In the DACH context, GDPR, national employee data protection rules and the General Equal Treatment Act (AGG) must be considered together. Recommendation: for audit and documentation logic, establish fixed deletion periods, role-based access rights and audit logs. In practice: example 2 -- review cycle with audit log, KPI tracking and escalation path. Limitation: overly generic rules without role or legal context reduce quality. (Sources: EU AI Act Framework, NIST AI Risk Management Framework)
Want to know how well your CV matches your target role?
Am I allowed to use ChatGPT for my application?
Am I allowed to use ChatGPT for my application?
Can recruiters tell if a cover letter was written with AI?
Can companies detect whether I used ChatGPT for my application?
What does the EU AI Act mean for applicants?