Hugging Face

Purpose & Context

This overview evaluates Hugging Face and specifically HuggingChat for GDPR compliance and data privacy in EU business contexts. Hugging Face is an AI collaboration platform offering model hosting, inference APIs, and HuggingChat (an open-source chatbot interface).

Target audience: EU-based procurement, legal, compliance, and IT teams evaluating Hugging Face services for processing personal or business-sensitive data.

---

🏢 Company & Service Overview

Company: Hugging Face, Inc. (Delaware, USA)[1]

Headquarters: New York, USA with strong European presence and partnerships

Key differentiator: Open-source AI platform with community-driven model repository. Selected by French Data Protection Agency (CNIL) for Enhanced Support Program in May 2023.[2]

Services:

• Hub: Model & dataset repository
• Inference API: Serverless model inference
• HuggingChat (Omni): Open-source chatbot interface; relaunched Oct 2025 as a model router across 115+ open models from ~15 providers (the original chat-ui was retired Jul 2025)
• Inference Endpoints: Dedicated enterprise deployments
• Spaces: AI app hosting platform

---

📊 Service Tiers Comparison

---

✅ GDPR Compliance Assessment

Strengths

🟢 CNIL Partnership

• Selected for French Data Protection Agency Enhanced Support Program (May 2023)[2]
• Working directly with EU regulators on GDPR compliance
• Demonstrates commitment to EU data protection framework

🟢 Data Processing Agreement

• DPA available for business customers[4]
• Standard Contractual Clauses (SCCs) included
• Covers GDPR Article 28 processor requirements

🟢 EU Infrastructure Available

• Storage regions feature now available on Team ($20/user/month) and Enterprise tiers[3]
• US 🇺🇸 and EU 🇪🇺 regions supported; Asia-Pacific region still "coming soon"
• Multiple EU inference providers: Scaleway (France), Nebius (Netherlands), Nscale (UK), Public AI (Switzerland)[5]
• H200 GPU access added to Pro inference tier

🟢 Inference Providers Marketplace

• Inference Providers marketplace launched; Pro plan includes 20× the free tier's included inference credits
• Allows routing to multiple compute providers including EU-based options

🟢 Inference API Data Handling

• "Hugging Face does not store any user data for training purposes"[6]
• "We do not store the request body or response" for Inference Providers[6]
• No request/response storage; debug logs (no user data or tokens) kept up to 30 days[6]

Gaps & Concerns

🟢 HuggingChat Training Policy Clarified

• The current HuggingChat privacy policy states Hugging Face "does not store any user data for training purposes" and does not store the request body or response when routing[8]
• The historical "share with model authors" opt-out toggle was removed because conversation-sharing was discontinued in the original chat-ui[7]
• HuggingChat (Omni) now routes through external Inference Providers responsible for their own data handling, so verify each provider's policy before sending personal data[8]

🟡 Data Retention Transparency

• HuggingChat: Conversations stored until manually deleted by user[8]
• Unclear if deletion is permanent or if backups retain data
• No automated retention limits disclosed

🟡 ISO 27001 Not Held

• SOC 2 Type 2 certified (Hub, Inference Endpoints and Inference Providers); the report is available under NDA from the account team
• ISO 27001 not confirmed in official documentation (Hugging Face offers SOC 2 Type 2 as equivalent assurance)
• Less broad certification coverage than some enterprise vendors

🔴 Security Incident: May 2024

• Unauthorised access to Spaces platform detected[9]
• Subset of Spaces secrets (tokens, API keys) potentially compromised[10]
• Company revoked tokens and notified affected users[11]
• Incident highlights supply chain risks in AI platforms[12]

🟡 Security Partnership: Protect AI

• Protect AI partnership: 4.47 million model versions scanned for security vulnerabilities
• Proactive supply chain security monitoring across the Hub

🟡 Free/Pro Tier Limitations

• No EU storage region selection for non-Enterprise tiers
• No DPA for individual Pro users
• Infrastructure location not user-controllable

---

🔐 Data Protection Framework

Legal Basis

• Privacy Policy effective March 28, 2023 - not updated since then (notable gap as of June 2026)[1]
• Terms of Service effective September 15, 2022[13]
• Content Policy effective April 10, 2025[14]
• HuggingChat Privacy updated September 15, 2025[8]

