Free BARS Performance Review Template | Excel with Auto-Calculations & Behavioral Anchors
Free BARS Performance Review Template | Excel with Auto-Calculations & Behavioral Anchors
Short answer: Performance management software falls under co-determination in the DACH region because it can monitor behaviour and performance. In Germany the strongest basis is Section 87(1) no. 6 BetrVG (technical monitoring), plus Section 94(2) for assessment principles; in Austria it is Section 96a ArbVG. Without agreement, the rollout is void. This works council checklist walks you through the legal basis, the works agreement, and a realistic timeline.
If you roll out performance management software in the DACH region and skip structured co-determination, you risk delays, mistrust, and even a court-ordered shutdown of the system. This article is the legal anchor checklist: it cites the relevant statutes with primary sources, provides a full works agreement checklist with sample clause ideas, and a five-phase process roadmap with realistic timings.
You will find:
- The exact legal basis in Germany (BetrVG) and Austria (ArbVG), each with the statutory primary source
- What happens if you skip it: voidness, injunction, conciliation committee
- A ready-to-use works council checklist grouped into five areas
- A complete works agreement checklist with sample clause ideas
- A five-phase process roadmap with realistic timings
- What GDPR Art. 22/88 and the EU AI Act mean for AI features
Let’s break down what every HR team should have on the table before the next meeting with the works council.
1. Why performance management software triggers co-determination in DACH
Rolling out performance management software in Germany or Austria is never just an IT upgrade. It touches several mandatory co-determination grounds. The order matters: the strongest, enforceable basis is not Section 94, but Section 87(1) no. 6 BetrVG.
1.1 Section 87(1) no. 6 BetrVG – the strongest legal basis
Under Section 87(1) no. 6 BetrVG, the works council has a mandatory co-determination right over the “introduction and use of technical devices designed to monitor the behaviour or performance of employees”. The decisive point: it is enough that the system is objectively suitable for monitoring – the employer’s actual intent to monitor is irrelevant. Performance dashboards, score histories, audit logs and AI analytics regularly meet this test.
The consequence is sharp: a technical device introduced without agreement with the works council is void according to the settled case law of the Federal Labour Court (BAG). The works council can stop its use via an interim injunction. There is no “implied consent” under Section 87 – the council’s silence does not count as approval. If no agreement is reached, the conciliation committee decides (Section 87(2) BetrVG), with a ruling that has the effect of a works agreement. A software update that activates new monitoring features triggers co-determination again.
1.2 Section 94(2) BetrVG – assessment principles
In addition, Section 94(2) BetrVG applies: drawing up general assessment principles requires the works council’s consent. Here is an important distinction many guides miss: the employer alone decides whether to introduce assessment principles at all. But once it does, the council co-determines the how – the criteria, data sources, scales, the procedure, the timing, the documentation format, and the objection mechanism. Software that captures assessment data falls fully within this scope. If breached, employees can demand removal of unlawfully created assessments from their personnel file, and the council can demand cessation and deletion.
1.3 Escalation: Section 87 no. 10/11 when pay is involved
This is the key difference in the depth of co-determination. As long as the software only evaluates, Section 87 no. 6 and Section 94(2) apply. But the moment results feed directly into pay – through bonus formulas or salary bands – Section 87(1) no. 10 and 11 BetrVG (remuneration structure, piecework and bonuses) also applies. These grounds give the council an initiative right – it can actively demand rules, not just veto. That shifts the negotiating balance considerably.
