Home Use cases Meet DPO Agent Pricing FAQ Knowledge base Trust Center Privacy by design Whitepaper DPA Contact Team Sign in
TECHNICAL WHITEPAPER

Security & Privacy by Design
in DPO Agent

A technical overview of the architecture, security controls, and privacy measures built into DPO Agent — for IT security managers, DPOs, and procurement teams.

Version: 1.0 Date: June 2026 Classification: Public

Contents

  1. Executive summary
  2. Architecture overview
  3. Data flow and processing
  4. Security controls
  5. Privacy by design principles
  6. AI model security
  7. Regulatory compliance
  8. Sub-processors and third parties
  9. Incident response
  10. Shared responsibility model

1. Executive summary

Overview for senior stakeholders

DPO Agent is an AI-powered legal advisory service for data protection officers and compliance professionals. The service is built on Microsoft Azure infrastructure in Sweden Central (EU) and is designed from the ground up to minimise the processing of personal data.

Key security posture: DPO Agent stores no conversation data. Every query is processed in memory and discarded immediately after the response is generated. Authentication is handled exclusively by Microsoft Entra ID — DPO Agent never handles or stores passwords or identity credentials.

Fair use enforcement: Rate limiting is implemented via Microsoft Entra ID. An anonymised identifier derived from the authenticated user's Entra ID account is temporarily held in server memory (RAM) to enforce the daily query limit (100 queries per user per day). This identifier is never written to disk or any database, is not linked to conversation content, and is automatically discarded at the end of the calendar day.

The service is designed to meet the requirements of GDPR Article 25 (data protection by design and by default), Article 32 (security of processing), and Article 28 (processor obligations). A full Data Processing Agreement is available at dpoagent.dk/dpa.

2. Architecture overview

Infrastructure components and their roles
ComponentTechnologyLocationPurpose
Web application Azure Functions (Node.js) Sweden Central Serves HTML, handles chat API requests, routes traffic
AI model Azure OpenAI Sweden Central Generates legal guidance responses
Knowledge base Azure AI Search Sweden Central Semantic search over legislation, guidelines, and decisions
Document storage Azure Blob Storage Sweden Central Stores knowledge base source documents (public legislation only)
Authentication Microsoft Entra ID Microsoft global SSO authentication and access control
Email delivery SendGrid (Twilio) USA (SCCs) Transactional email for contact form confirmations only

All primary processing components are deployed in Sweden Central — within the European Union. No conversation data leaves the EU at any point.

3. Data flow and processing

What data is processed, when, and how

Query processing flow

When a user submits a query, the following sequence occurs entirely in memory:

  1. User authenticates via Microsoft Entra ID SSO.
  2. Query is transmitted over HTTPS to the Azure Function App.
  3. Azure AI Search performs a dual-language (Danish + English) semantic search over the knowledge base, retrieving up to 8 results per language and merging them into up to 16 unique document excerpts.
  4. The query and retrieved context are sent to Azure OpenAI for response generation.
  5. The response is returned to the user's browser over HTTPS.
  6. All in-memory data is discarded. Nothing is written to storage.

Document upload

Users may optionally upload a document (PDF, Word .docx, or TXT — maximum 5 MB) for review and analysis alongside their query. Document uploads are processed as follows:

  1. Browser-side extraction only. The document is read and text is extracted entirely within the user's browser using JavaScript (PDF.js for PDF, Mammoth.js for Word). The file is never uploaded to any server.
  2. The extracted text is injected into the user's query message and transmitted to Azure Functions over HTTPS — exactly as a typed query would be.
  3. Azure OpenAI processes the document content in memory and returns a response with citations from the knowledge base.
  4. Document content is discarded immediately after processing. Nothing is written to storage.
Zero retention applies equally to uploaded documents. A document uploaded by a user is treated identically to typed text — processed in memory and discarded. DPO Agent never stores, indexes or retains any user-uploaded content.

Visual data flow

DPO Agent — Data Flow Browser Question typed · JS memory only Step 1 Browser memory only HTTPS · encrypted 📎 File upload (optional) Text extracted in browser · never sent to server Step 1b No server upload Question + file text · HTTPS Azure Functions Sweden Central · Extracts question for search Step 2 No data retained Question only · max 500 chars Azure AI Search Knowledge base · 37,000+ sections Step 3 No data retained Top 8 KB results Extracted document text Azure OpenAI Generates cited response · analyses document Step 4 Zero data retention HTTPS · encrypted Browser Response displayed · JS memory only Step 5 Deleted on new session Follow-up question full thread What is never stored Questions · Responses · Uploaded documents · Conversation history All infrastructure in EU (Sweden Central) · TLS encrypted end-to-end Legend Browser — local JS memory only File upload — text extracted in browser · file never sent to server Azure Functions — routes question to search · retains nothing Azure AI Search — question only · no document content stored Azure OpenAI — zero retention · document analysed in memory only Follow-up question — full thread resent each time Extracted document text — sent directly to Azure AI model (bypasses search) DPO Agent ApS · dpoagent.dk · Data Flow v3 · June 2026

Data retained by the service

Data typeRetained?LocationRetention period
Conversation contentNo
Query textNo
Authentication tokensSession onlyBrowserUntil tab is closed
Technical telemetryYesAzure Monitor30 days (response times, error codes — no content)
Contact form dataYesEmail onlyPer email retention policy
Knowledge base documentsYesAzure Blob StorageIndefinite (public legislation only)

4. Security controls

Technical and organisational measures per GDPR Article 32

TLS 1.2+ everywhere

All traffic between clients and the service is encrypted. HTTP is redirected to HTTPS. No unencrypted communication is possible.

