Voice AI DPIA template: a working data protection impact assessment
- DPOs / Privacy
- Procurement / IT-Sec
- CX directors
A voice AI DPIA is not optional under UK or EU GDPR. The processing is large-scale, automated, and frequently biometric — every one of those flags Article 35 individually. This template gives you the nine sections an ICO or DPC reviewer expects, with the evidence that has to back each one.
Why voice AI requires a DPIA
Article 35 of UK GDPR (and the equivalent in EU GDPR) requires a Data Protection Impact Assessment whenever processing is likely to result in a high risk to the rights and freedoms of natural persons. Voice AI deployments trigger at least three of the ICO's listed criteria: large-scale processing, automated decision-making with significant effect, and — wherever voice biometrics are present — processing of special-category data.
The DPIA is not a launch artefact. It is a living document maintained by the data controller, refreshed at every material change to the processing, and produced on demand to a regulator. A DPIA that was signed off six months before launch and never updated is evidence of a failed governance process, not evidence of compliance.
The nine sections a defensible DPIA contains
These map directly to the ICO's published template and to the EDPB's Article 35 guidance. Other jurisdictions add sections (CNIL adds a French legal-basis box; the Irish DPC adds a vendor-management appendix) but the core nine are universal for UK and EU voice AI deployments.
- Description of the processing — what data, from whom, to whom, for what, retained how long
- Necessity and proportionality — why voice AI rather than a less intrusive alternative
- Lawful basis under Article 6, and Article 9 condition if special-category data is in scope
- Consultation — DPO sign-off, and where required, customer or works-council consultation
- Risk assessment — likelihood and severity of each identified risk to the data subject
- Mitigations — technical and organisational measures that bring residual risk to acceptable
- Automated decisioning analysis under Article 22 — and the human-in-the-loop design where it applies
- International transfers — sub-processor map, transfer mechanism, transfer impact assessment
- Sign-off and review cadence — who owns it, when it is next reviewed, what triggers an off-cycle review
Section-by-section: what to write
Description of processing: enumerate the data categories in the call path — caller phone number, transcript, intent labels, identifiers used for authentication, payment data if in scope, and any biometric voice template. State the source (caller, internal system, third party), the recipient (each sub-processor by name), and the retention period for each category.
Necessity and proportionality: do not write 'because it is cheaper'. The defensible answer is that voice AI handles a defined intent set faster than the human-only alternative, with measured quality, and that less-intrusive options (DTMF IVR, web self-service) were considered and have known coverage gaps for the in-scope use cases.
Lawful basis: contract performance (Article 6(1)(b)) covers most servicing calls; legitimate interest (6(1)(f)) covers measurement and quality monitoring with a documented balancing test; consent is rarely the right basis for inbound calls because it cannot be freely given when the customer needs the service.
Article 9 condition: only relevant when voice biometrics are used for authentication. The condition is normally 'explicit consent' (9(2)(a)) — and the consent flow has to be auditable per caller.
Article 22 analysis: a call that routes to a human, books an appointment, or quotes a balance is not Article 22 decisioning. A call that closes an account, declines a transaction, or denies a claim is — and requires either explicit consent, contractual necessity, or a legal basis plus a documented right to contest and human review.
Risk register: the entries that have to appear
A DPIA without a risk register is not a DPIA. The entries below appear in almost every voice AI deployment; missing them is a sign the assessment was templated rather than worked.
| Risk | Likelihood | Severity | Mitigation |
|---|---|---|---|
| Transcript leakage to model provider beyond contractual purpose | Low | High | Sub-processor DPA with explicit purpose limit; zero-retention configuration where available; audit logging |
| Voice biometric template reuse outside authentication | Low | High | Template stored hashed; explicit-consent flow; deletion on opt-out within 30 days |
| PII (PAN, NI number) appearing in LLM context | Medium | High | Pause-and-resume DTMF capture; redaction filter before model call; deterministic test set in QA |
| Automated decision affecting the data subject without human review | Medium | Medium | Article 22 analysis per intent; human-in-loop on identified Article 22 intents; reason-code logging |
| Vulnerable customer not routed to human | Medium | High | Documented vulnerability detection rubric; tested escalation path; per-call audit |
| Cross-border transfer to model provider in inadequate jurisdiction | Medium | Medium | SCCs in place; transfer impact assessment; UK/EU residency option exercised where commercially viable |
Sub-processor map: the artefact procurement actually uses
The DPIA's sub-processor map is the artefact that procurement, security, and the DPO all reach for. It lists every party in the call path — voice platform, STT provider, LLM provider, TTS provider, telephony carrier, recording vendor, analytics processor — with jurisdiction, transfer mechanism, and the contractual purpose limit applied to each.
A platform that cannot produce its sub-processor map without three weeks of internal coordination is a platform with an unmanaged data flow. Treat that gap as a procurement gate, not a DPIA footnote.
Review cadence and triggers
The DPIA is refreshed annually as a calendar event, and off-cycle whenever any of the following changes: a sub-processor is added or replaced, the model provider changes, a new intent is added that introduces Article 22 decisioning, the retention period for any data category changes, or a near-miss incident occurs in production.
Each off-cycle refresh updates the risk register and the sub-processor map, and is countersigned by the DPO. Version-control the document — the regulator will ask for the history, not the latest copy.
Pull your existing DPIA template and map your current voice AI processing against the nine sections above. The gaps you find on Monday afternoon are your real backlog.
- Voice AI triggers an Article 35 DPIA on at least three grounds — large scale, automated decisioning, and biometrics.
- The DPIA is owned by the controller, not the vendor — and is produced to the regulator on demand.
- Nine sections, with a risk register and a sub-processor map, are the minimum a defensible DPIA contains.
- Article 22 analysis is done per intent, not per platform — and the human-in-loop design follows it.
- Review is annual plus event-triggered; version-control the document because the regulator will ask for the history.
Frequently asked questions
- Is a DPIA mandatory for every voice AI deployment?
- In practice, yes — under UK and EU GDPR. The processing is large-scale and automated, and frequently includes biometric or special-category data. Even where one criterion alone would not require it, the combination clearly does, and regulators have been explicit on this point in published guidance.
- Who owns the DPIA — the vendor or the controller?
- The data controller owns it. Vendors can and should provide DPIA inputs (sub-processor maps, data-flow diagrams, technical-measure descriptions), but the controller signs it off and produces it to the regulator. A vendor offering to 'do the DPIA for you' is misunderstanding the obligation.
- How long does a defensible DPIA take to produce?
- Four to eight weeks for a new deployment, assuming the vendor produces sub-processor and data-flow artefacts within the first two weeks. Most of the elapsed time is internal — DPO review, legal sign-off, risk-treatment decisions — not document drafting.
- What happens if we deploy without a DPIA?
- Under UK GDPR, the ICO can require the DPIA after the fact and, where high-risk processing has occurred without one, treat the omission as a compliance failure in its own right. The fine exposure is up to 2% of global turnover under Article 83(4). The reputational exposure is usually larger than the fine.
Terms used in this guide
- Voice AI— Voice AI is software that answers the phone, understands what the caller wants, and takes action — not just a smarter IVR.
Lewis Crook — 20 years in enterprise technology, from FTSE 100 voice deployments to over a million AI-handled minutes a month across Asia-Pacific. Buyer, builder, and now working with CX leaders on enterprise voice AI. Writes The Voice AI Brief. Connect on LinkedIn. More about Lewis.
Related guides
Plus the Voice AI Readiness Diagnostic in the welcome email.
Welcome email includes the Voice AI Readiness Diagnostic. No second list, no extra form.