Whitelist for AI tools

January 20, 2026

AI tools are evolving rapidly, often in leaps and bounds. This whitelist can only ever represent a snapshot in time. We therefore ask you to check the whitelist regularly. It is being continuously updated.

Regulations governing the use of AI systems for all employees

Type 1: University-owned AI systems

These systems are operated entirely within the infrastructure of the University of Stuttgart. They offer the highest level of protection (up to C4), as data is not passed on to third parties.

  • Use permitted for information classified as C1 - C4 (C3 and C4 only with documented approval).
  • No data leakage; complete control over hosting, access, and logging.

Approved:

  • We do not yet offer any university-owned AI systems.

Type 2: University of Stuttgart systems that access models operated by a scientific partner, such as GWDG

These systems use an interface operated by the University of Stuttgart and access AI models from trusted scientific partners (e.g., GWDG) that are operated in the partners' own data centers.

  • Use permitted for information classified as C1, C2, and C3 (C3 only with documented approval).
  • No storage or use of inputs for training purposes.

Approved:

  • RAI with GWDG models (users are responsible for selecting the models)

Type 3: Systems operated by the University of Stuttgart with access to a model from a commercial provider (e.g., Azure OpenAI)

These tools use external commercial models (e.g., OpenAI models via Azure) with an interface operated by the University of Stuttgart.

  • Use permitted for information classified as confidentiality levels C1 and C2.
  • Contractually protected, hosted within the EU; no use of inputs for training; and no account-level linking of entries by commercial providers.

Approved:

  • RAI with OpenAI models via Azure (EU cloud), Input data is stored by Microsoft for 30 days

Type 4: External services with privacy-friendly settings and enterprise contracts

These tools are provided through university contracts and, when used with your university account, offer centrally verified data protection conditions (EU server, no training). The chat interface and AI models are not operated by the University of Stuttgart, but externally.

  • Use permitted for information classified as confidentiality levels C1 and C2.
  • No use for information classified as C3 and C4.
  • Log in with your university account, not with a private email address. Otherwise, the negotiated data protection conditions do not apply!
  • Logging in with your university account to an external application allows that application to link your entries and prompts to you as a person. Do not enter any confidential information about yourself, others, or the university into these tools.

Approved:

  • DeepL Pro EDU with university account.

Type 5: Non-audited public AI systems (e.g., ChatGPT Free, Grammarly Free)

These freely available tools are not subject to any organizational protection mechanisms by the University of Stuttgart. They often store entries indefinitely and use the entries and metadata for training and analysis purposes.

  • Use ONLY for information classified as C1 (public).
  • Do not enter any internal, personal, or confidential information.
  • Use is as a private individual; no institutional control.
  • Registration requires personal data (e.g., email, phone number) that can be linked to entries.
  • If possible, deactivate the use of your data for training purposes and avoid long-term storage of your entries (select opt-out).

Examples:

  • ChatGPT Free / Plus
  • Grammarly Free
  • ai (no costs involved)

Privacy-friendly configuration of ChatGPT, Perplexity, and Gemini

04:20

Use of AI functions in browsers, email clients, and software

Many programs today have built-in AI functions or AI extensions. When they are active, they often automatically transmit content to external providers – without this being obvious to the user.

Browsers with AI features or AI extensions that, for example, summarize website content must not be used when accessing internal websites or browser-based software (e.g. Confluence). The same applies to AI functions in email programs that, for example, automatically generate replies to emails or scan mailboxes and summarize their contents.

If software provides AI functions, the data to be processed must be reviewed in accordance with the data classification policy before use; otherwise, the AI functions must be disabled and must not be used.

Examples

  • AI browsers such as Atlas/Perplexity, AI extensions for browsers
  • e‑mail assistance
  • Programming assistants
  • Software with AI functions (e.g. Copilot in Microsoft Office, GitHub Copliot, Midjourney, Adobe Firefly, Otter.ai, Jasper, Writer)

The following data may be affected, for example:

  • Content from internal websites (e.g., Confluence)
  • Internal, confidential emails and attachments
  • Quellcode
  • Project data
  • Personal or confidential data in applications

If you have any questions regarding this, please contact:

  • Data Protection Office
  • Your supervisor 
  • Information Security Office

Please email any comments or questions about the whitelist to the Vice Rectorate for IT. For inquiries related to the use of AI systems with C3 information, please contact your supervisor. If you plan to process C4 data in an AI system, please reach out to the Data Protection and Information Security Office.

Contact

 

KI Support

 

Data Protection

 

Information Security Office (RUS-CERT)

To the top of the page