The owner of a 25-person accountancy firm is sitting at his desk on a Friday afternoon. The firm has been on a free trial of an AI-powered bookkeeping assistant for six weeks. The trial ends Sunday. The product works. The pricing page shows £79 per user per month. The owner has the link to the upgrade button. He realises he has read the product features twice and the data privacy page never. He opens a new tab. “Where is my data stored. Do you train on user inputs. Can I get a Data Processing Agreement.” Three questions in, the answers are not on the website. The Sunday upgrade is now a Wednesday decision.
This is the position SMEs are in by default on AI procurement. No procurement function, no IT lead, the MD is the buyer and the data controller in any UK GDPR sense. The vendors most likely to fail you on data privacy or compliance are also the ones least likely to surface those failures in a sales call. The fix is short: a 12-question due diligence pass that takes about 90 minutes for a single vendor.
Why does this matter at SME scale specifically?
At enterprise scale, vendor due diligence is run by a procurement team with a security officer in the loop. At SME scale, the work falls to the MD or the operations lead. There is no separate function to catch what the buyer does not ask. The 12 questions exist to give that one person a hand-rail short enough to use, long enough to surface the answers that matter.
The questions sit between a full procurement RFP and a casual gut-check. They are the minimum set that surfaces the answers a small business needs to know before signing a paid subscription that processes the firm’s data. Each question has a right shape of answer; the vendor either can answer it specifically or cannot, and either response is information.
What are the 12 questions?
Twelve questions cover the material ground in four clusters: where the data goes, what the vendor does with it, how the firm gets out, and whether the regulator is satisfied. The cluster framing matters because the order of asking matters. Data residency and training use are the make-or-break questions; certifications and exit terms are signal-quality questions; sector regulatory approval is the qualifier-or-disqualifier for regulated SMEs.
Where the data goes. (1) Where is my data stored: UK, EU, US, or elsewhere. (2) How long do you retain data after I stop using your service. (3) Who are your sub-processors and can I object to changes.
What the vendor does with it. (4) Do you use my data to train or improve your models. (5) Do you have a Data Processing Agreement available. (6) What is your breach notification commitment.
What the model is and how good it is. (7) What is the provenance of your model: what was it trained on, can you provide model documentation. (8) Do you have evaluation or red-teaming evidence. (9) What certifications do you hold (ISO 27001, ISO 27701, SOC 2).
How the firm gets out, and the sector overlay. (10) What is your exit and data portability process. (11) For regulated sectors, has your service been evaluated by my regulator. (12) Does the pricing tier I can afford include the data privacy features I need.
How do you actually run the pass?
Pull what you can from public documentation first. Major vendors (OpenAI, Google, Microsoft, Anthropic) publish most answers on their security and trust pages. Smaller specialist vendors often need direct contact. Email the vendor a short list of the questions that are not publicly documented. The professional response time is 1-3 working days; if the vendor needs more than five, that is itself a signal.
The output is a one-page summary of answers, filed alongside the firm’s AI tool register. The summary becomes the basis for the paid subscription decision and stays on file as part of the firm’s audit trail. When something goes wrong six months later, the summary is what shows the firm acted reasonably at procurement.
What does an SME-friendly Data Processing Agreement look like?
A short list of commitments. The vendor processes personal data only on the firm’s instructions and only for the purposes the firm has specified. The vendor keeps personal data confidential and implements appropriate technical and organisational measures. The vendor notifies the firm of a breach within a specified window, ideally 24 hours, given the firm’s own 72-hour ICO obligation. The vendor does not use the firm’s data to train or improve models.
Three more commitments fill out the document. The vendor provides a sub-processor list and lets the firm object to new sub-processors. The vendor deletes or returns personal data at contract end. The vendor’s sub-processors are bound by equivalent obligations.
Major LLM providers ship these terms as standard on paid commercial tiers. Smaller vendors often do not have pre-drafted DPAs; in those cases, the firm should ask the vendor to sign a simple template. The IAPP and the ICO publish usable starting templates. A bespoke contract is rarely necessary.
What are the red flags in vendor responses?
Five red flags should stop a procurement decision. Vague answers like “we take data security seriously” without specifics. No Data Processing Agreement available, particularly if the vendor will be processing personal data. No public security or privacy page on the website. Sub-processor list unavailable, or stated to change without notice. Pricing structure that obscures which tier includes which protections.
Any one of these in isolation is a yellow flag worth raising with the vendor. Two or more together is a stop. The pattern these flags share is opacity: a professional vendor handling SME data should be able to answer these questions specifically and quickly.
What sector overlay should you add?
One or two extra questions, depending on your sector. SRA-regulated firms ask about attorney-client privilege protection and whether client matter information is accessible to vendor staff or other customers. FCA-regulated firms ask about bias testing in lending, suitability, or investment recommendations. Healthcare practices ask about MHRA medical device classification. Accountancy practices ask about professional privilege.
These additions sit on top of the 12 general questions. The combined sheet still fits on a single page. The 90-minute timing still holds for the vendor evaluation, because the sector questions are usually answerable from the same vendor security or compliance documentation that covers the general 12.
If you have a free trial running out this weekend on a vendor you have not yet vetted, and you want to talk through whether to upgrade or pause, book a conversation.
