What is automated decision-making in GDPR?

Automated decision-making refers to a decision made without any human involvement i.e. made using technological means such as using an algorithm. Some examples of automated decision-making in business include showing product recommendations to consumers or banks using algorithms to identify fraudulent transactions.

Under Article 22 of the GDPR, a data subject has the right not to be subject to a decision based solely on automated processing including profiling, if the decision produces legal effects concerning the data subject or significantly affects them.

In GDPR, automated decision-making is allowed when:

it is required for the performance contract between the data subject and a business
it is required by law of the EU or member states for purposes such as monitoring tax evasion
the consumer has given explicit consent.

Start your compliance right away

14-day free trialCancel anytime

Get started for free

View plans

What is automated decision-making in GDPR?

See also

Start your compliance right away

Get Started

Products

Solutions

Resources

Free Tools

Compare

Company

PartnersJoin us!

Legal

What is automated decision-making in GDPR?

Related articles

See also

Start your compliance right away