Meaningful human oversight
High-risk AI must be designed so a person can understand its output, judge it and intervene — not simply defer to it. This maps directly onto Celper’s human-in-the-loop rule.
Compliance
Under the EU AI Act (Regulation (EU) 2024/1689), AI systems used in recruitment are classified as "high-risk" — which brings specific obligations for the employers that deploy them. Here is what changes, when it applies, and how Celper is built to support you as the deployer.
General information, not legal advice.
Key milestones
Recruitment AI is high-risk under the EU AI Act. Deployer duties land on 2 August 2026, with meaningful human oversight required by Article 14.
The clock
The EU AI Act phases in over several years. For employers running hiring AI, the milestone that matters is when deployer obligations become applicable.
A proposed "Digital Omnibus" could adjust the timing of these obligations — but it is a proposal, not law. Treat 2 August 2026 as the date to plan for, and see how Celper handles the GDPR side of AI hiring.
The references
Three provisions do most of the work. In plain English — with the precise citation kept on the left.
High-risk AI must be designed so a person can understand its output, judge it and intervene — not simply defer to it. This maps directly onto Celper’s human-in-the-loop rule.
A candidate cannot be subject to a decision based solely on automated processing where it has a significant effect. Because a person makes the final call in Celper, the decision is not solely automated.
For SMEs and start-ups, fines are capped at the lower of the fixed amount or the percentage of turnover. General information, not legal advice.
See human oversight in practice across our AI phone interviews and explainable candidate reports.
In your corner
You are the deployer and data controller; Celper is the processor. We cannot make you compliant on our own — but the tooling is built to support the obligations you carry.
The final hire/reject decision always sits with a person — supporting the Article 14 oversight you owe as the deployer.
Every competency score carries the AI’s reasoning, so a reviewer can see why — and overrule it when needed.
Candidate data is hosted in the EU (Google Cloud / Firebase, Belgium and the Netherlands), encrypted in transit and at rest.
You are the controller and Celper is the processor; a Data Processing Agreement is executed with every customer.
For SMEs and start-ups, Article 99(6) caps fines at the lower of the fixed amount or the percentage of turnover. This page is general information, not legal advice — the employer is the deployer responsible for compliance.
Read about GDPR-compliant AI hiringRelated: FAQ · Contact us
FAQ
Yes. Under the EU AI Act (Regulation (EU) 2024/1689), AI systems used in recruitment are classified as "high-risk", which brings specific obligations for the employers that deploy them.
Deployer (employer) obligations for high-risk recruitment AI become applicable on 2 August 2026. A proposed "Digital Omnibus" could adjust this timing, but it is a proposal, not law, so plan around the current date.
Article 14 requires meaningful human oversight of high-risk AI systems. In practice a person must be able to understand and act on the output rather than rubber-stamp it — which maps directly onto Celper’s human-in-the-loop rule and GDPR Article 22.
No. As the employer you are the deployer and data controller responsible for compliance; Celper is the processor that provides tooling to support it — human-in-the-loop by default, explainable reports, EU data residency and a signed DPA.
Article 99(6) provides that for SMEs and start-ups, fines are capped at the lower of the fixed amount or the percentage of turnover. This is general information, not legal advice.
Type your number. Let Celper do the talking.
We’ll call you for a 60-second demo interview. No spam, ever.