Compliance in the use of artificial intelligence

A practical and explanatory guide for any business — regardless of the product or service offered — that uses, integrates or develops artificial intelligence. It covers both the substantive rules of Regulation (EU) 2024/1689 (AI Act) and the essential related legislation, in particular GDPR.

Updated June 2026 Legal framework Reg. (EU) 2024/1689 · GDPR · Law 190/2018 · CJEU · EDPB Audience Companies that use, integrate or develop AI
Max fine · prohibitions
€35M / 7%
Fine · other obligations
€15M / 3%
Serious incident reporting
≤ 15 days
High-risk logs retention
≥ 6 months
How to read this material
The guide synthesises official sources (EUR-Lex, CURIA, EDPB, European Commission, Council of the EU, Gov.ro, ANSPDCP) and covers both the substantive rules (risk classification, obligations, prohibitions) and the procedural ones (calendar, authorities, penalties), as well as essential related legislation, in particular GDPR. It does not constitute legal advice — the AI Act framework is evolving, particularly the calendar, currently being amended through the "Digital Omnibus" (see chapter 11).
Chapter 1

Why the AI Act matters for your business

The world's first horizontal law on artificial intelligence — and why it concerns you even if you "just use" AI tools

Regulation (EU) 2024/1689 (the "AI Act") is the world's first comprehensive legal framework dedicated to artificial intelligence. It is a regulation, so it applies directly in Romania, with no need for transposition into national law. It entered into force on 1 August 2024 and applies in stages through 2027 and 2028.

Three ideas every company should internalise

  • It concerns you even if you don't develop AI. Most firms are "deployers" (professional users of AI) and have their own obligations, distinct from those of the provider. A support chatbot, a CV-screening tool or ChatGPT used at the office all fall within the scope.
  • It applies extraterritorially. The regulation catches firms outside the EU if the output of the AI system is used within the Union (art. 2 of Reg. 2024/1689). There is no size threshold — it applies to SMEs as well.
  • The fines are large. Up to €35 million or 7% of global turnover for prohibited practices (art. 99). In parallel, GDPR already applies fully to any data processing through AI.
The basic logic of the regulation
The AI Act does not regulate "the technology" itself, but its use. The same technology can be minimal, high-risk or prohibited depending on the purpose and context of use. That is why the first step for any business is to inventory its AI systems and classify them by risk tier (see chapter 15).
Chapter 2

Scope and key definitions

What an "AI system" is, who is covered and what is excluded

What "AI system" means (art. 3(1))

An AI system is "a machine-based system designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments". The definition is aligned with the OECD's. The Commission published guidance (February 2025) for delimitation from classic software.

Who is covered — territorial scope (art. 2)

  • Providers placing AI systems on the EU market, whether established in the EU or in a third country.
  • Deployers (professional users) established or located in the EU.
  • Providers and deployers from outside the EU where the output of the system is used in the Union — the main extraterritorial "hook".
  • Importers, distributors, product manufacturers and authorised representatives.

What is excluded from scope

ExclusionContent and limits
Military, defence, national securityFully excluded when used exclusively for those purposes (art. 2(3)).
Scientific research and developmentSystems developed solely for scientific R&D, and testing/development activity before placement on the market (art. 2(6) and (8)). Real-world testing is NOT excluded.
Personal non-professional useNatural persons using AI in a purely personal activity (art. 2(10)).
Free and open-source softwareExcluded, except where it is high-risk, falls under the prohibitions of art. 5 or under the transparency of art. 50 (paragraph (12)).
Data protection law remains fully applicable
Art. 2(7) expressly confirms that GDPR, the ePrivacy Directive and the Law Enforcement Directive continue to apply to any processing of personal data carried out through AI. The AI Act is added on top of GDPR — it does not replace it.
Chapter 3

Roles in the value chain — which one are you?

