Data is the fuel for AI innovation—and the most common barrier to scaling. Europe’s data governance landscape is evolving rapidly: the GDPR remains the cornerstone of personal data protection, while the Data Act, Data Governance Act, and emerging European Data Spaces are creating new frameworks for data sharing and reuse. The European Commission’s Digital Omnibus (November 2025) proposes to consolidate these frameworks—clarifying key GDPR concepts relevant to AI, facilitating AI model training with appropriate safeguards, and creating a more coherent legislative structure for data access.
For organisations building AI products, this landscape creates both opportunities and challenges. The intersection of GDPR and the EU AI Act is particularly complex: high-risk AI systems processing personal data trigger both a Fundamental Rights Impact Assessment (FRIA) under the AI Act and a Data Protection Impact Assessment (DPIA) under GDPR. Organisations need practical approaches that address both requirements efficiently.
We develop operational privacy models for product and platform teams that embed data protection into development workflows—not as a compliance checkpoint but as a design principle that reduces risk and accelerates deployment.
Our research produces integrated DPIA/FRIA methodologies that satisfy both GDPR and AI Act requirements in a single process—reducing duplication and ensuring comprehensive rights protection.
With European Data Spaces rolling out across priority sectors, our research develops practical governance frameworks that enable trusted, large-scale data sharing—addressing the specific challenges of multi-party collaboration, cross-border transfer, and secondary use of data.
Building on the Digital Omnibus proposals to clarify pseudonymisation and facilitate AI model training, we develop practical data governance approaches that enable innovation while maintaining high protection standards—including governance for bias detection datasets using sensitive personal data under the AI Act’s Article provisions.