GDPR Art. 22 vendors for Defense & National Security

Vendors that support GDPR Article 22 — Automated Individual Decision-Making and explicitly serve defense & national security customers. Listings verified April 28, 2026.

Vendor	HQ	Founded	Size	Pricing	Last verified
Giskard	Paris, France	2021	11-50	Contact for pricing	Apr 24, 2026
CalypsoAI	Dublin, IE	2018	51-200	Enterprise licensing; contact sales for quote, depending on deployment (SaaS/on-prem/hybrid) and plan.	Apr 26, 2026

About GDPR Art. 22

Article 22 of the EU General Data Protection Regulation gives data subjects the right not to be subject to a decision based solely on automated processing — including profiling — that produces legal effects concerning them or similarly significantly affects them. The right applies across the EU and EEA and has been in force since May 25, 2018. The European Data Protection Board's Guidelines 1/2024 (adopted December 2024) clarify the scope, including how it applies to large language models and recommender systems. The CJEU's SCHUFA ruling (Case C‑634/21, December 2023) confirmed that automated credit scoring constitutes a "decision" under Article 22 where the score effectively determines whether a loan or contract is granted. Enforcement is by national Data Protection Authorities; penalties for Article 22 violations fall under the GDPR's higher tier — up to €20 million or 4% of worldwide annual turnover.

Read framework guide →

About Defense & National Security

Government contractors and defense primes. DoD Responsible AI Strategy, CJADC2 governance, and ICAM controls apply.

See all defense & national security vendors →