The most important distinction in the entire regulation — most obligations depend on your role

RoleDefinition and key obligations
Provider
(art. 3(3))		The party that develops an AI system or a GPAI model (or has it developed) and places it on the market under its own name/brand, with or without payment. Bears the heaviest obligations (technical documentation, conformity assessment, CE marking etc.).
Deployer (professional user)
(art. 3(4))		The party that uses an AI system under its authority, in a professional context. This is where most firms fall. Has its own obligations (human oversight, informing affected persons, log retention, DPIA/FRIA).
Importer / distributor / authorised representativeIntermediate roles in the distribution chain (art. 3(5)–(7)). The umbrella term for all of them is "operator" (art. 3(8)).
The trap: a deployer can "become" a provider (art. 25)
You turn into a provider, with all the related obligations, if: (1) you put your name/brand on a high-risk system, (2) you make a substantial modification (e.g. major fine-tuning of a model), or (3) you change the purpose of the system into a high-risk one. This is the most frequent trap for firms that customise existing AI tools.
Chapter 4

The pyramid of the four risk tiers

The heart of the regulation: the higher the risk, the stricter the obligations

TierContentRegime
1. Unacceptable risk8 categories of AI practices listed in art. 5Prohibited · fine up to €35M / 7%
2. High riskSystems covered by art. 6 + Annexes I / III (HR, scoring, biometrics etc.)Full obligations (art. 8–17, 26, 27) · fine up to €15M / 3%
3. Limited riskChatbots, generated content, deepfakes, emotion/biometric recognitionTransparency obligations (art. 50) · fine up to €15M / 3%
4. Minimal riskThe vast majority of applications (spam filters, AI in games, inventory management, productivity)No specific obligations — only AI literacy + GDPR

The vast majority of AI systems used by firms are minimal risk and have no specific obligations, save for AI literacy (art. 4) and GDPR compliance. The following chapters detail each tier.

Chapter 5

Prohibited practices (art. 5)

In force since 2 February 2025 · the largest fine: €35 million or 7% of global turnover

The eight categories of AI practices prohibited in the EU:

  1. Subliminal, manipulative or deceptive techniques. Systems using techniques beyond a person's consciousness to materially distort behaviour, impairing their capacity to take an informed decision and causing (or likely to cause) significant harm (art. 5(1)(a)). Relevant for advanced "dark patterns".
  2. Exploiting vulnerabilities due to age, disability or socio-economic situation to distort behaviour, with risk of significant harm ((b)).
  3. Social scoring. Evaluating/classifying persons based on social behaviour or personal characteristics, leading to detrimental treatment in contexts unrelated to the original data or disproportionate ((c)).
  4. Individual predictive policing. Assessing the risk that a person will commit a crime based solely on profiling or personality traits ((d)). Exception: AI supporting a human assessment already based on objective facts.
  5. Untargeted scraping of facial images. Creating/expanding facial recognition databases through untargeted scraping from the internet or CCTV cameras ((e)).
  6. Emotion recognition in the workplace and in education. Inferring emotions of employees or pupils/students, prohibited, save for medical or safety purposes ((f)). Very relevant for any employer assessing the "state" of personnel.
  7. Biometric categorisation by sensitive attributes. Inferring, from biometric data, race, political opinions, trade-union membership, religious/philosophical beliefs, sex life or sexual orientation ((g)).
  8. "Real-time" remote biometric identification in public spaces for law-enforcement purposes — prohibited in principle, with strict exceptions and prior judicial authorisation (search for victims, prevention of a terrorist threat etc.) ((h)).
Proposed addition (Digital Omnibus, 2026)
A new prohibition is proposed concerning the generation of non-consensual intimate images ("nudifiers") and child sexual abuse material, with a transition period until 2 December 2026 (Council of the EU, communication of 7 May 2026). See chapter 11.
Chapter 6

High-risk systems (art. 6 + Annexes I and III)

The tier with the most obligations — this is where AI in HR, credit scoring, insurance, medical devices and critical infrastructure sits

Two "routes" to high-risk classification

  • Route 1 — regulated product (art. 6(1)): the AI system is a safety component of a product (or is itself the product) covered by the harmonisation legislation in Annex I (machinery, toys, medical devices, lifts, motor vehicles, aviation) and that product undergoes third-party conformity assessment.
  • Route 2 — use cases in Annex III (art. 6(2)): the system falls within one of the 8 domains listed in Annex III. This is the route relevant for most non-industrial businesses.
The filter at art. 6(3) — and its exception
A system from Annex III is not high-risk if it does not present a significant risk (e.g. it performs a narrow procedural or preparatory task). BUT any system that profiles natural persons is always high-risk.