SSO via Entra ID

All authentication is delegated to Microsoft Entra ID. DPO Agent never handles passwords or stores identity credentials.

No conversation storage

Azure OpenAI Stored Completions is explicitly disabled. Queries and responses are never written to disk or logs.

Managed Identity

Service-to-service authentication uses Azure Managed Identity. No credentials are stored in code or configuration files.

Secrets management

All API keys are stored as encrypted Azure environment variables. No secrets appear in source code or configuration files.

EU data residency

All primary processing takes place in Microsoft Azure Sweden Central. No personal data leaves the European Union.

5. Privacy by design principles

Implementation of GDPR Article 25

Data minimisation (GDPR art. 5(1)(c))

DPO Agent processes only the data strictly necessary for the service to function. Conversation history exists solely in the browser's memory during the active session. When the user closes the tab, all conversation data is permanently deleted from the client side.

Purpose limitation (GDPR art. 5(1)(b))

Each query is processed for the sole purpose of generating a legal guidance response. The system has no mechanism for secondary processing. Microsoft Azure OpenAI contractually guarantees that customer data is not used to train or improve Microsoft's models.

Storage limitation (GDPR art. 5(1)(e))

No conversation data is retained beyond the immediate processing required to generate a response. The Azure OpenAI Stored Completions feature is explicitly disabled, ensuring prompts and responses are not retained by Microsoft beyond in-memory processing.

Integrity and confidentiality (GDPR art. 5(1)(f))

All data in transit is encrypted via TLS 1.2+. Authentication is handled by Microsoft's enterprise identity platform. Infrastructure-to-infrastructure communication uses Managed Identity — no shared secrets.

Accountability (GDPR art. 5(2))

DPO Agent maintains documentation of all technical and organisational measures. A Data Processing Agreement is available at dpoagent.dk/dpa. Sub-processor agreements are in place with Microsoft and Twilio/SendGrid.

6. AI model security

Controls specific to the AI processing layer

Model deployment

DPO Agent uses Azure OpenAI Service with the latest available model deployed in Sweden Central. The model is accessed via a private Azure resource endpoint. No public OpenAI API endpoints are used.

No training on customer data

Microsoft's Azure OpenAI terms of service explicitly prohibit the use of customer prompts and completions for model training. This is enforced contractually and technically — Stored Completions is disabled at the deployment level.

Knowledge base architecture (RAG)

DPO Agent uses Retrieval Augmented Generation (RAG). Before each response, Azure AI Search performs a semantic search over a curated knowledge base of public legislation, guidelines, and enforcement decisions. The model is instructed to answer only from this retrieved context — not from general training knowledge.

The knowledge base contains only publicly available legal documents — legislation, regulatory guidelines, and published enforcement decisions. No personal data is stored in the knowledge base.

Output controls

Every response includes a mandatory disclaimer clarifying that the guidance is not legal advice. The system prompt instructs the model never to use general training knowledge and to explicitly state when information cannot be found in the knowledge base.

7. Regulatory compliance

Applicable frameworks and how DPO Agent addresses them
FrameworkRelevant requirementsDPO Agent implementation
GDPR Art. 25 (privacy by design), Art. 28 (processor), Art. 32 (security) Privacy by design architecture, DPA available, security controls documented
Databeskyttelsesloven Danish implementation of GDPR Governed by Danish law. DPA references LBK nr. 289 af 15/03/2024
EU AI Act Risk classification, transparency obligations DPO Agent is a general-purpose AI tool used for legal guidance — assessed as limited risk. Disclaimer included in all responses.
NIS2 Directive Cybersecurity measures for digital service providers Infrastructure hosted on Microsoft Azure, which maintains NIS2-compliant security controls
ISO 27001 Information security management Microsoft Azure is ISO 27001 certified. DPO Agent aligns with Azure's security baseline.

8. Sub-processors and third parties

All third parties involved in processing
Sub-processorPurposeLocationLegal basis for transfer
Microsoft Azure Cloud infrastructure, AI model, authentication, storage, search Sweden Central (EU) EU territory — no transfer
SendGrid (Twilio Inc.) Transactional email for contact form confirmations USA EU Standard Contractual Clauses (2021/914)

DPO Agent will notify customers of any changes to sub-processors with a minimum of 30 days' notice, in accordance with GDPR Article 28(2).

9. Incident response

How security incidents are handled

Detection

DPO Agent relies on Microsoft Azure's built-in security monitoring, including Microsoft Defender for Cloud and Azure Monitor, for detection of security incidents affecting the infrastructure layer.

Notification

In the event of a personal data breach affecting customer data processed under the DPA, DPO Agent will notify affected customers within 48 hours of becoming aware of the breach, in accordance with GDPR Article 33.

Notifications will be sent to the registered contact email address. Customers are responsible for notifying their relevant supervisory authority within 72 hours of receiving notification from DPO Agent.

Scope limitation

Because DPO Agent stores no conversation data, the impact of any potential breach is significantly limited. The primary data at risk would be authentication data managed by Microsoft Entra ID and contact form submissions.

10. Shared responsibility model

What DPO Agent is responsible for vs. the customer
AreaDPO AgentCustomer
Infrastructure securityResponsible (Azure)
AI model securityResponsible
Authentication infrastructureResponsible (Entra ID)Manages own tenant settings
User access managementResponsible
Content of queriesResponsible
Compliance with own GDPR obligationsResponsible
DPA obligationsResponsible
Breach notification to supervisory authorityNotifies customerNotifies authority (72h)

For questions about this whitepaper or to request additional security documentation, please contact contact@dpoagent.dk.