1.4 Early warning: Section 90 and Section 80(3) BetrVG
Two further provisions kick in before actual co-determination. Under Section 90 BetrVG, the employer must inform and consult the works council in good time during the planning phase – including the use of artificial intelligence, which is explicitly named in Section 90(1) no. 3. Informing the council only at go-live breaches this duty. Under Section 80(3) BetrVG, the council can also bring in experts; for AI systems, the statute deems this “necessary” – with the employer bearing the cost.
| Statute | Trigger | Strength of co-determination |
|---|---|---|
| Section 87(1) no. 6 BetrVG | Technical monitoring device (objective suitability is enough) | Mandatory, conciliation committee, voidness if breached |
| Section 94(2) BetrVG | General assessment principles (criteria, scales, procedure) | Consent required for the “how”, not the “whether” |
| Section 87(1) no. 10/11 BetrVG | Remuneration structure, piecework, bonuses (when pay-relevant) | Mandatory, with the council’s initiative right |
| Section 90 BetrVG | Information/consultation when planning technology and AI | Upstream, in the planning phase |
| Section 80(3) BetrVG | Bringing in experts (“necessary” for AI) | Cost borne by the employer |
A practical example shows the risk: a mid-sized tech company in Berlin (around 250 employees) tried to roll out a US-style performance tool with forced ranking and unclear retention settings. The works council was only informed two weeks before go-live. Result: the council stopped the rollout, demanded full transparency on rating logic and a retention schedule, and the project was delayed by six months. Companies that treat the system as a co-determination project from the start – early involvement, clean documentation, a prepared checklist – reach go-live far faster. For how to choose the right system in the first place, see our guide on how to choose enterprise performance management software.
2. Austria: Section 96a ArbVG – its own rules, its own mechanics
“DACH” in the keyword means Austria needs its own look, because there the ArbVG applies rather than the BetrVG. Section 96a ArbVG governs consent-required measures for personnel data systems and employee evaluation. The mechanics differ noticeably from Germany.
| Aspect | Germany (BetrVG) | Austria (Section 96a ArbVG) |
|---|---|---|
| Personnel data systems | Section 87(1) no. 6 (monitoring suitability) | Section 96a(1) no. 1: automated collection/processing/transmission of personal data beyond general personnel details |
| Employee evaluation | Section 94(2) (assessment principles) | Section 96a(1) no. 2: evaluation systems, where data is not justified by operational need (e.g. “hard-to-objectify skills” like teamwork, creativity) |
| If no agreement | Conciliation committee (Section 87(2)) | Arbitration board decides; no individual lawsuit by single employees |
| What counts as “introduction” | also updates with new features | also modification, adaptation, extension of existing systems |
Important: in establishments with a works council, an individual employee’s consent does not replace the works agreement. For Austrian sites, Section 96a ArbVG therefore belongs firmly in every performance management roadmap – ideally with a separate works agreement per country.
3. GDPR and the EU AI Act: the compliance frame for AI features
As soon as your software evaluates automatically or uses AI, two European frameworks come into play that the works council knows and will raise.
3.1 GDPR Art. 22 and Art. 88
Under Art. 22(1) GDPR, a person has the right “not to be subject to a decision based solely on automated processing, including profiling”, which produces legal effects or similarly significantly affects them. An AI score that decides on bonus or promotion without human review falls under this. Where an exception applies, the controller must, under Art. 22(3), implement “suitable measures” – at minimum the right to human intervention, to express one’s point of view, and to contest the decision.
In the employment context, consent is regularly not a suitable legal basis because of the dependency relationship. However, Art. 88 GDPR allows more specific rules via collective agreement – so a works agreement can itself serve as the legal basis for the processing, complemented by Section 26 BDSG.
3.2 EU AI Act: high-risk from August 2026
The EU AI Act classifies AI in the HR area as high-risk. Under Annex III, category 4(b), AI systems intended “to monitor and evaluate the performance and behaviour of persons” in work-related relationships count as high-risk AI. This entails obligations on risk assessment, technical documentation, bias testing, human oversight, transparency and audit trails. The full obligations apply from 2 August 2026; emotion recognition at the workplace and biometric categorisation have already been banned since 2 February 2025. In practice: any AI feature that generates scores or builds rankings is high-risk AI – and the works council has a right to an expert via Section 80(3) BetrVG.
4. What works councils care about in performance review systems
Works councils are usually not anti-performance management. They want fair processes, transparent data use, and strong employee rights. When you present a new tool, they typically focus on seven to eight core themes.