The 8 Annex III domains

DomainTypical business examples
1. BiometricsRemote biometric identification (not 1:1 verification), biometric categorisation, emotion recognition
2. Critical infrastructureAI as a safety component in traffic, water, gas, electricity, digital infrastructure
3. Education and trainingAdmission, scoring of results, detection of exam fraud
4. Employment / HRRecruitment, application filtering, candidate assessment, promotion/dismissal decisions, performance monitoring
5. Essential servicesEligibility for public benefits, credit/creditworthiness scoring, risk assessment and pricing in life and health insurance, triage of emergency calls
6. Law enforcementRisk assessment, evaluation of evidence reliability, profiling in investigations
7. Migration, asylum, border controlExamination of visa/asylum applications, security risk assessment
8. Justice and democratic processesAssisting judicial authority, influencing the outcome of elections/referendums

Obligations of the PROVIDER of a high-risk system (art. 8–17)

  • Risk management system (art. 9) — a continuous, documented process across the entire lifecycle.
  • Data governance (art. 10) — relevant, representative, error-free datasets, examined for bias.
  • Technical documentation (art. 11 + Annex IV) — drawn up before placement on the market, kept up to date.
  • Event logging (art. 12) — automatic logging for traceability.
  • Transparency and instructions (art. 13) — clear instructions for use addressed to deployers.
  • Human oversight (art. 14) — designed for effective human control, with a "stop" mechanism.
  • Accuracy, robustness, cybersecurity (art. 15) — resilience to errors and attacks (data poisoning, adversarial).
  • Quality management system (art. 17) + conformity assessment (art. 43), EU declaration (art. 47), CE marking (art. 48), registration in the EU database (art. 49).

Obligations of the DEPLOYER of a high-risk system (art. 26 and 27)

  • Use in accordance with the provider's instructions and ensuring human oversight by competent and trained persons (paragraphs (1) and (2)).
  • Monitoring operation and suspending use + reporting serious incidents (paragraph (5)).
  • Keeping logs for at least 6 months (paragraph (6)).
  • Informing workers' representatives and employees before using a high-risk system in the workplace (paragraph (7)).
  • Notifying natural persons that they are subject to a high-risk system affecting decisions about them (paragraph (11)).
  • Carrying out a DPIA (art. 35 GDPR) using the information from art. 13 (paragraph (9)).
FRIA — Fundamental Rights Impact Assessment (art. 27)
Mandatory before use for: (i) deployers that are public bodies or private entities providing public services, and (ii) all deployers of credit scoring systems (Annex III 5(b)) and life/health insurance pricing (5(c)). This catches even private banks and insurers. FRIA complements, not replaces, the GDPR DPIA.
Chapter 7

Transparency obligations — limited risk (art. 50)

Applies from 2 August 2026 · relevant for chatbots, AI-generated content and deepfakes — i.e. for almost any firm with a digital presence

CategoryContent of the obligation
Chatbots / interaction with AIPersons must be informed that they are interacting with an AI, at the latest at the first interaction, except where this is obvious (paragraph (1)).
Marking generated contentAI-generated audio/image/video/text outputs must be marked in a machine-readable format and detectable as artificial (paragraph (2)).
Emotion recognition / biometric categorisationDeployers must inform exposed persons (paragraph (3)).
DeepfakesDeepfake content must be disclosed as artificially generated/manipulated, even without intent to deceive (paragraph (4)). A lighter regime applies to evidently artistic/satirical works.
Text of public interest
AI-generated text published to inform the public on matters of public interest must be disclosed as such, except where there is human editorial review and accountability.

