Data Flow Map
Project: Pickles GmbH — AI Governance Framework Stage: Stage 3 — Regulatory Alignment Status: Draft Version: v1 Date: 2026-02-26 Assumptions: Built on outline assumptions — not verified against real Pickles GmbH data
Purpose
This document maps the flow of personal data through Pickles GmbH's AI platform, identifies storage locations, retention periods, sub-processors, and encryption measures. It supports:
- Compliance with GDPR Article 30 (Records of Processing Activities — RoPA)
- The DPIA threshold assessment and DPIA preparation (L2-5.2)
- Vendor and sub-processor management (L2-5.3)
- EU AI Act Article 12 (logging and record-keeping for high-risk systems)
[ASSUMPTION] This data flow map is based entirely on assumed system architecture (A-001 through A-005) and has not been validated against Pickles GmbH's actual technical infrastructure. Before this document is used for compliance purposes, the entire flow must be verified against real system documentation, hosting contracts, and model provider agreements.
[LEGAL REVIEW REQUIRED] Finalisation of the RoPA, DPIA, and sub-processor list requires legal review. This document is a working framework, not a compliance certification.
1. Regulatory Basis
| Instrument | Provision | Topic |
|---|---|---|
| GDPR | Article 4(7) | Controller definition |
| GDPR | Article 4(8) | Processor definition |
| GDPR | Article 28 | Processor contract requirements |
| GDPR | Article 30 | Records of processing activities (RoPA) |
| GDPR | Article 32 | Security of processing |
| GDPR | Articles 44, 46 | International data transfers — general principle and appropriate safeguards |
| BDSG | Section 64 | Security requirements for automated processing |
| EU AI Act | Article 12 | Logging for high-risk AI systems (SYS-04) |
| EU AI Act | Article 26(6) | Deployer log retention (relevant for Pickles GmbH's lawyer clients) |
| BRAK | Section 3 (§43e BRAO) | Attorney-client confidentiality in IT outsourcing |
2. Data Controller and Processor Roles
2.1 Role Identification
[ASSUMPTION] The following role allocation is assumed and must be verified against Pickles GmbH's actual service agreements and data processing practices.
| Party | Role | Basis |
|---|---|---|
| Pickles GmbH | Data controller — for personal data of its own employees, registered users, and account holders | GDPR Article 4(7) [ASSUMPTION] |
| Pickles GmbH | Data processor — for personal data contained in legal documents, queries, and inputs submitted by lawyer clients who are the data controllers for their clients' data | GDPR Article 4(8) [ASSUMPTION] |
| Lawyer clients (law firms, in-house legal depts.) | Data controllers — for personal data of their own clients and counterparties contained in documents they submit to Pickles GmbH | GDPR Article 4(7) [ASSUMPTION] |
| Third-party AI model provider | Sub-processor — if lawyer client data is passed to a third-party model API | GDPR Article 28(2) [ASSUMPTION A-004] |
| Cloud hosting provider | Sub-processor — for infrastructure hosting | GDPR Article 28(2) [ASSUMPTION A-005] |
[LEGAL REVIEW REQUIRED] The controller/processor boundary is critical. If Pickles GmbH determines its own purposes and means for processing client-submitted data (e.g., for model training or product improvement), it may be a joint controller or an independent controller for that processing. This must be assessed carefully per Article 4(7) and Recital 74 GDPR.
3. Data Categories in Scope
3.1 Personal Data Categories
[ASSUMPTION] The following categories of personal data are assumed to flow through Pickles GmbH's systems based on the nature of legal AI tools:
| Category | Source | Sensitivity | Notes |
|---|---|---|---|
| Lawyer/user account data | Registration and onboarding | Standard personal data | Name, email, firm name, role |
| Legal document content | User-submitted documents and prompts | Potentially sensitive / special categories [ASSUMPTION] | May include health data, financial data, family information, criminal records — depending on practice area |
| Case facts and client details | User queries and prompts | Potentially sensitive / special categories [ASSUMPTION] | May include client names, dispute facts, identifying details |
| Usage logs and session data | Automatically generated | Standard personal data / technical data | Query timestamps, session IDs, system events |
| Payment data | Subscription / billing | Standard financial personal data | [ASSUMPTION — handled by payment processor sub-processor] |
Key risk: Legal documents routinely contain special categories of personal data (GDPR Article 9) — health, financial, criminal. Processing special categories of personal data triggers GDPR Article 9 restrictions, heightened Article 32 security requirements, and may trigger DPIA requirements under Article 35(3)(b). See L2-5.2 for DPIA assessment.