4.1 Data types collected
Councils will ask exactly which data the software stores and why. That includes numeric scores, written comments, goals, competency ratings, attendance metrics, and any behavioural or potential ratings.
- They expect all fields to be job-relevant and proportionate.
- Sensitive data (health, union membership, private life) should not be captured at all.
- Open text fields for “notes” raise questions if they are not clearly restricted.
4.2 Transparency for employees
Employees must be able to see what is written about them. A lack of transparency is one of the most common reasons reviews are felt to be unfair – often because employees cannot see the criteria and feedback.
- Councils usually insist that employees can view the full review, including manager comments and final ratings.
- They expect a clear path for employees to add comments, respond, or correct factual errors.
- Hidden “manager-only” notes are a frequent red flag.
4.3 Rating scales, calibration and criteria
Section 94(2) BetrVG explicitly covers assessment principles. Councils will examine:
- Rating scales (e.g. 1–5, “Exceeds/Meets/Below”).
- Criteria definitions, competencies, and behaviour descriptions.
- Use of forced distribution or stack ranking.
They prefer clear, behaviour-based descriptions over vague labels. Forced ranking that pushes a fixed percentage into “low performer” categories often meets strong resistance – a pattern we also describe in our analysis of why your current performance management system is failing.
4.4 Links to pay, promotion and termination
Any connection between performance ratings and pay, bonuses, promotions, demotions, or dismissals is critical. As shown above, where pay is involved, Section 87 no. 10/11 BetrVG also applies, with the council’s initiative right.
- Councils will ask whether low scores trigger automatic consequences.
- They want assurance that reviews support development, not automatic sanctioning.
- They often push for separate, co-determined processes for improvement plans or disciplinary measures.
4.5 Access rights and audit logs
- Managers should only see their own team’s reviews.
- HR should usually access data at an aggregated level or with clear purpose.
- IT admins may have technical access but not use data for HR decisions.
- Audit logs should track who viewed or changed which review and when.
4.6 Retention and deletion
- Councils expect clear retention rules (e.g. 3–5 years) and automatic deletion or anonymisation afterwards.
- The policy must align with GDPR, including rights to rectification and erasure.
- Ex-employee data is particularly sensitive once the employment relationship ends.
4.7 Algorithmic and AI support
- Does AI merely suggest text, or does it influence scores and decisions?
- Can managers fully override AI outputs?
- Where are models hosted, and which data is processed?
Under GDPR Art. 22 and the EU AI Act (Annex III cat. 4(b)), explainability and human oversight are mandatory for automated decision support. Black-box rankings of employees are highly problematic.
4.8 Language, communication and employee voice
- Is the tool fully usable in German (and other working languages)?
- Do employees get self-assessment options and space for their own comments?
- Are there guidelines or training for respectful, unbiased wording?
5. The works council checklist for HR (5 areas)
Guesswork makes negotiations slow and frustrating. A structured, internal checklist helps you clarify your own position before you sit down with the council. Use the following five areas as a practical framework.