Calendar note: the transparency obligation under art. 50 remains at 2 August 2026 (it is not deferred by the Digital Omnibus), with a four-month grace period, until 2 December 2026, only for the marking (watermarking) obligation of existing systems.

Chapter 8

General-purpose AI — GPAI models (art. 51–56)

Rules applicable from 2 August 2025 · they concern you mainly as a provider of a model, but also as a firm using ChatGPT, Copilot, Claude or Gemini

A two-tier regime

All GPAI models — providers must: (a) draw up technical documentation (Annex XI), (b) provide information to downstream providers (Annex XII), (c) adopt a copyright policy, including the rights reservation (opt-out) of Directive (EU) 2019/790, (d) publish a sufficiently detailed summary of the content used for training (art. 53).

GPAI models with systemic risk

A model is presumed to have "high-impact capabilities" (hence systemic risk) when the cumulative compute used for training exceeds 10²⁵ FLOPs (art. 51). Those providers have additional obligations (art. 55): model evaluation and adversarial testing, mitigation of systemic risks, reporting of serious incidents, adequate cybersecurity.

What it means for a firm that ONLY uses an LLM
If you use ChatGPT/Copilot/Claude at the office, you are a deployer, not a GPAI provider — the heavy obligations of art. 53/55 rest with the vendor (OpenAI, Microsoft, Anthropic, Google). You become a provider only if you put your brand on the model, perform substantial fine-tuning, or integrate it into a high-risk use. See the "generative AI" sector in chapter 14.

Compliance is demonstrated, until harmonised standards are published, through the GPAI Code of Practice facilitated by the AI Office (art. 56). Fines for GPAI providers are imposed separately by the Commission, up to €15M or 3% (art. 101).

Chapter 9

AI literacy (art. 4)

In force since 2 February 2025 · a horizontal obligation, applying to all providers and deployers regardless of risk tier

Providers and deployers must take measures to ensure, to their best extent, a sufficient level of AI literacy among their staff and other persons operating AI systems on their behalf, taking into account their knowledge, experience and the context of use.

A quick compliance win
In practice, this means training employees who use AI tools, calibrated by role and context. It is one of the simplest and cheapest compliance measures — and it is already mandatory. Document the training (who, when, what content).
Chapter 10

Interaction with GDPR — the legal layer that is active today

The AI Act applies in stages · GDPR already applies fully · for most businesses, this is the immediate exposure

The AI Act is "without prejudice" to GDPR — the two regimes apply cumulatively (art. 2(7) AI Act). Since almost any training or use of AI involves personal data, it triggers simultaneously: legal basis (art. 6 GDPR), purpose limitation (art. 5(1)(b)), data minimisation (art. 5(1)(c)) and accountability (art. 5(2)).

Art. 22 GDPR — automated individual decisions and profiling

The data subject has the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects or significantly affects them. The CJEU has qualified this right as a principled prohibition, not a right to be invoked (C-634/21 SCHUFA). The exceptions (paragraph (2)): contractual necessity, legal authorisation or explicit consent — each with safeguards (right to human intervention, to express one's point of view and to contest).

Relevant CJEU case law

  • C-634/21 SCHUFA (7 Dec. 2023) — the automated production of a credit score by a credit agency is an "automated decision" within the meaning of art. 22 where a third party (the bank) relies heavily on that score to conclude/refuse a contract. Consequence: the entity producing the score may be the controller concerned, not just the front-facing firm.
  • C-203/22 Dun & Bradstreet (27 Feb. 2025) — the right to "meaningful information about the logic involved" (art. 15(1)(h)) requires a concise, intelligible explanation of the procedure and criteria actually applied — not disclosure of the algorithm. Trade secrecy does not justify a total refusal. The tension is resolved by an authority/court, not unilaterally.

