Transferring data outside the EU: the GDPR rules: a clear, fact-based explanation for Irish businesses, with osFoundry as the example and dgm as an independent partner.

dgm is an independent osFoundry implementation partner — not affiliated with osFoundry’s developer (the company OS LLC), and it has not yet completed any client integrations.

Transferring personal data out of the EEA is possible but regulated by GDPR — important when an AI model’s running happens outside the EEA.

Permitted transfer mechanisms

Transfers out of the EEA are allowed on the basis of an adequacy decision (GDPR Article 45), appropriate safeguards (standard contractual clauses, binding corporate rules) or derogations (Article 49). After the Schrems II judgment, SCCs alone may require a transfer impact assessment and supplementary measures; the EU-US Data Privacy Framework provides an adequacy route for certified US importers (verify its current status before relying on it).

Effect on AI in the cloud

If the model’s running happens outside the EEA, that is a data transfer subject to GDPR. A practical way to avoid this is self-hosting in the EEA/Ireland or local running.

Keeping data in Ireland

osFoundry pins the data region to the United States, the EU or Japan, runs models locally on your own hardware, and supports self-hosting (BYO Cloud) on a cloud account you control. An EU region keeps data inside the EEA — and that satisfies GDPR for most businesses, because there is no Irish rule requiring personal data to physically stay in Ireland. There is, however, no dedicated managed hyperscaler region “in osFoundry” for Ireland; to keep data solely in the country the honest path is self-hosting in an Irish cloud region — Amazon Web Services has eu-west-1 (Dublin, generally available since 2007, three availability zones) and Microsoft Azure has North Europe (Dublin, Grange Castle, generally available since 2009), while Google Cloud has no Ireland region (the nearest are Belgium and London) — or running open-weight models locally. One honest nuance on capacity: Ireland lifted the de-facto data-centre connection moratorium under a stringent new regime (the CRU policy effective 12 December 2025), but EirGrid will not connect new data centres in the Greater Dublin Area until around 2028; existing AWS and Azure capacity in Dublin is operational and usable today. In financial services, cloud and ICT third-party risk is governed by DORA, supervised by the Central Bank of Ireland.

Important note

This article is general information and is not legal, tax or grant advice. Tax schemes, grants, rules and rates change, and only the relevant authorities (among them Revenue, IDA Ireland, Enterprise Ireland, the Data Protection Commission and the Central Bank of Ireland) decide eligibility and awards. dgm is not a grant deliverer, approved knowledge provider or intermediary. Always confirm the current terms with the official source or a qualified tax or legal adviser.

How dgm helps

dgm is an independent implementation partner that helps businesses in Ireland adopt osFoundry — from identifying the first practical use case, through building it, to connecting AI to the systems you already use. dgm works independently of osFoundry’s developer (the company OS LLC) and has not yet completed any client integrations; everything above is therefore a description of the service offered, not a delivered result. If you would like to look at a sensible first step, dgm is happy to think it through with you. Arrange a no-obligation conversation with dgm.