Transparency rules in2 Aug 2026
The product

The whole EU AI Act loop, in one tool.

Inventory the AI you use, classify each system under Annex III, generate the documents, and keep them current as the rules move. Built for deployers, the businesses that use AI, not the ones that build it.

InventoryClassifyDocumentMaintain
app.veillo.eu / dashboard
Workspace / Dashboard

Compliance posture

Bregenz Hospitality · 14 systems · reviewed 14 days ago
Score
72 / 100
Next deadline
65 days
High-risk obligations · 2 Dec 2027
Systems
2 high-risk
3 limited
9 minimal
Action items
Complete Human Oversight Protocol for HireScreen AIHIGH-RISK
Confirm AI-assisted classification for CreditCheck moduleCONFIRM
Publish the AI Literacy Policy across the orgARTICLE 4
UpdateAI Office guidance on Article 50 transparency, affects 2 of your documents.
01Inventory

Start from the tools you already run.

Most SMBs use ten or more AI tools and have never written them down. Veillo starts you from a library of nearly 100 common tools, so the first pass is mostly ticking boxes.

  • Pick from a pre-built library, grouped by category, with brand logos so they are easy to spot.
  • Add custom-built systems in free text; the classifier reads the description.
  • Re-checked whenever you add something new, so the register never drifts.
Step 2 · AI tools
AllProductivityHR & recruitingCustomer service
ChatGPTOpenAI
HireVueHireVue
Intercom FinIntercom
Notion AINotion
PersonioPersonio
+ Add a custom-built system
Nearly 100 tools in the library
02Classify

A tier for every system, with the reasoning attached.

Classification depends on the use, not the tool. Veillo maps each use case to a risk tier using a rules table reviewed by counsel, and shows you why.

  • Prohibited, high-risk, limited, or minimal, with the Annex III reference.
  • The model can suggest a tier for free-text systems, but it is always marked AI-assisted and waits for your confirmation.
  • A high-risk result never confirms itself. It routes to a person to sign off.
Step 4 · Results
HireScreen AI
Candidate ranking
HIGH-RISKIII · 4(a)
Intercom Fin
Service chatbot
LIMITEDArt. 50
AI-ASSISTED · CONFIRMNEEDS HUMAN SIGN-OFF

Ranking candidates is an Annex III(4)(a) employment use, which is high-risk. Confirm to add it to your register.

The catalog

Every classification makes the next one faster.

A tool used a certain way carries the same classification for everyone who uses it that way. So Veillo does it once. Counsel reviews “this tool, used this way, is this tier, and here is why”, and from then on every customer who adds that tool for that use inherits the reviewed answer, with the reasoning attached.

  • Reviewed entries carry the rationale and the date. Your register is audit-defensible, not a guess.
  • A high-risk result still routes to a person. The catalog speeds up the easy calls, it does not rubber-stamp the hard ones.
  • The more the catalog covers, the more of your inventory classifies itself the moment you add a tool.

Until a lawyer signs off, an entry is marked pending review, and you always see which state it is in. Veillo builds the catalog; counsel reviews the substance.

Tool catalog · tool × use → tier
Intercom Fin
Customer-service chatbot
LIMITEDArt. 50
COUNSEL-REVIEWED
HireVue
Candidate screening
HIGH-RISKIII · 4(a)
COUNSEL-REVIEWEDCONFIRM WITH A PERSON
Otter.ai
Meeting transcription
MINIMAL
PENDING REVIEW

Illustrative. Reviewed entries apply to every customer who uses that tool that way.

03Document

The documents, generated from your inventory.

Each template is authored and reviewed by counsel. Veillo fills in your company and system specifics, and you edit, version, and export the result.

  • Edit in a rich text editor, then export to PDF or DOCX.
  • Every edit is a new version; old versions stay for the audit trail.
  • Each page carries the footer an auditor expects, including the not-legal-advice note.
Veillo · Document № 03 of 07 · v3

Human Oversight Protocol

Article 14 · HireScreen AI, high-risk under Annex III(4)(a)
1.0 Designated oversight personnel
2.0 Intervention thresholds
BREGENZ HOSPITALITYNOT LEGAL ADVICE · P. 1
The seven core documents

One set of documents, mapped to the articles that ask for them.

01Article 4

AI Literacy Policy

The baseline training and awareness your staff need to use AI responsibly.

