When you work with Sally, you want everything to run smoothly — for yourself, your meeting participants, and legally too. In this article, we’ll show you two ways to use Sally in a fully GDPR-compliant way:

• With active consent from all participants
• Without active consent, but still legally secure

Both options are easy to implement and create clarity for everyone involved.

Option 1: Active Consent — Fast, Clear, and Secure

The safest way to use Sally in a meeting is with explicit participant consent. And it’s easier than many think.

Here’s how it works:

Before the meeting, include a short note in your calendar invite, for example:

"We use Sally, our GDPR-compliant meeting bot from a German company. It transcribes, records, and summarizes the conversation live. Please say 'yes' at the start if that’s fine with you."

At the start of the meeting, say something like:

"Hi everyone! Just to let you know: Our bot Sally is here. It’s recording, transcribing live, and will create a summary afterward. Sally is fully GDPR-compliant and helps make things easier for all of us. Is that okay with you?"

If participants say “yes” or nod, you're good to go.

Sally also automatically displays a message in the meeting:

"[Username] added Sally.de to the meeting (transcription enabled). Type 'opt out' to delete meeting data. View Privacy Policy: https://sally.de/privacy."

If anyone disagrees, they can simply type “opt out”. Sally will then immediately leave the meeting and delete all data, including retroactively.

Why this is GDPR-compliant:

• You inform participants beforehand and during the meeting → fulfills the information obligation.
• You receive clear consent → permitted under Art. 6(1)(a) GDPR.
• You allow withdrawal of consent → always required.

This makes your use of Sally transparent and legally secure for everyone involved.

Option 2: Without Active Consent — Still Legally Valid

There are situations where asking for active consent isn’t practical — like in large meetings or recurring internal calls. Even then, you can use Sally in a GDPR-compliant way, if you follow a few key points. The magic phrase: "legitimate interest."

What that means:You can process personal data if you have a legitimate reason — for example, to run meetings more efficiently or to document important information. The requirement is: inform participants and respect their rights.

What you need to do:

• Disable audio and video recording.Sally may transcribe, summarize, and extract important points in real-time, but it must not store audio recordings. This avoids violating Section 201 of the German Criminal Code (unauthorized audio recording).
• Clear information before the meeting.In the invitation, include a sentence like:

"This meeting will be transcribed live by Sally. No audio recordings will be made. If you have questions or object, just type 'opt out' in the chat."

• Sally’s automatic in-meeting notice:

"[Username] added Sally.de to the meeting (transcription enabled). Type 'opt out' to delete meeting data. View Privacy Policy: https://sally.de/privacy."

• Visibility in the meeting:Sally appears as a visible participant (e.g. a bot).
• Opt-out option for participants:Anyone can type “opt out” at any time — Sally will then delete all related data from the meeting.

Why this is GDPR-compliant:

• You inform participants in advance → fulfills the transparency requirement.
• You don’t store sensitive raw data like audio or video → reduces risk.
• You provide an easy way to object → right to object under Art. 21 GDPR.
• You have a valid business interest → legitimate interest under Art. 6(1)(f) GDPR.
• You document the setup internally (e.g. a short memo for balancing interests) → satisfies accountability requirements.

Conclusion

You have two simple ways to use Sally in a GDPR-compliant and stress-free way:

• With consent: Ask briefly at the start if everyone agrees. Once they do, you're fully covered.
• Without consent: If no audio is recorded and participants are informed with an opt-out option (which Sally handles), you’re legally safe.

Our recommendation: Just ask for consent at the beginning. It keeps everything 100% clean and ensures everyone benefits from using Sally. Highlight that Sally is a fully GDPR-compliant solution developed in Germany — and that it helps everyone in the meeting save time and stay organized.

Disclaimer: This article is not legal advice.