4. Data Flow Maps
4.1 Primary Prompt Flow (SYS-01, SYS-02, SYS-03, SYS-04)
┌─────────────────────────────────────────────────────────────────────┐
│ LAWYER CLIENT │
│ (Data controller for client personal data) │
└─────────────────┬───────────────────────────────────────────────────┘
│
│ HTTPS (TLS 1.3+) [ASSUMPTION]
│ Query / document input
▼
┌─────────────────────────────────────────────────────────────────────┐
│ PICKLES GMBH PLATFORM │
│ (Data processor for client data; data controller for user data) │
│ │
│ [1] API Gateway / Authentication layer │
│ - User identity verification │
│ - Input validation │
│ - Session logging (start timestamp, session ID) │
│ │
│ [2] Application Processing Layer │
│ - Query routing to appropriate AI system │
│ - Input preprocessing / prompt construction │
│ - Retrieval step (SYS-01: legal document index search) │
│ │
│ [3] AI Inference Layer │
│ EITHER: In-house model inference [ASSUMPTION] │
│ OR: API call to third-party model provider [ASSUMPTION A-004] │
│ │
│ [4] Output Processing Layer │
│ - Response formatting │
│ - AI-generated content marking (Article 50(2)) │
│ - Output logging (Article 12 — SYS-04) │
│ │
│ [5] Storage │
│ - Logs retained per retention policy │
│ - User account data retained per account lifecycle │
└──────────┬──────────────────────────┬───────────────────────────────┘
│ │
│ Output returned │ API call [ASSUMPTION A-004]
│ via HTTPS │ HTTPS (TLS)
│ ▼
│ ┌────────────────────────────┐
│ │ THIRD-PARTY MODEL PROVIDER │
│ │ (Sub-processor) │
│ │ [ASSUMPTION A-004] │
│ │ │
│ │ Location: [UNKNOWN — │
│ │ may be non-EU ASSUMPTION] │
│ └────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────────────┐
│ LAWYER CLIENT │
│ Receives AI output — applies professional judgment │
│ No automatic transmission to third parties [ASSUMPTION] │
└─────────────────────────────────────────────────────────────────────┘
[ASSUMPTION] The architecture above is entirely assumed. Actual data flows may differ significantly depending on whether Pickles GmbH runs its own models, uses third-party model APIs, or uses a hybrid approach.
4.2 Data Flow at Third-Party Model Provider (If Applicable)
[ASSUMPTION A-004] If Pickles GmbH uses a third-party AI model provider:
┌────────────────────────────────────────────────────────────────────┐
│ THIRD-PARTY MODEL PROVIDER │
│ │
│ Receives: Constructed prompt (may contain personal data from │
│ lawyer client's documents) [ASSUMPTION] │
│ │
│ Processing: Language model inference only [ASSUMPTION] │
│ │
│ Returns: Generated text response │
│ │
│ Data retention by provider: [UNKNOWN — must be contractually │
│ restricted per GDPR Article 28(3)(g) and §43e BRAO] │
│ │
│ Location: [UNKNOWN — if USA: SCCs required under GDPR Art. 46; │
│ §43e(4) BRAO requires comparable confidentiality protection] │
└────────────────────────────────────────────────────────────────────┘
[LEGAL REVIEW REQUIRED] Whether personal data from lawyer client documents is actually transmitted to the third-party model provider depends on architecture (e.g., RAG systems may avoid transmitting personal data if retrieval is in-house and only anonymised prompts are sent to the model). This must be confirmed per system.