5.1 Process design: how the performance cycle works
| Process design question | Your answer |
|---|---|
| Which review cycles will we run (annual, semi-annual, quarterly, continuous 1:1s)? | Short description |
| Do employees complete a self-assessment before manager reviews? | Yes / No / Under discussion |
| Will we use 360° feedback (peers, direct reports, project leads)? | Yes / No / Pilot only |
| How are goals and development plans captured in the tool? | Short description |
| Will we use calibration meetings to align ratings across teams? | Yes / No / Only for some roles |
| Are rating scales and competencies configurable to our agreed framework? | Yes / No / Partially |
| How do we document 1:1 conversations and ongoing feedback? | Short description |
5.2 Data and visibility: who sees what, when
| Data & visibility question | Answer (yes/no or short) |
|---|---|
| Can every employee view their complete review record, including comments and final ratings? | Yes / No |
| Are draft manager notes visible to employees, or only once finalised? | Short description |
| Who, besides the direct manager, can see an individual’s detailed review? | List roles |
| In 360° feedback, are rater identities anonymous by default? | Yes / No / Configurable |
| Can performance data be exported to spreadsheets or BI tools? | Yes / No / Restricted |
| Are all exports logged in an audit trail? | Yes / No |
| Do employees get notified about what data is collected and how it is used? | Yes / No / Planned |
| Can HR generate aggregated reports without exposing individual names? | Yes / No |
5.3 Technical and security: infrastructure, logs and permissions
| Technical & security question | Answer |
|---|---|
| Where is performance data stored and processed (EU-only data centers)? | Location |
| Is data encrypted in transit and at rest? | Yes / No |
| Do we use SSO or strong authentication for access? | Yes / No / Planned |
| Does the system keep detailed audit logs of access and changes? | Yes / No |
| Can we define granular role-based permissions (employee, manager, HR, admin)? | Yes / No / Partially |
| Is there an automated retention and deletion mechanism configured? | Yes / No / Manual |
| How is data handled when an employee leaves (archiving, deletion)? | Short description |
| Are integrations with HRIS/payroll limited to necessary fields only? | Yes / No / Under review |
5.4 Use in decisions: from feedback to action
| Use-in-decisions question | Answer |
|---|---|
| Will review scores directly determine bonuses or salary bands? | Yes / No / Advisory only |
| Are there automated flags (e.g. “underperformer”) that trigger HR workflows? | Yes / No |
| Is there a separate, documented process for performance improvement plans (PIPs)? | Yes / No / In development |
| Can employees add written comments or objections before a review is final? | Yes / No |
| Do promotion and pay decisions always involve steps beyond the software rating? | Yes / No / Depends on level |
| Are managers trained to use reviews for development, not just rating? | Yes / No / Planned |
| Is there a clear rule that no one is dismissed automatically based on a score? | Yes / No / In policy draft |
5.5 AI features and guardrails: keeping human control
| AI & automation question | Answer |
|---|---|
| Does the system use AI for text suggestions, summaries or scoring? | Yes / No / Optional |
| Can managers fully edit or ignore AI suggestions? | Yes / No |
| Is any automated scoring used to rank employees or predict “top/low performers”? | Yes / No |
| Is AI processing limited to EU infrastructure and GDPR-compliant? | Yes / No / Under review |
| Can we explain in simple terms how AI features work to the council? | Yes / No |
| Do we have a policy restricting AI use to assistive (not decisive) functions? | Yes / No / Drafting |
| Are there controls to reduce biased wording and flag problematic language? | Yes / No / Roadmap |
6. Works agreement checklist with sample clause ideas
Once HR, management, and the works council are aligned, the agreed rules should be written down – as a works agreement (in Austria, a works agreement under Section 96a ArbVG). The goal is clarity, not legal jargon. The following checklist covers the ten sections a robust works agreement should contain – each with a concrete sample clause idea as a starting point. The final legal wording belongs in the hands of legal counsel.
| Agreement section | Sample clause idea (starting wording) |
|---|---|
| 1. Scope | “This agreement applies to all employees except senior executives and governs the introduction and use of the software [name] for performance evaluation.” |
| 2. Purpose limitation | “The system serves solely development-focused evaluation, structured feedback, and goal tracking. Use for covert performance or behaviour monitoring is excluded.” |
| 3. Data collected / data fields | “Only the fields exhaustively listed in Annex 1 are collected (role, goals, competency ratings, comments). Special-category data under Art. 9 GDPR is not processed.” |
| 4. Role-based access rights | “Full access to an individual evaluation is limited to the assessed person and their direct manager. HR receives only aggregated or purpose-bound reports.” |
| 5. Retention and deletion | “Detailed data is stored for [3] years and then automatically anonymised or deleted. On departure, deletion occurs within [X] months.” |
| 6. Transparency and objection rights | “Employees may view their full evaluation at any time, add a rebuttal, and have factual errors corrected within [14] days.” |
| 7. Link to pay/measures | “Evaluation results inform decisions but do not automatically determine them. Dismissals and disciplinary measures follow separate, co-determined procedures.” |
| 8. AI clause (human-in-the-loop) | “AI features produce only non-binding suggestions. Every evaluation is owned by a human and can be fully overridden. Automated scoring for ranking is excluded.” |
| 9. Manager training obligation | “Managers attend training on fair feedback, bias awareness, and correct system use before first use.” |
| 10. Change and evaluation clause | “Material changes (new modules, new criteria, new AI features) require renewed negotiation. The system is jointly evaluated annually.” |
These building blocks stay largely the same regardless of the specific tool. Tools already aligned with GDPR and the EU AI Act, with human-in-the-loop and granular role permissions, noticeably simplify the negotiation.
