The quote from the data firm looks reasonable. They’ll label five years of your call recordings, or collect the images your AI model needs, at a per-unit price and on a timescale your own team couldn’t touch. What the proposal doesn’t say is that under UK GDPR the legal responsibility for every person in that data stays with you, whoever does the work. That one fact should shape the whole decision, and it rarely comes up on the first call.
What choice are you actually facing?
The decision is whether to hand data collection and labelling to an external specialist or keep it inside your own business. Under UK GDPR you remain the data controller either way. The vendor acts as your processor, on your instructions, and the ICO holds you responsible for lawful basis, transparency, and the rights of the people in the data.
That framing matters because the ICO treats a good deal of AI data collection as high-risk processing. Recording calls, labelling images of identifiable people, profiling, and large-scale monitoring all sit on the list of triggers that require a Data Protection Impact Assessment before the work begins. The assessment doesn’t need to be a thesis. The ICO’s own guidance says a concise, structured DPIA covering purpose, lawful basis, minimisation, risks, and safeguards is sufficient for many projects, provided it’s documented and revisited when the vendor relationship changes.
When does an external data vendor make sense?
An external vendor earns its place when the job outgrows your team. Labelling thousands of images, transcripts, or contracts is rarely feasible in-house, and specialist firms such as Appen, TELUS Digital, and Scale AI bring managed workforces, quality-assurance layers, and tooling built for exactly this work. Scale and specialist labour are the honest reasons to go outside.
The case strengthens when collection needs field operations you don’t have. Gathering speech in multiple accents, photographs of real-world environments, or customer interactions across several languages takes recruitment panels, consent procedures, and infrastructure that established vendors already run. Building that yourself for a single project makes little commercial sense.
Quality is the third argument. If your system will fall under the EU AI Act’s high-risk category, and it will if you sell into the EU and the model touches credit, employment, or access to essential services, the Act requires documented governance over training data, including its relevance and representativeness. Established vendors offer multi-layer annotation review, inter-annotator agreement metrics, and bias checks as standard, which is exactly the evidence that documentation needs.
There’s a less comfortable argument too. If your own security practices are thin, a well-run vendor with mature controls can lower your overall risk by concentrating sensitive processing with the more capable party. That only holds if the contract is watertight, but weigh it honestly rather than assuming in-house always means safer.
When should you keep collection in-house?
Keep the work inside the business when the data is sensitive, already in your systems, or strategically valuable. ICO guidance and legal commentators advise against sharing special-category data, health, ethnicity, and the like, with external AI vendors unless strictly necessary. And if the dataset you need already sits in your support tickets and emails, curating it internally is often cheaper and faster.
Regulation sharpens the point in some sectors. Firms regulated by the FCA must evidence control over outsourcing arrangements and operational resilience, including data integrity when using third-party technology providers. If you would struggle to demonstrate that oversight, the appointment adds a compliance burden on top of the project itself.
Intellectual property is the reason founders tend to underweight. The UK Intellectual Property Office acknowledges ongoing uncertainty about who owns what in AI training data and outputs, and keeping strategic datasets inside the business removes the risk of vendor reuse while keeping provenance simple to evidence. If the dataset is part of what makes your business worth buying one day, think hard before it leaves your systems.
Scale cuts the other way as well. For a small experiment on non-personal or low-sensitivity data, internal templates, generic FAQs, the overhead of full vendor vetting outweighs the benefit. And where you can work with synthetic or genuinely anonymised data, which the ICO no longer treats as personal data, much of the regulatory weight falls away entirely.
What does getting this wrong actually cost?
The ICO can fine up to £17.5 million or 4% of global turnover for the most serious data-protection failures, and its enforcement record shows third-party weaknesses drive real penalties. British Airways paid £20 million after a compromised third-party script exposed around 400,000 customers’ payment details. Ticketmaster paid £1.25 million after a vendor-hosted chatbot on its payment page was breached.
Both cases share the same shape. A peripheral third-party component, a script on a payment page, an embedded chatbot, opened the door while attention sat on the core systems. A data collection vendor holding copies of your customer records is a far bigger surface than either.
The clock makes vendor failures worse. If your vendor suffers a breach involving personal data, you as controller may have to notify the ICO within 72 hours and affected individuals without undue delay. A vendor who takes a week to tell you has already put you in breach. The UK government’s Cyber Security Breaches Survey flags supply-chain compromise as a growing concern, and the NCSC warns that cloud-based AI services add new routes for data to leave your control.
Then there’s everything the fine doesn’t capture. Incident response, forensics, customer letters, and system rebuilds can absorb leadership time for months in an owner-managed business, and breach notifications commonly lead to lost contracts, higher cyber-insurance premiums, and heavier due-diligence demands from larger customers.
What should you ask before you decide?
Six questions separate a safe appointment from an expensive one. Where will the data be stored and processed? Will the vendor use your data to train its own models? What security certifications does it hold? How fast will it notify you of an incident? Can you export everything in open formats when you leave? And will it start with a small, low-risk pilot?
Get the answers in writing, beginning with a data processing agreement aligned with UK GDPR Article 28 that covers processing instructions, sub-processor approval, and deletion or return of your data at the end. Ask for specific countries and cloud regions, and if any sit outside the UK or an adequacy country, insist on an international data transfer agreement and a transfer risk assessment.
The training question deserves particular attention because many AI services reuse customer inputs to improve their models by default. An explicit contractual prohibition on reusing your data, or the labels derived from it, without your written agreement closes that door. Pair it with clarity on who owns the collected data and annotations, and confirm you can export both in open formats such as CSV or JSON if you leave.
On security, ask for ISO 27001 certification or a SOC 2 Type II report and check the scope actually covers the systems that will hold your data. Vague answers here are a decision in themselves. Write incident notification into the contract at 24 hours from detection, which leaves you room to meet your own 72-hour ICO deadline.
And before any of it, pilot. A limited trial on a small, non-sensitive or synthetic dataset tests the vendor’s quality, processes, and security posture while the stakes are still low. A vendor who resists a bounded pilot is telling you something useful.
Whichever way you go, the responsibility stays with you. Either route is safe if you can evidence control, a documented DPIA, a tight contract, and a small first step before real customer data moves anywhere. If you’re weighing this decision now and want a second pair of eyes on it, book a conversation.



