GDPR Art. 35 DPIA for LLM-powered customer support: when does 'systematic monitoring' trigger the requirement?

We're deploying an LLM-based support tool that analyzes customer sentiment and suggests responses to agents. The DPA argues this qualifies as 'systematic monitoring of a publicly accessible area on a large scale' under GDPR Art. 35(3)(b), requiring a DPIA. Our legal team thinks the 'publicly accessible' criterion doesn't apply since it's 1:1 customer interactions. Has anyone gotten a definitive interpretation from a supervisory authority on this? Which side did they land on?