Data Processing

• Controller: Hugging Face, Inc. (US company)
• Processor role: Available for business customers via DPA
• Sub-processors: Multiple inference providers (varies by model)
• Transfer mechanism: SCCs for EU-US transfers (Enterprise)

User Rights (GDPR Articles 15-22)

• Access, rectification, erasure: Contact privacy@huggingface.co[8]
• Conversation deletion: Available in UI at any time[8]
• Data portability: Not clearly documented
• Objection to processing: Requires contacting support

---

🌍 Infrastructure & Data Residency

Storage Regions (Team and Enterprise)

• US Region 🇺🇸: Default for most users
• EU Region 🇪🇺: Now available for Team ($20/user/month) and Enterprise organisations[3]
• Asia-Pacific Region 🌏: Still "coming soon" - not yet available
• Region selection controls where models and datasets are stored
• Does not control inference processing location

Inference Providers (HuggingChat)

• Multi-provider routing: Model availability determines provider[8]
• Current Omni routing providers (Oct 2025): primarily Groq, Cerebras, Together AI, Novita AI among ~15 providers; mostly US-based, so EU residency is not guaranteed for HuggingChat
• EU-based providers (e.g., Scaleway, Nebius) exist in the broader Inference Providers marketplace but are not guaranteed for HuggingChat routing[5]
• User control: Limited - cannot pin a specific provider/region for HuggingChat

Gap: Processing Location Transparency

⚠️ While storage regions are configurable (Enterprise), the actual inference/processing location for HuggingChat is provider-dependent and not user-controllable.

---

📝 Training Data Policy

Inference API & Endpoints

✅ No training on user data[6]

✅ No request/response storage[6]

✅ Zero retention for API calls

HuggingChat: No training/no storage by Hugging Face (Omni)

🟢 Current status (privacy policy last updated Sep 15, 2025):

• Hugging Face "does not store any user data for training purposes" and does not store the request body or response when routing[8]
• The historical "sharing with model authors" opt-out toggle was removed because conversation-sharing was discontinued[7]
• Caveat: HuggingChat (Omni) routes to external Inference Providers that handle data under their own policies, which Hugging Face's no-training/no-storage commitment does not bind[8]

🟡 Inference provider variability:

• HuggingChat routes to multiple providers[8]
• Each provider may have different data policies
• Hugging Face states they don't store data, but provider policies may differ

Recommendation

❗ For sensitive business use: Request written confirmation from Hugging Face about HuggingChat training policies and require DPA with explicit "no training" clause.

---

🔒 Security & Compliance

Security Features

• Malware scanning: For uploaded models and datasets[15]
• Access tokens: Fine-grained permissions (read/write)
• Private repositories: Available for paid users
• SSO/SAML: Team & Enterprise (Basic SSO; Managed SSO is Enterprise Plus)
• Audit logs: Team & Enterprise[16]
• Resource groups: Granular access control (Team & Enterprise)[16]

Certifications

🟡 Certification disclosure:

• SOC 2 Type 2 certified (stated in official Hub security docs; report available under NDA)[15]
• GDPR Compliant (CNIL partnership; DPA available)[17]
• ISO 27001: Not held / not featured in official docs

Security Incidents

🔴 May 2024: Spaces Platform Breach[9]

• Unauthorised access to Spaces secrets (API keys, tokens)
• Subset of user secrets potentially compromised
• Hugging Face revoked affected tokens and notified users
• No evidence of model/dataset compromise, limited to Spaces platform

Impact: Demonstrates supply chain risks in open AI ecosystems. Hugging Face responded transparently and promptly.

---

⚖️ Legal & Regulatory Context

French CNIL Partnership (2023)

✅ Hugging Face selected for Enhanced Support Program[2]

• 1 of 3 companies chosen from 40+ applicants
• Direct regulatory guidance on GDPR compliance
• Focus on AI-specific data protection challenges
• Positive signal for EU regulators' view of Hugging Face

EU AI Act Considerations

• Hugging Face published position paper on EU AI Act[18]
• Advocates for open ML model approach
• Engaged with policymakers on regulation

---

💰 Pricing for Business Use

Source: Pricing information from Hugging Face website and third-party analyses[16][19]

---

❓ EU Procurement Q&A

Q1: Can we use HuggingChat for processing personal data under GDPR?

