← Free risk checker
HomeTools & Software → Gong EU AI Act
⚠ HIGH RISK (when used for rep evaluation) — Annex III, Category 4

Gong EU AI Act Compliance: What Sales Leaders Must Do by 2026

Gong uses AI to analyse sales calls, score rep performance, and flag coaching opportunities. When this AI output influences employment decisions about EU-based sales staff, it becomes high-risk under EU AI Act Annex III Category 4. Here is what that means for your team.

Depends on how you use it: Gong is high-risk when used to evaluate employee performance and inform decisions about pay, promotion, or continued employment. If you only use Gong for deal intelligence (customer insights), the risk classification is lower. Review your actual use case — the classification follows function, not product name.

Your deployer obligations when Gong scores are used for rep evaluation

Is your full sales tech stack compliant?

Gong is one tool. What about your ATS, LinkedIn Recruiter, HireVue, and performance management platform? Check your full HR AI exposure with our free assessment.

Run HR AI Compliance Check — Free →
Or check your full risk level for free →

Gong and the EU AI Act: full analysis

Why Gong may be classified as high-risk

EU AI Act Annex III, Category 4 covers AI systems "intended to be used for making decisions or assisting in making decisions on promotion or termination of work-related contractual relationships, for task allocation and for monitoring and evaluating performance and behaviour of persons in such relationships." Gong's core feature — AI scoring of sales representative calls to evaluate communication quality, topic coverage, and deal progression — directly matches this definition when the scores influence management decisions about individual employees.

The critical question is not whether Gong is marketed as "revenue intelligence" but whether your managers actually use Gong scores when making decisions about individual employees. If a sales manager reviews a rep's Gong score before a performance review, or uses low Gong scores as evidence in a termination discussion, Gong is functioning as a high-risk AI system in your organisation.

When Gong is NOT high-risk

Gong used purely for deal intelligence — understanding what customers said, which objections came up, what topics closed deals — does not touch individual employee evaluation. If Gong data is aggregated at the team or pipeline level and no individual employee's score is reviewed in the context of their employment, the high-risk classification may not apply. However, most Gong deployments include rep scorecards and individual coaching features — assess your actual usage honestly.

The notification obligation is often missed

Article 26(7) requires that workers' representatives (trade unions, works councils, or equivalent) be notified before deploying high-risk AI for worker monitoring or evaluation. This is commonly overlooked by sales teams that deploy Gong purely as a "sales tool" without involving HR or legal. In Germany, Austria, the Netherlands, and other countries with strong works council rights, deploying Gong without this notification can trigger both EU AI Act and national labour law violations.

Deadline situation for high-risk systems

High-risk obligations officially apply from 2 August 2026. A provisional agreement (Digital Omnibus) proposes deferring this to 2 December 2027 — but this has not been formally adopted. Legal advisors recommend continuing preparation against the original deadline. The employee notification and worker representative obligations should be implemented regardless of any deferral, as they may also be required under GDPR and national labour law.

Frequently asked questions

Is Gong classified as high-risk under the EU AI Act?
Gong is high-risk under Annex III, Category 4 when used to evaluate individual employee performance and inform employment decisions such as performance reviews, promotions, or terminations. Gong used purely for aggregate deal intelligence without individual employee scoring may be lower risk. The classification follows your actual use of the tool, not its product category.
Must we notify employees that Gong is recording and scoring their calls?
Yes, two obligations apply: Article 26(6) requires you to inform employees that a high-risk AI system has been used in decisions affecting them. Additionally, GDPR already requires transparency about systematic call recording and analysis. In practice, most companies include Gong in their employment contracts or HR policy documentation — ensure this is in place before using Gong scores in performance processes.
We are a US company with a European sales team. Does EU AI Act apply to our Gong deployment?
Yes. The EU AI Act applies wherever the output of an AI system affects persons in the EU. Using Gong to evaluate EU-based sales staff subjects you to the deployer obligations under Annex III, Category 4, regardless of where your company is headquartered.
Does Gong itself (as provider) have EU AI Act obligations?
Yes. Gong as the provider of a potentially high-risk AI system must complete conformity assessment, prepare technical documentation (Annex IV), and register in the EU database if the system is placed on the EU market as high-risk. You as the deployer should request evidence of compliance from Gong before the August 2026 deadline. If Gong cannot provide a Declaration of Conformity, you need to assess the legal risk of continued deployment.