5. Storage Locations and Retention
5.1 Storage Location Map
| Data Type | Storage Location | Jurisdiction | Encryption | Notes |
|---|---|---|---|---|
| User account data | Pickles GmbH cloud infrastructure [ASSUMPTION] | EU [ASSUMPTION A-005] | At rest: AES-256 [ASSUMPTION]; In transit: TLS [ASSUMPTION] | Includes registration, login, firm details |
| Query logs / session logs | Pickles GmbH cloud infrastructure [ASSUMPTION] | EU [ASSUMPTION A-005] | As above [ASSUMPTION] | May contain personal data from queries |
| AI output logs (SYS-04 only) | Pickles GmbH cloud infrastructure [ASSUMPTION] | EU [ASSUMPTION A-005] | As above [ASSUMPTION] | Mandatory logging per EU AI Act Article 12 |
| Submitted documents (if retained) | [UNKNOWN — must be clarified] [ASSUMPTION] | [UNKNOWN] | [UNKNOWN] | [LEGAL REVIEW REQUIRED] — Retention of submitted documents creates significant GDPR liability if personal data is involved |
| Training / fine-tuning data | [UNKNOWN — if Pickles GmbH fine-tunes models] [ASSUMPTION] | [UNKNOWN] | [UNKNOWN] | If personal data used for training: Article 6 lawful basis required; Article 9 heightened requirements for special categories |
| Data at third-party model provider | [UNKNOWN — if API used] [ASSUMPTION A-004] | [UNKNOWN — possibly non-EU] | [UNKNOWN] | SCCs required if non-EU; §43e BRAO contractual controls required |
[ASSUMPTION A-005] EU-based hosting is assumed but unverified. If any storage location is outside the EEA, GDPR Chapter V (international transfer requirements) applies.
5.2 Retention Periods
[ASSUMPTION] The following retention periods are proposed as a working framework and must be confirmed against Pickles GmbH's actual business requirements, contractual obligations, and data protection assessment.
| Data Type | Proposed Retention | Basis | Notes |
|---|---|---|---|
| User account data (active accounts) | Duration of account relationship + 3 years [ASSUMPTION] | Contract performance; legitimate interests (legal claims) | [LEGAL REVIEW REQUIRED] |
| User account data (closed accounts) | 3 years from account closure [ASSUMPTION] | Limitation periods (§195 BGB — standard 3-year period) | [LEGAL REVIEW REQUIRED] |
| Query and session logs | 90 days [ASSUMPTION] | Operational monitoring and incident response | [LEGAL REVIEW REQUIRED — balance against Article 5(1)(e) GDPR storage limitation] |
| AI output logs (SYS-04 — high-risk) | 6 months minimum per EU AI Act Article 26(6) | EU AI Act Article 26(6) mandatory minimum | "Deployers shall keep logs... for a period of at least six months" |
| Submitted documents (if retained) | [NOT RECOMMENDED — avoid retention unless operationally essential] [ASSUMPTION] | GDPR Article 5(1)(e) storage limitation principle | Retention of client legal documents creates maximum GDPR risk and §43a BRAO confidentiality risk |
| Training data | Per training dataset lifecycle documentation [ASSUMPTION] | As required by EU AI Act Article 10 | Anonymised training data should be treated differently from personal data |
[LEGAL REVIEW REQUIRED] Retention periods must be assessed against GDPR Article 5(1)(e) (storage limitation) and documented in the RoPA. Pickles GmbH must have a specific lawful basis for each processing activity within each retention window.
6. Sub-Processors
6.1 Sub-Processor Register (Assumed)
[ASSUMPTION] The following sub-processors are assumed based on the typical architecture of a cloud-based legal AI SaaS platform. This list must be verified and maintained as the definitive sub-processor register under GDPR Article 28(2).
| Sub-Processor Category | Role | Data Transferred | Location | Transfer Mechanism | DPA in Place |
|---|---|---|---|---|---|
| Third-party AI model provider [ASSUMPTION A-004] | Processes queries / generates AI outputs | May include personal data from prompts [ASSUMPTION] | Unknown — possibly non-EU [ASSUMPTION] | SCCs required if non-EU [LEGAL REVIEW REQUIRED] | Required — see L2-5.3 |
| Cloud hosting provider [ASSUMPTION A-005] | Infrastructure hosting — compute, storage, networking | All platform data | EU assumed [ASSUMPTION] | Within EEA — no Chapter V mechanism required | Required |
| Payment processor [ASSUMPTION] | Subscription billing | Payment data, account holder name/email | [UNKNOWN] | [UNKNOWN] | Required |
| Email / notification provider [ASSUMPTION] | Transactional emails (account verification, alerts) | Email address, name | [UNKNOWN] | [UNKNOWN] | Required |
| Monitoring / logging provider [ASSUMPTION] | Application performance monitoring | Technical logs (may include metadata) | [UNKNOWN] | [UNKNOWN] | Required |
| Analytics provider [ASSUMPTION] | Product usage analytics | Anonymised or pseudonymised usage data [ASSUMPTION] | [UNKNOWN] | [UNKNOWN] | Required if personal data |
BRAK §43e BRAO obligation: For any sub-processor that handles data that may constitute attorney-client confidential information, Pickles GmbH must ensure a written contract (at minimum in text form per §43e(2) BRAW) containing the minimum content specified in §43e(3) Nos. 1–3 BRAO: (1) confidentiality obligation with criminal consequences disclosure; (2) purpose limitation; (3) obligation to terminate if confidentiality can no longer be guaranteed.