DPIA (art. 35 GDPR) and its relation to FRIA

A DPIA is mandatory for high-risk processing, including systematic evaluation through profiling that supports decisions with legal effects. ANSPDCP has adopted a list of processing operations requiring a DPIA (Decision no. 174/2018). For deployers of high-risk AI, best practice is an integrated DPIA + FRIA — one exercise, two outputs.

EDPB · Opinion 28/2024 on AI models and personal data (17 Dec. 2024)

  • Anonymity of models: models trained on personal data cannot be presumed anonymous. Assessment is case-by-case, testing the risk of data extraction.
  • Legitimate interest (art. 6(1)(f)): possible for development/deployment, but subject to the three-step test. Merely complying with transparency is not sufficient to make processing "reasonably expected".
  • Unlawful processing during training: may affect the lawfulness of subsequent deployment. Authorities may even order the erasure of the dataset or the model.
Note
The AI Act adds, at art. 86, a right to explanation of the individual decision for high-risk Annex III systems, complementary to GDPR rights.
Chapter 11

Application calendar

Staged application · note: the calendar is currently being amended through the "Digital Omnibus"

DateContent
1 August 2024Entry into force of the regulation.
2 February 2025Prohibited practices (art. 5) and AI literacy (art. 4).
2 August 2025GPAI obligations (art. 51–56), governance (AI Office, Board), the penalty regime, notifying authorities.
2 August 2026General application + transparency obligations (art. 50). Most high-risk Annex III systems should apply now — but the Digital Omnibus proposes a deferral (see below).
2 August 2027High-risk systems on the Annex I route (regulated products, art. 6(1)) + GPAI models placed on the market before Aug. 2025 must be brought into compliance.
"Digital Omnibus on AI" — deferral of high-risk obligations (political agreement, May 2026)
On 6 and 7 May 2026, a provisional political agreement was reached (confirmed in Council on 13 May) deferring the high-risk deadlines because the implementation infrastructure (harmonised standards, notified bodies, EU database) was running late:
  • Annex III (stand-alone high risk): 2 Aug. 2026 → 2 December 2027.
  • Annex I (high risk in products): 2 Aug. 2027 → 2 August 2028.
  • NOT deferred: the prohibitions (art. 5), AI literacy (art. 4), GPAI and transparency (art. 50 remains at 2 Aug. 2026).
Important: these dates are provisional until publication in the Official Journal. Until then, the original dates in art. 113 remain legally binding. Recommendation: use the breathing space to build compliance, not to wait.
Chapter 12

Governance, authorities and penalties

Who supervises and what non-compliance costs

EU-level institutional architecture

  • AI Office — within the Commission. Supervises GPAI, coordinates the Codes of Practice (art. 64).
  • European Artificial Intelligence Board — Member State representatives. Coordinates application (art. 65 and 66).
  • Advisory Forum — industry, SMEs, civil society, academia (art. 67).
  • Scientific Panel of independent experts — 60 experts, GPAI systemic risk, "qualified alerts" (art. 68).

At national level, each state designates at least one notifying authority and one market surveillance authority, plus a single point of contact (art. 70). High-risk system conformity is attested through conformity assessment (art. 43), the EU declaration of conformity (art. 47), CE marking (art. 48) and registration in the EU database (art. 49 and 71).

Penalties (art. 99)

Type of infringementMaximum fine
Prohibited practices (art. 5)€35M or 7% of total worldwide annual turnover (whichever is higher)
Other obligations of operators (high risk, transparency etc.)€15M or 3%
Supplying incorrect/misleading information to authorities€7.5M or 1%

For SMEs and start-ups, the lower of the percentage and the lump sum applies (proportionality, art. 99(6)). GPAI providers are sanctioned separately by the Commission (art. 101). Reporting of serious incidents: generally without delay and no later than 15 days (art. 73) — not to be confused with the 72-hour GDPR deadline.