7. Five-phase process roadmap with timings
How long does it all take? That depends mainly on when you involve the works council. With early, transparent involvement from the planning phase, 4–8 weeks of pure negotiation time is realistic; without it, that quickly becomes 2–6 months. The roadmap below shows a typical flow – phases 2 and 3 start in parallel.
| Phase | What happens | Who | Typical duration |
|---|---|---|---|
| 1. Planning & early info (Section 90 BetrVG) | Clarify the need, inform and consult the council, settle the expert question | HR + works council | 2–4 weeks |
| 2. Requirements & selection | Define legal and data-protection requirements, select the tool, plan configuration | HR + IT + data protection | 4–8 weeks (parallel to phase 3) |
| 3. Documentation & demo | Prepare process maps, screenshots, data-flow diagram and Q&A | HR | 2–4 weeks (parallel to phase 2) |
| 4. Negotiating the works agreement | Negotiate clauses; if no agreement, conciliation committee (DE) or arbitration board (AT) | HR + council + legal | 4–8 weeks (with early involvement) |
| 5. Rollout & joint evaluation | Training, go-live, annual joint review | HR + works council | ongoing |
A rule of thumb from working with DACH HR teams: every week you invest in phases 1 and 3 saves you double in phase 4. Inform the council only just before go-live, and you risk exactly the six-month delay in the example above.
8. Typical red flags and how to mitigate them
Even with good preparation, certain features almost always raise concerns. Address them proactively and build mitigations into your configuration and works agreement.
| Red flag | Why it is a problem | Mitigation option |
|---|---|---|
| Hidden scoring formulas or forced ranking | Undermines transparency; hard to explain to employees and the council. | Disable forced distribution; share clear rating rubrics; allow manual overrides and visible calculations. |
| Unclear or unlimited data retention | Conflicts with GDPR principles and council expectations. | Set explicit retention periods (e.g. 3–5 years), configure automated deletion or anonymisation, document in the works agreement. |
| Unlimited exports to spreadsheets | Bypasses role-based access and audit logs; raises data leakage risk. | Limit exports to aggregate reports; log exports; require admin or HR approval. |
| Opaque AI or predictive scoring | Hard to audit for bias; conflicts with GDPR Art. 22 and the EU AI Act. | Use AI only for optional assistance; ensure full human control; allow disabling of riskier modules. |
| One-sided manager evaluations without employee input | Perceived as unfair and top-down; higher dispute rate. | Make self-assessments and employee comments mandatory before closure; encourage joint review meetings. |
| Too complex user experience | Managers bypass the system or enter poor-quality data. | Simplify templates; hide non-essential fields; run pilots; train managers. |
| Implicit use for hidden disciplinary tracking | Destroys trust; conflicts with stated developmental goals. | Separate disciplinary records from performance reviews; set a clear policy in the works agreement. |
9. Typical works council questions – and how HR can answer
Prepare for these recurring questions with clear, written answers aligned with your checklist.