A: Conditional Yes for Enterprise tier with DPA and EU storage region. Not recommended for Free/Pro tiers due to:

• No DPA availability
• No EU storage region selection
• Ambiguous training policy for HuggingChat
• Inference routing through multiple providers

For Inference API with DPA: Yes - explicit no-training, no-retention policy.

Q2: Where is our data stored and processed?

A:

• Storage: Configurable for Team ($20/user/month) and Enterprise (US or EU region)[3]
• Processing (HuggingChat): Multi-provider routing - may include US, EU, or other providers depending on model availability[8]
• Gap: Processing location not user-controllable for HuggingChat
• Asia-Pacific: Storage region still "coming soon"

Q3: Is there a Data Processing Agreement?

A: Yes - DPA available for Enterprise customers (the Team plan is credit-card self-serve with no contract capability, so a signable DPA requires Enterprise)[4]

• Includes Standard Contractual Clauses
• GDPR Article 28 compliant
• Not available for Free or Pro individual users

Q4: Will our conversations be used to train AI models?

A: No (by Hugging Face) for both routes - but verify routed providers:

• Inference API/Providers: No - explicit no-training, no request/response storage[6]
• HuggingChat (Omni): No by Hugging Face - the policy states HF does not store user data for training and does not store request/response[8]; however prompts are routed to external Inference Providers responsible for their own data handling
• Recommendation: For business use, sign a DPA and verify each routed inference provider's own training/retention policy

Q5: What about the May 2024 security incident?

A: Spaces platform breach exposed subset of API tokens/secrets.[9] Impact:

• Limited to Spaces platform (app hosting)
• No evidence of model/dataset compromise
• Transparent disclosure and prompt remediation
• Does not affect core HuggingChat or Inference API
• Consider in overall risk assessment

Q6: How does Hugging Face compare to ChatGPT for GDPR?

A:

• Hugging Face advantages: EU storage option, CNIL partnership, open-source transparency, explicit no-training for API
• Hugging Face disadvantages: Less mature enterprise features, HuggingChat training policy ambiguity, multi-provider routing complexity
• ChatGPT advantages: Clearer training opt-out, more mature compliance program, single-provider simplicity
• Verdict: Hugging Face Inference API (with DPA) potentially better for EU. HuggingChat on par or slightly behind ChatGPT due to training policy ambiguity.

---

✅ EU Business Rollout Checklist

Before Deployment

• Upgrade to Enterprise tier if processing personal data
• Sign Data Processing Agreement with Hugging Face
• Select EU storage region in organisation settings
• Request written confirmation of training policy for HuggingChat
• Map inference providers - understand which providers may process data
• Conduct DPIA (Data Protection Impact Assessment) if high-risk processing
• Review sub-processor list in DPA
• Configure audit logging (Enterprise feature)
• Implement access controls using resource groups (Team & Enterprise)
• Document data flows for GDPR Article 30 records

During Deployment

• User training on conversation deletion and data sensitivity
• Restrict Spaces platform usage (if concerned about May 2024 incident)
• Use Inference API (not HuggingChat) for highest GDPR certainty
• Monitor audit logs for unauthorised access
• Regular DPA reviews as Hugging Face updates services

Post-Deployment

• Quarterly compliance review of Hugging Face updates
• User data minimisation - delete old conversations
• Vendor risk assessment including security incident history
• Alternative provider evaluation (quarterly)

---

🔄 Recommended Alternatives

If Hugging Face HuggingChat doesn't meet requirements:

For EU-First Chatbots

1. Mistral AI (France) - French AI company, EU-based, strong GDPR focus
2. Aleph Alpha (Germany) - German sovereign AI, explicit EU data residency
3. Self-hosted open models - Via Hugging Face models on your infrastructure (full control)

For Enterprise AI with Strong GDPR

1. ChatGPT Enterprise - DPA, opt-out training, Azure EU hosting option
2. Claude Enterprise (Anthropic) - DPA available, clear training opt-out
3. Google Gemini Enterprise - DPA, EU data residency, no training on business data

