EU Compliance for HR & Recruitment
EU regulations directly affecting HR & Recruitment organisations — including obligations, deadlines, and maximum fines. Use our regulation checker to map your exact exposure.
Which EU regulations apply to HR & Recruitment businesses?
HR & Recruitment organisations operating in the EU are subject to 1 key regulations, including Pay Transparency. The most significant obligations cover Publish salary ranges in job adverts. Use the regulation checker to map your exact exposure in under 2 minutes.
- Pay Transparency: max fine Per member state (compensation + penalties) — Publish salary ranges in job adverts
| Regulations applicable | 1 |
| Key regulations | Pay Transparency |
| Highest fine | Per member state (compensation + penalties) |
Regulations that apply to HR & Recruitment
Which regulations apply to your HR & Recruitment business?
Answer 5 questions and get a personalised compliance map — free.
Run the regulation checkerExplore by regulation
- EU AI Act
- General Data Protection Regulation
- NIS2 Directive
- Cyber Resilience Act
- Digital Operational Resilience Act
- EU Data Act
- ePrivacy Directive
- Digital Services Act
- Digital Markets Act
- Pay Transparency Directive
- Whistleblower Directive
- Markets in Crypto-Assets Regulation
- eIDAS 2.0 Regulation
- Product Liability Directive (Revised)
- Corporate Sustainability Reporting Directive
- Corporate Sustainability Due Diligence Directive
- Green Claims Directive
- European Accessibility Act
- EU Machinery Regulation
Frequently asked questions
Which EU regulations apply to HR technology and recruitment companies?
HR tech and recruitment companies must comply with: GDPR (employee and candidate data is personal data with additional national labour law requirements in many EU Member States); EU AI Act (AI systems for recruitment, promotion, task allocation, and performance monitoring are high-risk under Annex III Section 4); NIS2 (if the company is a digital service provider); Pay Transparency Directive (Directive 2023/970, employer pay equity obligations from June 2026); and national labour law data protection rules that restrict automated employment decisions in many EU jurisdictions.
Is AI-based recruitment software subject to the EU AI Act?
Yes. EU AI Act Annex III Section 4 classifies as high-risk AI systems used for: recruitment or selection of natural persons (including CV screening, application sorting, and interview assessment); promotion and task allocation; monitoring and evaluation of performance and behaviour at work; and determining access to self-employment. These systems require conformity assessment, Annex IV technical documentation, a risk management system addressing discrimination risks (Article 9), and registration in the EU AI database before market placement.
What does the EU Pay Transparency Directive require from employers?
EU Directive 2023/970 (Pay Transparency) requires employers to: make pay ranges available to job applicants before the interview (from June 2026); avoid asking candidates about their pay history; publish information about pay levels and the criteria used to determine pay and career progression; report gender pay gap data (employers with 100+ workers from June 2027, 250+ workers from June 2026); allow workers to request information about their individual pay level compared to colleagues in the same or equivalent roles; and review and act on pay gap findings jointly with employee representatives.
What GDPR obligations apply to processing employee data?
Employees are data subjects under GDPR, but the lawful basis for processing employee data is typically not consent (as consent is not freely given in an employment relationship) — it is usually performance of a contract (Article 6(1)(b)), legal obligation (Article 6(1)(c)), or legitimate interests (Article 6(1)(f)) as determined by the controller. Many EU Member States have national labour law rules that provide specific grounds and restrictions for processing employee data. DPOs at companies with large-scale employee monitoring must coordinate GDPR compliance with national workers' council consultation requirements.
What restrictions apply to automated employment decisions under GDPR?
GDPR Article 22 gives individuals the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significant effects. Employment decisions — hiring, promotion, task allocation, performance assessment — can have significant effects. Employers using AI for such decisions must either: ensure the decision is not solely automated (a human reviews and can override the outcome); or obtain explicit consent; or use automated decisions only where they are authorized by EU or Member State law with appropriate safeguards. Many national implementations add further restrictions on automated monitoring and profiling of employees.
For informational purposes only. This is not legal advice — consult qualified legal counsel.