Chapter 13

Romania — institutional framework

What was decided through the Government Memorandum of 12 March 2026 — and what is still being prepared

Romania designated the AI Act authorities through a Government Memorandum adopted on 12 March 2026. The chosen model is a hybrid one:

AuthorityRole
ANCOMNational market surveillance authority + single point of contact (central coordinating body)
ADR (Romanian Digitalisation Authority)Notifying authority (art. 28), evaluating and monitoring conformity assessment bodies. It is NOT the central supervisory authority.
ANSPDCPSupervision of high-risk AI in biometrics, law enforcement, migration/asylum, justice and democratic processes, as well as arbiter for AI involving personal data
ASF and BNRSupervision of high-risk AI used by regulated financial institutions
Sectoral authorities (Annex I)ANMDMR (medical devices), ANPC, ISCIR, the Labour Inspectorate, the Naval Authority etc.
DNSCSupport on cybersecurity and resilience aspects
What is still being prepared (June 2026)
The Memorandum is a policy act, not the implementing law. The national law that will define ANCOM's inspection/sanctioning procedures and the channel for administrative fines is expected, but not yet adopted. Secondary legislation will follow. There is no ANSPDCP AI-specific decision or guidance yet. Nevertheless, the AI Act being directly applicable, it binds Romanian firms regardless of this lag. ANSPDCP practice relevant for AI currently addresses adjacent areas (cookies on an AI-app directory, warnings on facial recognition by employers, GPS monitoring).

Note on Law 190/2018 (the Romanian implementation of GDPR): art. 3 allows the processing of genetic/biometric/health data for automated decisions or profiling only with explicit consent or an express legal basis — stricter than GDPR. Art. 5 regulates workplace monitoring (consultation of representatives, retention max. 30 days), relevant for any AI tool monitoring employees.

Chapter 14

Worked examples by economic sector

The same technology, different classifications

HR / Recruitment (CV screening and ranking) — high risk

Scenario: the firm uses an AI system to filter CVs and rank candidates. Classification: high risk, Annex III pt. 4. The use case is what matters, not the degree of automation — ranking for human review also falls within scope. Roles: the employer = deployer; the software supplier = provider. Steps: use in accordance with instructions, competent human oversight, informing workers' representatives and candidates (art. 26(7) and (11)), logs ≥ 6 months, DPIA, attention to art. 22 GDPR if rejection is purely automated. Emotion recognition in recruitment = prohibited (art. 5).

Financial services (credit scoring and insurance pricing) — high risk

Credit scoring: high risk (Annex III 5(b)), exception for fraud-detection AI. FRIA mandatory (art. 27). Strong overlap with art. 22 GDPR: per the SCHUFA judgment, the score may itself be the regulated decision. A purely automated decision must clear an art. 22 gate (usually "necessary for the contract"), with safeguards (human intervention, contestation).

Life and health insurance: high risk (Annex III 5(c)), no fraud exception. Only AI for prudential requirements is excluded. FRIA + human oversight at underwriting. Health data = art. 9 GDPR. Art. 10(5) AI Act permits limited processing for bias detection/correction.

Marketing and advertising (chatbots, recommendations, deepfakes) — transparency

Recommendation systems / personalised advertising: generally minimal/limited risk under the AI Act. Constraints come from the DSA and GDPR/ePrivacy. Watch out for the art. 5 prohibition on manipulative techniques and "dark patterns".

AI-generated advertising content: the marking obligation under art. 50(2) rests with the provider of the tool — choose compliant tools. Public-interest text needs AI disclosure or documented human editorial accountability.

Deepfakes / cloned voices in ads: a case of maximum attention — mandatory disclosure that this is AI content (art. 50(4)), even without intent to deceive. Cloning a real person adds biometric data (GDPR) + personality rights, documented explicit consent.

Customer-relations chatbot — transparency

Limited risk (art. 50(1)). The user must be informed they are speaking to an AI, clearly and at the first interaction. Contractually secure the marking from the vendor. Offer a route to a human operator. GDPR note + legal basis for conversation data. It becomes high risk only in rare cases (e.g. deciding access to essential services).