| Typical works council question | Suggested HR answer style |
|---|---|
| What specific employee data will the new system collect? | List concrete fields (role, department, goals, ratings, comments) and confirm you exclude sensitive categories. |
| Who can view an employee’s review and feedback? | Explain role-based access: employee and direct manager see full details; HR sees only what is necessary. |
| Will employees be able to correct errors in their records? | Describe the correction workflow, including deadlines and who updates data. |
| How exactly do the rating categories and criteria work? | Show the rubric, definitions and examples; stress that criteria are behaviour-based and agreed. |
| Does a low score automatically lead to sanctions or PIPs? | Clarify that reviews trigger conversations, not automatic sanctions; PIPs follow separate procedures. |
| How long will performance data be stored? | State the retention period, what happens after, and how this is technically enforced. |
| Is any AI involved in scoring or drafting reviews? | Describe AI functions, stress human control, and acknowledge the expert right under Section 80(3) BetrVG. |
| Is the software fully available in German? | Confirm localisation and show examples. |
| How will we ensure managers use the process correctly? | Explain training, reminders, and audit logs. |
| How will future changes to the system be handled? | Commit to re-engaging the council for material changes. |
Conclusion: transparent alignment beats last-minute firefighting
Performance management software can strengthen development, alignment and fairness. In the DACH region it can also become a source of conflict if works councils are involved too late. Three points are decisive:
- The strongest legal basis is Section 87(1) no. 6 BetrVG (in Austria, Section 96a ArbVG): without agreement, the rollout is void and can be stopped by injunction.
- A complete works agreement with clear clauses on data, access, retention, AI and pay links is the best protection – and can itself be the legal basis under Art. 88 GDPR.
- Early involvement from the planning phase (Section 90 BetrVG) cuts the negotiation from months to weeks.
As automation grows, so does the need for joint governance. Co-determination does not have to slow you down – with a structured works council checklist, HR and the council can jointly build a performance process that employees understand and trust.
Frequently Asked Questions (FAQ)
1. Does the works council have to approve every performance management software?
Yes, if the system can monitor behaviour or performance – which is almost always the case for performance software (Section 87(1) no. 6 BetrVG). In addition, Section 94(2) BetrVG applies to assessment principles once the employer introduces them. What matters is the objective suitability for monitoring, not the employer’s intent.
2. What happens if the employer introduces the system without approval?
The measure is void according to the settled case law of the BAG. The works council can obtain an interim injunction to shut it down. If no agreement is reached, the conciliation committee decides (Section 87(2) BetrVG) with a ruling that has the effect of a works agreement.
3. Which BetrVG sections apply to PM software?
Primarily Section 87(1) no. 6 (technical monitoring) and Section 94(2) (assessment principles). Where pay is involved, Section 87(1) no. 10/11 applies with the council’s initiative right. Upstream, Section 90 (information in the planning phase) and Section 80(3) (experts, “necessary” for AI) apply.
4. What must a works agreement for PM software contain?
Scope, purpose limitation, data fields collected, role-based access rights, retention and deletion, transparency and objection rights, the link to pay and measures, an AI clause with human-in-the-loop, a manager training obligation, and a change and evaluation clause. Sample clause ideas are in the checklist above.
5. Do the same rules apply in Austria?
No. Austria regulates this in Section 96a ArbVG: consent is required for automated personnel data systems (para. 1 no. 1) and for employee evaluation systems (para. 1 no. 2). If no agreement is reached, the arbitration board decides. An individual’s consent does not replace the works agreement.
6. Does AI in PM software fall under the EU AI Act?
Yes. Under Annex III, category 4(b) of the EU AI Act, AI systems that monitor and evaluate employee performance and behaviour count as high-risk AI. The full obligations apply from 2 August 2026, including risk assessment, technical documentation, bias testing, human oversight and audit trails.
7. Can AI-driven scoring breach GDPR Art. 22?
Yes, if the decision is based solely on automated processing and produces legal or significant effects (Art. 22(1) GDPR). Employees then have the right to human intervention, to express their point of view, and to contest the decision (Art. 22(3)). Consent is usually not a suitable legal basis in employment; a works agreement under Art. 88 GDPR is the better route.
Jürgen Ulbrich
Jürgen Ulbrich has more than a decade of experience in developing and leading high-performing teams and companies. As an expert in employee referral programs as well as feedback and performance processes, Jürgen has helped over 100 organizations optimize their talent acquisition and development strategies.