6.2 Client Notification of Sub-Processors
GDPR Article 28(2) requires that processors obtain prior specific or general written authorisation from the controller before engaging sub-processors. If Pickles GmbH acts as a data processor for its lawyer clients:
- Pickles GmbH must notify lawyer clients of all sub-processors handling their data
- Lawyer clients must have the opportunity to object to sub-processor changes
- The sub-processor list should be published and maintained as part of Pickles GmbH's Privacy Policy or a dedicated sub-processor list page
[ASSUMPTION] This disclosure has not been confirmed as currently in place.
7. International Data Transfers
7.1 Transfer Risk Assessment
GDPR Article 44 requires that personal data transferred to third countries is subject to appropriate safeguards. This is particularly relevant where Pickles GmbH's third-party model provider is located outside the EEA.
[ASSUMPTION A-004] If using a US-based model provider (common for large language models):
| Transfer | Destination | Risk | Mechanism Required |
|---|---|---|---|
| Prompts containing personal data → third-party model API | USA (assumed) [ASSUMPTION] | High — no adequacy decision for USA for all transfers; Data Privacy Framework applies only to certified organisations | SCCs (EU Standard Contractual Clauses per Article 46(2)(c) GDPR) and Transfer Impact Assessment (TIA) [LEGAL REVIEW REQUIRED] |
| Prompts → non-EU, non-adequacy country | Other third countries | Very high | SCCs + TIA, or other Article 46 safeguards; §43e(4) BRAO requires special protective measures |
7.2 GDPR Article 46 Safeguards Required
Where no adequacy decision exists (GDPR Article 45), transfers may proceed only if appropriate safeguards are in place (Article 46), including: - Standard data protection clauses adopted by the Commission (Article 46(2)(c)) — EU SCCs (Commission Decision 2021/914) - Transfer Impact Assessment (TIA) — non-binding but required by EDPB recommendations for SCC transfers to high-risk destinations
7.3 BRAK §43e(4) BRAO Transfer Obligation
Where client secrets are transferred to providers in non-EU countries, §43e(4) BRAO requires the level of confidentiality protection to be comparable to Germany. For US-based cloud and AI providers, the BRAK position paper notes: "it is not yet clear whether the level of data protection can be relied upon in this context, so that — as far as possible — preference should be given to AI providers with servers located in Germany or Europe."
[LEGAL REVIEW REQUIRED] If the third-party model provider is US-based, a TIA must be conducted and documented. Contractual data processing agreement terms must meet both GDPR Article 28 and §43e BRAO requirements. See L2-5.3 for vendor risk assessment framework.
8. Security Measures Overview
Detailed security requirements are governed by GDPR Article 32 and BDSG Section 64.
