The rights in relation to automated decision making

Video 26 of 32
1 min 53 sec
Want to watch this video? Sign up for the course or enter your email below to watch one free video.

Unlock This Video Now for FREE

This video is normally available to paying customers.
You may unlock this video for FREE. Enter your email address for instant access AND to receive ongoing updates and special discounts related to this topic.

Understanding GDPR Provisions on Automated Decision-Making


GDPR regulates automated decision-making and profiling, ensuring transparency and fairness in data processing.

Automated Decision-Making

Automated decision-making involves:

  • Definition: Decisions made solely by automated means without human intervention.
  • Examples: Online loan approvals, recruitment aptitude tests.

GDPR Compliance

Automated decision-making is allowed only under specific circumstances:

  • Necessity: For contract entry, explicit consent, or legal authorization.


Organizations conducting automated decision-making must:

  • Transparency: Inform individuals about the processing and their rights.
  • Human Intervention: Allow individuals to request human intervention or challenge decisions.
  • Regular Checks: Ensure system accuracy and functionality through regular assessments.

Data Protection Impact Assessment (DPIA)

Due to the high risk, organizations must conduct a DPIA:

  • Risk Assessment: Identify and address risks associated with automated decision-making.

Privacy Statement

All relevant information should be included in the privacy policy:

  • Inclusion: Specify details of processing and lawful basis in the privacy statement.
  • Compliance: Ensure alignment with GDPR privacy principles.