Healthcare (diagnostic AI and medical devices) — high risk

High risk on the product route (art. 6(1) + Annex I) when the software is a medical device requiring notified-body assessment under MDR (2017/745) or IVDR (2017/746), typically MDR class IIa+ / IVDR class B+. MDR class I devices (no notified body) are not high risk unless they also hit Annex III. Dual compliance: MDR/IVDR + AI Act (unified technical file, data governance, transparency, human oversight, clinical evidence). Annex I obligations apply from 2 Aug. 2027 → deferred to 2 Aug. 2028 by the Omnibus.

Generative AI / LLMs at the office (ChatGPT, Copilot, Claude) — deployer + GPAI

You are a deployer, not a GPAI provider — the heavy obligations rest with the vendor. You become a provider if you put your brand on it, perform substantial fine-tuning or integrate the model into a high-risk use. Three concrete risks:

  • Transparency (art. 50) for publicly-generated content.
  • Copyright / IP: EU law is centred on the human author — output purely generated by AI is generally not protectable. Add human authorship if you want to own it.
  • Confidentiality/GDPR — the biggest daily risk: inputting personal data, trade secrets or privileged information into public LLMs may breach GDPR. Mitigation: enterprise versions with "no-training" + EU residency + DPA, plus an enforced internal AI use policy (approved tools, data classification, human review).

Biometrics, access control and emotion recognition — prohibited / high risk

Emotion recognition in the workplace/education = PROHIBITED (art. 5(1)(f)), save for medical/safety purposes. AI that "reads" employees' emotions is prohibited. Reading customers' is high risk + a art. 50(3) notice.

Biometric access control: a critical distinction — 1:1 verification (confirming the person is who they claim) is outside Annex III. 1:many identification is high risk (Annex III 1(a)). Art. 9 GDPR applies anyway: biometric templates = sensitive data, and consent in the workplace is usually invalid (power imbalance). Offer a non-biometric alternative.

Biometric categorisation to infer sensitive attributes (race, religion, orientation) = prohibited (art. 5(1)(g)).

General productivity tools — minimal risk

Even minimal-risk tools trigger: AI literacy (art. 4, already in force — training) and full GDPR (legal basis, transparency, DPIA where applicable, discipline in classifying input data).

Chapter 15

Compliance roadmap — step by step

Applicable to any business · the deferral of high-risk deadlines is "a deferral, not a cancellation" — start now

  1. Inventory — the AI register: each system (purpose, data sources, decisional scope, affected persons, owner, vendor).Surface "shadow AI".
  2. Classify the risk — prohibited / high / limited / minimal (art. 5, art. 6 + Annexes).You can use the European Commission's official Compliance Checker.
  3. Establish the roles — provider / deployer / importer / distributor per system.Check the art. 25 "traps" (brand, substantial modification, repurposing).
  4. Literacy / training — by role, documented, now (art. 4).
  5. Governance and internal AI policy — ownership, an approval gate for new tools, an incident escalation path.
  6. Vendor and contract due diligence — obtain the art. 13 instructions, check CE marking / registration.Push obligations, liability, audit rights, incident notification.
  7. DPIA / FRIA — a single integrated exercise, two outputs.FRIA complements DPIA (mandatory for the narrow population of art. 27).
  8. Transparency noticesart. 50 (chatbots, deepfakes, public text, emotions/biometrics) + art. 26(11) (affected persons) + art. 26(7) (employees).
  9. Human oversight — trained and empowered overseers (art. 26(2)).Avoid the "rubber-stamp" signature (automation bias).
  10. Documentation and logging — keep the provider's documents. Logs ≥ 6 months (art. 26(6)).
  11. Monitoring and incident reporting — monitor (art. 26(5)).Report serious incidents to the provider + the authority (art. 73, generally within 15 days).
Chapter 16