For Open-Source Self-Hosting

1. LM Studio - Run models locally, zero cloud dependency
2. Ollama - Open-source model runtime, on-premises deployment
3. Hugging Face models on EU cloud - Deploy Hugging Face models on Scaleway/OVH (France)

---

📚 Key Documentation & References

Official Hugging Face Legal Docs

• Privacy Policy (Mar 2023): https://huggingface.co/privacy
• DPA Template: https://cdn-media.huggingface.co/landing/assets/Data+Processing+Agreement.pdf

Security Incidents

• May 2024 Spaces Breach (Official): https://huggingface.co/blog/space-secrets-disclosure
• The Hacker News Coverage: https://thehackernews.com/2024/06/ai-company-hugging-face-notifies-users.html
• TechTarget Analysis: https://www.techtarget.com/searchsecurity/news/366587535/Hugging-Face-tokens-exposed-attack-scope-unknown
• LinkedIn Supply Chain Analysis: https://www.linkedin.com/pulse/hugging-face-secrets-leak-highlights-ai-supply-chain-risk-h5a2e

Community & Transparency

• Training Policy Discussion: https://huggingface.co/spaces/huggingchat/chat-ui/discussions/482
• Data Privacy Forum Thread: https://discuss.huggingface.co/t/sensitive-data-privacy-gathering/134541#post_3
• EU Inference Providers: https://www.silicon.fr/Thematique/cloud-1370/Breves/hugging-face-ajoute-options-europeennes-inference-485472.htm

Third-Party Assessments

• Nudge Security Profile: https://www.nudgesecurity.com/security-profile/huggingface-co
• Common Sense Privacy Report: https://privacy.commonsense.org/privacy-report/Hugging-Face

---

📋 Verdict Summary

Overall GDPR Rating: 🟡 Partial Compliance

Best for:

• ✅ API-driven inference with Enterprise DPA (high GDPR confidence)
• ✅ Research and development with public models
• ✅ Teams already using Hugging Face ecosystem
• ✅ Organisations valuing open-source and EU regulatory partnerships

Not recommended for:

• ❌ Personal data processing on Free/Pro tiers (no DPA, no EU region control)
• ❌ Use cases requiring guaranteed EU-only processing (HuggingChat routing is multi-provider)
• ❌ Organisations requiring ISO 27001 specifically (SOC 2 Type 2 is held and disclosed, but ISO 27001 is not)
• ⚠️ HuggingChat for sensitive conversations without written training policy confirmation
• ⚠️ Organisations concerned that the core Privacy Policy has not been updated since March 2023

Key Decision Factors

Final Recommendation

For EU business use:

1. Inference API with Enterprise DPA: ✅ Recommended - Strong GDPR alignment
2. HuggingChat with Enterprise DPA: 🟡 Use with caution - Request written training policy confirmation first
3. Free/Pro tiers: ❌ Not for personal data - Lack DPA and EU controls

Action: If proceeding, upgrade to Enterprise, sign DPA, enable EU region, and request explicit HuggingChat training policy documentation.

---

Last updated: June 2026

Next review: September 2026 (quarterly)

Document owner: Wouter van Haaften | WAIMAKERS B.V.

---

Disclaimer

This overview is intended solely as an informative tool. We strongly advise customers to thoroughly review all Data Processing Agreements (DPAs) and privacy documentation before deploying Hugging Face services in production environments. WAIMAKERS applies this same principle internally; all tools we use have been thoroughly assessed and included in our own privacy and security documentation. Customers should always carefully evaluate the official documentation, terms, and DPAs of each AI provider they use. WAIMAKERS cannot be held legally liable for any mistakes, errors, inaccuracies, or for the accuracy, currency, or completeness of the information in this document; the ultimate responsibility for GDPR compliance rests with the customer.

Prepared and issued by WAIMAKERS B.V. - June 2026.

Compliance & Infrastructure

• CNIL Partnership Announcement: https://huggingface.co/blog/cnil
• Storage Regions Documentation: https://huggingface.co/docs/hub/en/storage-regions
• EU Inference Providers: https://www.silicon.fr/Thematique/cloud-1370/Breves/hugging-face-ajoute-options-europeennes-inference-485472.htm