data protection regulations. Therefore, public APIs are not recommended for handling sensitive information.

2. Locally Hosted Models

Self-hosting LLMs offers more control over data and can potentially address some privacy concerns. However, this approach comes with its own set of challenges. Managing updates, infrastructure, and security patches can be resource-intensive and costly. Moreover, while self-hosting provides model isolation, it does not inherently solve the problem of data governance. Any user with access to the locally hosted LLM can potentially access all the data it contains. This lack of fine-grained access controls makes it difficult to comply with data privacy regulations fully.

3. Cloud-Provided Solutions

Running LLMs on cloud infrastructure provided by major providers like AWS, Azure, or Google Cloud offers a middle ground. These providers often include privacy warranties, ensuring that your data will not be used for their purposes, as well as deployment in your preferred jurisdiction. However, similar to locally hosted models, cloud-provided solutions also suffer from limitations in data governance and fine-grained access control. The intrinsic challenges around data deletion and the inability to meet the “right to be forgotten” requirements persist.

Solution: combine Cloud Infrastructure with Data Privacy Vaults

Leveraged by AI platform providers like UNLESS, a promising approach to addressing data privacy concerns while leveraging LLMs is the use of data privacy vaults. A data privacy vault isolates, protects, and governs sensitive customer data, facilitating compliance with regional laws like GDPR through data localization. Tokenization, a non-algorithmic approach to data obfuscation, replaces sensitive data with tokens, providing an extra layer of security. Sensitive data is stored in the vault, while de-identified data is used in other cloud storage and downstream services.

Additionally, a data privacy vault ensures that sensitive data remains in a specific geographic location and tightly controls access through a zero-trust model. This model grants access based on explicit policies, allowing organizations to control who sees what, when, where, for how long, and in what format. By combining cloud infrastructure with data privacy vaults, organizations can achieve a robust solution that addresses the intrinsic limitations of both public and private LLMs.

Conclusion

In the landscape of data privacy and LLMs, organizations must tread carefully to avoid costly violations of regulations like GDPR. Public APIs are not viable due to their lack of transparency and control. Locally hosted models offer more control but are resource-intensive and still lack fine-grained access controls. Cloud-provided solutions offer a balanced approach but also suffer from data governance issues. Combining cloud infrastructure with data privacy vaults presents a comprehensive solution, providing robust data protection and compliance with privacy regulations. By adopting this approach, as spearheaded by AI platforms like UNLESS, organizations can harness the power of LLMs while ensuring the privacy and security of sensitive data.

Privacy GDPR

We're here to help

Quick responses if you have an issue. Feel free to ask us anything — or ask our conversational AI a question.

Visit the help center