OpenAI has officially launched data residency in Europe, enabling organizations to comply with regional data sovereignty requirements while using its AI-powered services.
Data residency refers to the physical storage location of an organization’s data and the legal frameworks that govern it. Many leading technology firms and cloud providers offer European data residency options to help businesses adhere to privacy and data protection laws such as the General Data Protection Regulation (GDPR), Germany’s Federal Data Protection Act, and the U.K.’s data protection regulations.
Several tech giants have already implemented similar measures. In October, GitHub introduced cloud data residency within the EU for Enterprise plan subscribers. AWS followed suit by launching a sovereign cloud for Europe, ensuring all metadata remains within the EU. Google also introduced data residency for AI processing for U.K. users of its Gemini 1.5 Flash model.
Starting Thursday, OpenAI customers using its API can opt to process data in Europe for "eligible endpoints." New ChatGPT Enterprise and Edu customers will also have the option to store customer content at rest within Europe. Data "at rest" refers to information that is not actively being transferred or accessed across networks.
With European data residency enabled, OpenAI will process API requests within the region without retaining any data, meaning AI model interactions will not be stored on company servers. If activated for ChatGPT, customer information—including conversations, user inputs, images, uploaded files, and custom bots—will be stored in-region. However, OpenAI clarifies that existing projects cannot be retroactively configured for European data residency at this time.
"We look forward to partnering with more organizations across Europe and around the world on their AI initiatives, while maintaining the highest standards of security, privacy, and compliance," OpenAI stated in a blog post on Thursday.
OpenAI has previously faced scrutiny from European regulators over its data handling practices. Authorities in Spain and Germany have launched investigations into ChatGPT’s data processing methods. In December, Italy’s data protection watchdog — which had briefly banned ChatGPT in the past—fined OpenAI €15 million ($15.6 million) for alleged violations of consumer data protection laws.
The debate over AI data storage extends beyond OpenAI. Chinese AI startup DeepSeek, which operates a large language model (LLM) and chatbot, processes user data within China, drawing regulatory attention.
Last year, the European Data Protection Board (EDPB) released guidelines for EU regulators investigating ChatGPT, addressing concerns such as the lawfulness of training data collection, transparency, and data accuracy.
