AI in the workplace: the guide for employers and HR

Short answer: For employers, AI regulation reaches the workplace along three lines: the AI Act designates AI in recruitment and workforce management as high-risk (Annex III), the GDPR sets requirements for automated decisions about people, and one use is banned outright — emotion recognition at work (since 2 February 2025). This guide brings the separate files together so you know what applies and where to start.

What it comes down to

Almost every employer now uses AI around staff: CV screening, ranking applicants, scheduling, performance monitoring. Many of these uses fall under the AI Act's high-risk regime — regardless of your sector or size. On top of that the GDPR applies, and since early 2025 there is a ban on emotion recognition in the workplace.

Recruitment and selection

• AI in recruitment and HR: what every employer needs to know — the cross-sector overview: Annex III, the employer's duties, and the GDPR.
• Targeted job advertising with AI — who sees the vacancy, and the discrimination risk.
• AI sourcing: finding and scraping candidates — the GDPR limits on collecting public data.
• AI CV screening — the most widely used HR AI, and why it is high-risk.
• Recruitment chatbots — transparency duty and high-risk once they select.
• AI assessments and games in selection — validity, bias and accessibility.
• AI background checks and social-media screening — proportionality and special-category data.
• AI and discrimination in recruitment — how bias arises and what the law requires.
• Automated decisions in recruitment — Article 22 GDPR and the right to human intervention.
• AI in recruitment in logistics — the same logic, sector-specific.

Deployment, evaluation and monitoring

• AI in evaluation, promotion and dismissal — high-risk beyond hiring.
• Algorithmic management — AI that allocates and steers work, beyond platform work.
• AI in scheduling, planning and payroll — task allocation as high-risk.
• Employee monitoring with AI — where measuring turns into deciding.
• Emotion recognition at work: the ban — what is no longer allowed since 2 February 2025.
• The AI Act and driver monitoring — monitoring and the emotion ban in practice.
• Platform Work Directive: algorithmic management — presumption of employment and automated management.

Development and sensitive uses

• AI in learning and development (L&D) — when learning is high-risk.
• AI predicting sickness absence — why this is almost always a legal no-go.

Data, rights and co-determination

• GDPR in the workplace: employee data and AI — lawful basis, special-category data and the DPIA.
• Informing workers (Article 26) — the transparency duty before deployment.
• Works councils and AI — when the works council must consent.

Policy and compliance

• An AI use policy for employees — generative AI at work, kept in bounds.
• AI literacy for HR teams — the duty (Art. 4) that already applies.
• Prohibited AI practices — what is banned entirely.
• High-risk obligations — overview — what a high-risk system demands of you.

Where to start

Begin with an inventory: which AI do you use around staff, and what role does each system play in decisions about people? That determines the risk class and your obligations. In a hurry? Take the HR self-scan — tick what you use and you'll instantly get the rules and the right files. For the full inventory there is also the AI Act scan — every result traceable to its source.