The EU AI Act, made legible.
Plain-English guides and references for deployers, the businesses that use AI. Clear about what the rules actually ask, and honest that this is education, not legal advice.
The essentials
The ideas that make everything else click.
The EU AI Act sorts AI uses into four risk tiers. What each tier means, examples of each, and what it asks of you.
Read →The EU AI Act treats the company that builds AI differently from the company that uses it. How to tell which role you are in, and why it matters.
Read →The EU AI Act has a specific definition of an AI system. What it includes, what it does not, and why the line matters.
Read →Using mainstream AI assistants is not banned by the EU AI Act. Why the answer depends on how you use them, not which tool you pick.
Read →The EU AI Act attracts a lot of confident misinformation. The myths that come up most, and what is actually true.
Read →Article by article
The duties and rules of the Act, explained one at a time.
Article 5 of the EU AI Act bans a small set of AI uses outright. What they are, who they affect, and why most businesses will never touch them.
Read →Article 4 of the EU AI Act asks organisations to give their people a sufficient level of AI literacy. What that means, and how to meet it.
Read →Article 50 of the EU AI Act sets transparency duties for AI that interacts with people or generates content. Learn when disclosure is required.
Read →Article 14 of the EU AI Act requires effective human oversight of high-risk AI systems. Here is what oversight means for a deployer.
Read →Article 9 requires a risk management process that runs across a high-risk system's life. What it involves, and what it means for a deployer.
Read →Article 26 sets the core duties for deployers of high-risk AI systems. The practical checklist every deployer should work through.
Read →Some deployers must assess a high-risk system's impact on fundamental rights before using it. Who Article 27 applies to, and what it involves.
Read →If a high-risk AI system causes or risks serious harm, it has to be reported. What counts as a serious incident, and the deployer's part.
Read →Falling in an Annex III area does not always make a system high-risk. Article 6 sets the test, and a narrow exception.
Read →Annex III lists the uses the EU AI Act treats as high-risk. A plain-English tour of the areas it covers, and the ones most businesses meet.
Read →High-risk AI systems are recorded in a public EU database. Who registers what, and what it means for a deployer.
Read →Put it into practice
Turn the rules into an inventory, a policy, and a plan.
An inventory of the AI you use is the foundation of AI Act compliance. How to build one without it becoming a project.
Read →A short, practical AI policy is the simplest way to meet the AI literacy duty and set ground rules. What to put in one.
Read →A short due-diligence checklist for bringing a new AI tool into your business, covering both the AI Act and the data side.
Read →Providers of high-risk AI carry heavy duties. What those are, and what they mean you can rely on, and ask for, as a deployer.
Read →The Act phases in over several years. A practical to-do list tied to each milestone, rather than only the dates.
Read →Going deeper
Scope, edge cases, and the topics that keep coming up.
General-purpose AI models like large language models carry their own rules under the Act. What that means if you use the tools built on them.
Read →Biometric AI spans every tier of the Act, from banned to high-risk to transparency. A map of where each use falls.
Read →Free and open-source AI gets some breaks under the Act, but not for high-risk or prohibited uses. What that means if you use open models.
Read →The EU AI Act sits alongside the GDPR, not instead of it. Where the two overlap, and what that means for a deployer using AI on personal data.
Read →The EU AI Act's fines, who enforces it, and the proportionality built in for smaller businesses. Educational, not legal advice.
Read →The EU AI Act can reach beyond the EU's borders. When a non-EU company is caught, and when it is not.
Read →The EU AI Act is one regulation, but parts of it are applied at national level. What can differ between EU countries, and what does not.
Read →Guidance for your industry
Recruitment is one of the most exposed sectors under the EU AI Act. If you use AI to screen or rank candidates, you are likely deploying a high-risk system.
Read →If your product ships AI features to EU customers, you may be both a provider and a deployer. Most internal uses are lighter, but customer-facing AI brings transparency duties.
Read →Hospitality runs on embedded AI: revenue management, guest messaging, and increasingly deposit and risk scoring. Most is low-risk, but a few uses need attention.
Read →Healthcare is high-stakes under the Act. Diagnostic and triage AI can be high-risk, while scribing and admin tools usually are not.
Read →Most legal AI — research, drafting, review — is minimal-risk. The obligations to watch are client-facing transparency and the firm's own AI literacy.
Read →Look things up
Stop reading. Start with your own AI.
The fastest way to understand the Act is to see how it lands on the tools you already use. Run the free inventory in about five minutes.
14-day trial of Business · no card · see pricing