Common mistakes to avoid

The traps most often encountered in firms' practice

MistakeWhy it is a trap
1. "We're not in the EU, so it doesn't concern us"The regulation is extraterritorial. There is no size threshold.
2. Confusing provider ↔ deployerThe mistake with the gravest consequences — because it determines what obligations you have.
3. "The vendor is certified, so we're covered"The deployer has independent obligations.
4. Ignoring AI literacyAlready mandatory (art. 4) and easy to tick.
5. "Shadow AI"Tools used by employees without approval, not inventoried.
6. Under-assessing the riskProfiling automatically makes a system high risk.
7. "One-shot" due diligenceCompliance is a whole-lifecycle exercise.
8. Ignoring the overlap with GDPRDPIA + FRIA accumulate. GDPR already applies.
9. "Human-in-the-loop" for formOversight must be real and empowered.
10. "Open-source = compliant"The open-source exception does not cover high risk / art. 5 / art. 50.
Chapter 17

Frequently asked questions

Concise answers to the questions we receive most often

Does the AI Act apply if my firm is outside the EU?

Yes, if the output of the AI system is used in the Union, or if you place the system on the EU market (art. 2).

We use ChatGPT/Copilot at the office — do we have to do anything?

You are a deployer. The minimum obligations: AI literacy (training), an internal use policy, GDPR compliance for input data, and transparency (art. 50) for publicly-generated content. You only become a GPAI provider if you perform substantial fine-tuning or put your brand on it.

Is staff training mandatory?

Yes — art. 4 (AI literacy), in force since 2 February 2025, for any provider or deployer, regardless of risk tier.

Must we tell customers we use AI?

Yes, in the art. 50 cases: chatbots, generated content, deepfakes, emotion recognition. For high-risk systems, affected persons must also be notified (art. 26(11)).

What is the difference between the AI Act and GDPR?

They apply in parallel. The AI Act = product-safety-style legislation. GDPR = data protection. For high-risk AI that processes personal data, you need DPIA + FRIA. Incident reporting: AI Act = 15 days (art. 73); GDPR = 72 hours.

What happens if I fail to comply?

Fines up to €35M / 7% (prohibited practices), €15M / 3% (other obligations), €7.5M / 1% (incorrect information). SMEs benefit from the lower cap (art. 99).

Have the high-risk deadlines really been deferred?

There is a provisional political agreement (May 2026) deferring Annex III to 2 Dec. 2027 and Annex I to 2 Aug. 2028 — but it has not yet been published in the Official Journal. Until then, the original dates remain binding. Transparency (art. 50) and the prohibitions are NOT deferred.

Chapter 18

Official and trusted sources

The binding text remains the one in the Official Journal (EUR-Lex)

EU legislation and official texts

  • Regulation (EU) 2024/1689 (AI Act), full text — EUR-Lex.
  • Regulation (EU) 2016/679 (GDPR) — EUR-Lex.
  • European AI Office — European Commission (digital-strategy.ec.europa.eu).
  • GPAI Code of Practice — European Commission.
  • AI Act Service Desk (official FAQ) — European Commission.
  • AI literacy FAQ (art. 4) — European Commission.
  • Council of the EU — communication of 7 May 2026 ("Digital Omnibus" agreement).
  • Council of the EU — official AI Act page.

CJEU case law and EDPB guidance

  • C-634/21 SCHUFA (Scoring), 7.12.2023 — CURIA / EUR-Lex.
  • C-203/22 Dun & Bradstreet, 27.2.2025 — CURIA / EUR-Lex.
  • C-26/22 & C-64/22 SCHUFA (Discharge), 7.12.2023.
  • C-582/14 Breyer, 19.10.2016.
  • C-184/20 OT v Vyriausioji, 1.8.2022.
  • EDPB — Opinion 28/2024 on AI models (17.12.2024).

Romania

  • Government of Romania — communication of 12 March 2026 (designation of the AI Act authorities), gov.ro.
  • ANSPDCP — GDPR sanctions register (dataprotection.ro).
  • Law 190/2018 (Romanian implementation of GDPR) — official ANSPDCP text.
Informational character
This guide synthesises official sources and does not constitute legal advice. The AI Act framework is evolving — particularly the calendar, currently being amended through the "Digital Omnibus". For an assessment applied to your business, please contact us.