| Security Control | Requirement Basis | Status [ASSUMPTION] |
|---|---|---|
| Encryption in transit (TLS 1.3+) | GDPR Article 32(1)(a); BDSG §64(2) | [ASSUMPTION — not verified] |
| Encryption at rest (AES-256 or equivalent) | GDPR Article 32(1)(a); BDSG §64(2) | [ASSUMPTION — not verified] |
| Access controls — user authentication | BDSG §64(3) Nos. 4, 5 | [ASSUMPTION — not verified] |
| Access controls — internal staff (need-to-know) | BDSG §64(3) No. 5; BRAK §43e(1) | [ASSUMPTION — not verified] |
| Audit logging — who accessed what | BDSG §64(3) No. 7 ("input control") | [ASSUMPTION — not verified] |
| Communication control — data transmission tracking | BDSG §64(3) No. 6 | [ASSUMPTION — not verified] |
| Separation of data by purpose | BDSG §64(3) No. 14 ("separability") | [ASSUMPTION — not verified] |
| Resilience and recovery | GDPR Article 32(1)(b)(c); BDSG §64(2) | [ASSUMPTION — not verified] |
| Regular security testing | GDPR Article 32(1)(d); BDSG §64(3) No. 11 | [ASSUMPTION — not verified] |
| Adversarial input defences (SYS-04 high-risk) | EU AI Act Article 15(5) | [ASSUMPTION — not verified] |
| Pseudonymisation where feasible | GDPR Article 32(1)(a) | [ASSUMPTION — recommended for query logs] |
9. GDPR Article 30 — Records of Processing Activities Summary
This section provides the core elements required for Pickles GmbH's RoPA under Article 30. The RoPA must be maintained in writing (including electronic form) and made available to the supervisory authority on request.
9.1 Controller Records (Pickles GmbH as controller — for user account data)
| RoPA Element | Content |
|---|---|
| Controller name and contact | Pickles GmbH; [PLACEHOLDER — address, DPO contact] |
| Purpose of processing | Provision of legal AI platform services; account management; billing |
| Categories of data subjects | Registered users (lawyers, paralegals, legal professionals) [ASSUMPTION] |
| Categories of personal data | Name, email, firm, professional role, billing details, usage logs [ASSUMPTION] |
| Categories of recipients | Cloud hosting sub-processor; payment processor; email provider [ASSUMPTION] |
| International transfers | [UNKNOWN — depends on sub-processor locations] |
| Retention periods | [See Section 5.2] |
| Security measures | [See Section 8] |
9.2 Processor Records (Pickles GmbH as processor — for lawyer client data)
| RoPA Element | Content |
|---|---|
| Processor name and contact | Pickles GmbH; [PLACEHOLDER — DPO contact] |
| Controller(s) | Lawyer clients (each law firm or in-house legal dept.) |
| Categories of processing | AI-assisted legal research, drafting, summarisation, analysis |
| International transfers | [UNKNOWN — depends on third-party model provider location; see Section 7] |
| Security measures | [See Section 8] |
[LEGAL REVIEW REQUIRED] GDPR Article 30(5) provides an exemption for organisations with fewer than 250 employees, but this exemption does not apply where processing is likely to result in a risk to data subjects' rights, is not occasional, or involves special categories of data. Given the almost certain involvement of special categories of personal data in legal documents, the RoPA obligation almost certainly applies to Pickles GmbH regardless of employee count.
10. Data Flows Requiring Immediate Action
The following gaps require resolution before Pickles GmbH can produce a complete and accurate data flow map:
| Gap | Priority | Owner [ASSUMPTION] |
|---|---|---|
| Confirm whether third-party model provider is used, and if so, which | Critical | CEO / Head of Engineering [ASSUMPTION] |
| Confirm model provider location — EEA or non-EEA | Critical | CEO / Head of Engineering [ASSUMPTION] |
| Confirm whether user queries / documents are retained after session | Critical | Head of Engineering [ASSUMPTION] |
| Confirm whether personal data from queries is transmitted to model provider | Critical | Head of Engineering [ASSUMPTION] |
| Confirm cloud hosting provider identity and jurisdiction | High | Head of Engineering [ASSUMPTION] |
| Review whether any model training uses client-submitted data | Critical | Head of Engineering / CEO [ASSUMPTION] |
| Audit all sub-processors and confirm DPAs in place | High | DPO / Legal [ASSUMPTION] |
| Conduct Transfer Impact Assessment if non-EU transfers identified | High | DPO / Legal [ASSUMPTION] |
Document Control
| Field | Detail |
|---|---|
| Document ID | L2-5.1 |
| Next review | After architecture confirmation from engineering; before DPIA (L2-5.2) is finalised |
| Cross-references | L2-5.2 (DPIA Assessment), L2-5.3 (Vendor Risk Assessment), L1-3.1 (AI System Inventory) |
| Regulatory basis | GDPR Articles 28, 30, 32, 44, 46; BDSG §64; EU AI Act Articles 12, 26(6); BRAK §43e BRAO |
| Assumptions relied upon | A-001, A-002, A-004, A-005, A-007 |