Organisation-wide
02Article 50

Transparency Disclosures

Chatbot notices, AI-content labelling, and automated-decision explanations.

Per disclosure
03Article 14

Human Oversight Protocol

Who watches the system, what they watch for, and when they step in.

Per high-risk system
04Annex IV

Annex IV Technical Memo

The technical documentation a high-risk system has to keep on file.

Per high-risk system
05Article 9

Risk Management Procedure

How risks are found, weighed, and reduced over a system's life.

Where high-risk is present
06Article 73

Incident Response Procedure

How a serious incident is logged, escalated, and reported.

Per high-risk system
07Article 10

Data Governance Procedure

How training and input data is governed, where that duty applies.

High-risk using personal data

Veillo builds the machine that stores and fills these in. The operative legal text is written and reviewed by qualified counsel, never generated by a model.

The roadmap

Every duty your AI brings, tracked to done.

Documents are only part of it. A high-risk system also pulls in human oversight, record-keeping, worker notices, and more. Veillo reads your classified inventory and lays out exactly which duties apply to you, then tracks each one, so “where are we” becomes a number you can watch climb.

  • Built from your real inventory: add a high-risk tool and its duties appear, with the deadline attached.
  • Generate a document, confirm an operational step, or mark a duty not applicable. Every change is logged.
  • Duties that bind only some deployers, like a fundamental rights assessment, are flagged for you to confirm, never assumed.

What each duty requires is reviewed by counsel. Veillo tracks your progress; it does not give legal advice.

Compliance Roadmap · internal setup
60%6 of 10 steps complete
AI literacy policy
Article 4
Done
Human oversight · HireScreen AI
Article 14
Done
Keep the system's logs
Article 26
To do
Fundamental rights assessment
Article 27
Review

Illustrative. The duties shown are derived from your classified inventory.

04Maintain

Compliance is a practice, not a one-time audit.

The Act moves, your tools change, and an auditor wants to see that you kept up. Veillo turns that into a quiet routine.

  • Regulator updates from the AI Office and national authorities, flagged to the documents they affect.
  • A quarterly review prompt, signed off by a named person and recorded.
  • An append-only audit log of every change, exportable as CSV or PDF.
Updates
European AI Office2 days ago
Article 50 transparency guidanceaffects 2 docs
Datatilsynet (DK)1 week ago
Note on recruitment AIaffects 1 doc
Quarterly reviewdue in 12 days
Audit log1,204 entries · export
Deadlines

Know what is due, and when.

The Act phases in over several years. Veillo tracks the dates against your systems, so the next obligation is never a surprise.

2 Feb 2025Art. 4 · Art. 5IN FORCE
AI literacy & prohibited practices
Article 4 AI literacy duty and Article 5 prohibitions apply.
2 Aug 2025Ch. VIN FORCE
GPAI & governance
General-purpose AI model obligations and governance provisions apply.
2 Aug 2026Art. 502 Dec 2027
Transparency obligations
Article 50 transparency duties apply, such as disclosing AI interactions and labelling AI-generated content. Article 4 AI literacy is already in force.
2 Dec 2027Annex IIIUPCOMING
High-risk system obligations
The core deployer obligations for Annex III high-risk systems apply. Postponed from 2 August 2026 by the 2026 Digital Omnibus.
2 Aug 2028Annex IUPCOMING
Embedded high-risk systems
High-risk systems that are safety components of regulated products. Postponed from 2 August 2027 by the 2026 Digital Omnibus.
2 Aug 2030UPCOMING
Legacy systems
Systems placed on the market before the Act, in certain cases.
Built for teams

The right people, the right access.

Compliance touches legal, ops, and IT. Roles keep each person to what they need, and an external auditor can be given a read-only link to a single entity without seeing the rest.

Running a portfolio? The consultancy tier puts every client in one place. See the consultancy tier.

OwnerFull access, including billing.
AdminFull access, except billing.
EditorCan edit systems and documents.
ReviewerRead-only, can sign off quarterly reviews.
AuditorTime-limited read-only link to a single entity, for external auditors.

See where your AI stands in about five minutes.

Run the free inventory tool with no signup, or start a trial and have your first document in an afternoon.

14-day trial of Business · no card · see pricing

A note on cookies

We use strictly necessary cookies to run the site and keep it secure. With your OK, we also use privacy-respecting, EU-hosted analytics to see how Veillo is used. No advertising, no third-party trackers. Read our cookie policy.