Automated Decision-Making in HR — GDPR Article 22 Template

GDPR Article 22 gives individuals the right not to be subject to solely automated decisions that produce legal or similarly significant effects. This applies to HR decisions including hiring, performance reviews, pay decisions, and termination.

Quick Answer

GDPR Article 22 restricts solely automated decisions with legal or similar significant effects on individuals. In HR, this covers AI-driven hiring rejections, performance-based dismissals, and pay decisions. Exemptions require a legitimate basis and still mandate human review rights, objection rights, and disclosure. DPIAs are mandatory before deployment.

Compliance Checklist (8 items)

Audit all HR processes for solely automated decisions — where no human meaningfully reviews the AI output before a decision is made
For each such process, identify your Article 22 exemption: contractual necessity, legal authorisation, or explicit consent
Document the logic of every automated HR decision system — employees and candidates have a right to meaningful information
Implement a right to human review for all automated HR decisions — this must be genuine, not performative
Provide a right to object to automated HR decisions — objections must trigger a real human review
Never conduct solely automated processing of special category data (health, disability, race) without explicit consent
Conduct a DPIA before implementing any new automated HR decision system
Train HR staff on when decisions are automated vs. assisted — the distinction determines Article 22 applicability

Penalty if not compliant

GDPR Article 22 violations: up to €20M / £17.5M or 4% of global turnover. Employees can bring claims for compensation for damage caused by automated HR decisions without meaningful human review. Employment Tribunal claims also available in the UK.

Need this turned into a real document?

Our compliance sprint service delivers production-ready documents tailored to your organisation in 5–15 business days. A senior compliance specialist reviews every document before delivery.

Get Expert Help →Browse All Templates

automated decision making GDPRArticle 22 GDPR HRHR AI GDPRright to human reviewautomated HR decisionsGDPR profiling employees