← HR software guides
HomeSoftware Guides → Salesforce Einstein EU AI Act
CONTEXT-DEPENDENT RISK Article 50 — generative AI features

Salesforce Einstein EU AI Act Compliance: What Deployers Need to Know

Salesforce Einstein spans dozens of AI features across Sales Cloud, Service Cloud, Marketing Cloud, and HR tools. Unlike HR-specific platforms, Einstein's risk level depends entirely on how you use it — the same feature can be low-risk in a sales context and high-risk in an HR or credit context.

Key insight: Salesforce Einstein is not inherently high-risk. Risk is determined by use case. If Einstein assists in employment, credit, or benefits decisions — even as a secondary tool — those use cases trigger high-risk obligations. Sales forecasting, marketing personalisation, and opportunity scoring do not.

Einstein features by EU AI Act risk level

FeatureStandard use riskHigh-risk if used for…
Einstein Lead / Opportunity ScoringLOW RISK (commercial)HR: screening job applicants through CRM data
Einstein Predictions (custom models)DEPENDS ON USE CASECredit decisions, employment, insurance eligibility
Einstein Copilot / GPT (generative)Art.50 LIMITED RISKContent presented without AI disclosure
Einstein for HR (Salesforce internal talent tools)HIGH RISKAny use in employment decisions about EU employees
Einstein Analytics / CRM AnalyticsLOW RISKPredicting individual creditworthiness or benefit eligibility
Marketing Cloud personalisationLOW RISKFinancial product targeting that functions as credit eligibility filter

What deployers must do

Need a use-case audit template for Salesforce Einstein?

The General AI Compliance Pack includes a use-case classification worksheet, Article 50 disclosure templates for chatbots and generative AI, and a deployer obligations checklist — applicable to any AI platform, not just HR tools.

Get the Compliance Pack — €99 →

The context-dependency problem with platform AI

Platform AI like Salesforce Einstein poses a unique compliance challenge: the same underlying model can be used in dozens of different contexts, some high-risk and some not. A lead scoring model that predicts which deals will close is a low-risk commercial tool. The exact same scoring infrastructure, pointed at job applicant data to predict hiring fit, becomes a high-risk AI system subject to full Annex III obligations.

This means Salesforce cannot simply certify "Einstein is compliant" — they need to certify specific features for specific use cases. And you as the deployer need to classify each of your Einstein use cases independently.

Einstein Copilot and Article 50 obligations

Einstein Copilot and other generative AI features produce AI-generated text that may be sent to customers, put in emails, or used in customer-facing interactions. Article 50(2) requires that AI-generated content that could be mistaken for human-authored content must be machine-readable marked as AI-generated. If Salesforce Einstein writes emails on behalf of your sales reps, those emails reaching EU recipients should carry an AI-generated content marker.

Additionally, if Einstein is used in a conversational context where EU users interact with it directly (Einstein Bots, Agentforce), Article 50(1) requires a disclosure that the user is interacting with an AI system.

Frequently asked questions

We use Einstein to score sales leads, not candidates. Are we out of scope?
Yes, for that specific use case. Commercial lead scoring — predicting which sales prospects are most likely to convert — is not covered by Annex III high-risk categories. It does not constitute an AI system making decisions about individuals' employment, credit, benefits, or essential services access. Your obligation is limited to Article 50 transparency for any AI-generated content or conversational AI interactions.
We built a custom Einstein Predictions model using CRM data. Is that high-risk?
It depends on what it predicts. If your custom model predicts deal close probability, customer churn, or product affinity — low risk. If it predicts a person's creditworthiness, eligibility for a financial product, or any outcome that affects their access to services — that is Annex III Category 5 (high-risk). If it predicts employee performance, promotion likelihood, or retention — Annex III Category 4 (high-risk). Classify by what the model output is used for, not what data goes in.
Does Salesforce's EU AI Act compliance documentation cover our deployment?
Salesforce as the provider is working on compliance documentation for its AI features. However, provider documentation covers the system as built — not how you deploy it. If you use a low-risk Einstein feature in a high-risk context (e.g., applying lead scoring to candidate selection), Salesforce's general compliance documentation does not cover your deployment. You need use-case-specific analysis.