1. Inventory AI systems
Which tools are (already) in use, with which data?
The mid-market starts GDPR-aware with Claude/Copilot (everyday), Notion (knowledge/processes), n8n self-hosted (automation on your own server) and Mistral as an EU-native LLM for sensitive data — AI in the company without handing customer data to unclear third countries.
The mid-market starts GDPR-aware with Claude/Copilot (everyday), Notion (knowledge/processes), n8n self-hosted (automation on your own server) and Mistral as an EU-native LLM for sensitive data.
This brings AI into the company without handing customer data to unclear third countries — with an eye on EU AI Act Art. 4 (literacy obligation). The path runs through inventory, risk class, training and only then automation.
Every Thursday at 23:00 Asia/Ho_Chi_Minh, the format gives a compact mix of market filtering, practical cases, questions, and clear next steps.
Next session: Thursday, July 9, 2026 at 23:00 · Asia/Ho_Chi_Minh. The series then continues on a weekly rhythm.

AI in the company, with data protection built in from the start. Prices as a ballpark, as of July 2026, vendor page authoritative.
| Task | Tool (recommended) | Why | Price |
|---|---|---|---|
| Everyday AI (DPA, EU region) | Claude / Copilot | Best everyday assistant with DPA and EU region | €€ |
| Knowledge (DPA) | Notion | Processes and knowledge central, with DPA | € |
| Automation (data stays internal) | n8n self-host | Automation on your own server | € |
| Sensitive data | Mistral (EU) / self-host | EU-native LLM for personal data | € |
| Unsuitable for PII | ⛔ DeepSeek V4 (China) | China data hosting — unsuitable for personal data | – |
The GDPR-aware adoption path, step by step.
Which tools are (already) in use, with which data?
Classification under the EU AI Act (incl. Art. 4 literacy, Art. 50 transparency).
Build AI literacy — mandatory under Art. 4.
Automation where the data stays internal.
An EU-native LLM instead of US tools for sensitive data.
What endangers GDPR-compliant AI adoption.
With the right setup, yes: you need a data processing agreement (DPA), ideally EU data residency and zero-retention (usually on enterprise/team tiers), plus clear internal rules about which data may be entered at all. For highly sensitive personal data, an EU-native LLM like Mistral or a self-hosted solution is often the safer route. As of July 2026.
For most companies two points are central: the AI literacy obligation (Art. 4) — staff who use AI must be sufficiently trained — and transparency obligations (Art. 50), such as labeling AI-generated content. High-risk applications face stricter requirements. We classify your systems and build adoption along these rules.
Matching stacks for other roles — each with a stack table, workflow and common mistakes.
The strongest AI marketing stack in 2026 combines Claude (strategy, copy, orchestration), Higgsfield/Seedance (cinematic video), HeyGen + fal OmniHuman (talking avatars), ElevenLabs (voiceover) + Suno (music), Canva (design) and n8n (automation + publishing) — full campaigns with no shoot, studio or agency overhead.
For daily short videos you combine Claude (script), Seedance/Veo/Kling (cinematic scenes), fal OmniHuman or HeyGen (talking avatar with lip-sync in ONE pass), ElevenLabs (voice) and Suno (music) — edited together via ffmpeg/CapCut. A solo creator produces one video a day with no camera.
Back to the hub with the stack overview and all 7 role-based stacks.
KI-Agenten.shop adopts AI in the mid-market GDPR-compliant (potential analysis → 90-day pilot → training).
If you want to prioritize a real process, a few clear inputs are enough for a strong first assessment.