GDPR-22-03
Conformity
22 — making, including profiling
Legal Authorization Exception Compliance
Description
When automated decision-making is authorized by Union or Member State law, data controllers must ensure compliance with such law and implement the suitable safeguarding measures required by that law.
Full Analysis & Evidence Requirements
Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.
Sign In to ViewRelated Obligations
GDPR-22-01
Prohibition
Prohibition on Automated Decision-Making with Legal/Significant Effects
GDPR-22-02
Data Governance
Contract Necessity Exception Compliance
GDPR-22-04
Data Governance
Explicit Consent Exception Compliance
GDPR-22-05
Human Oversight
Safeguarding Measures for Contract and Consent Cases
GDPR-22-06
Human Oversight
Human Intervention Right Implementation
GDPR-22-07
Human Oversight
Right to Express Views Implementation
GDPR-22-08
Human Oversight
Right to Contest Decision Implementation
GDPR-22-09
Prohibition
Special Category Data Prohibition in Automated Decisions
GDPR-22-10
Data Governance
Special Safeguards for Special Category Data in Automated Decisions
Map this obligation to your AI systems
ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.
Get Started