EU AI Act high-risk obligations apply from 2 August 2026
Which risk class does your AI system fall into?
Answer a few questions and find out in under two minutes whether your use of AI is prohibited, high-risk, subject to transparency duties or only minimally regulated under the EU AI Act — free, no sign-up.
🔒 Your answers stay in your browser. Nothing is sent to a server and no personal data is collected — the classification runs entirely on your device.
The check places your system into one of these risk tiers:
In under two minutes, one question at a time. Hover over technical terms for an explanation.
Your result
Art. 5 AI Act
Prohibited practice (Art. 5)
Based on your answers, your system falls under a practice prohibited by Art. 5. Such systems generally may not be placed on the market, put into service or used in the EU; violations carry the AI Act's highest fines. Only for real-time remote biometric identification for law-enforcement purposes (Art. 5(1)(h)) do narrow statutory exceptions exist and require separate legal assessment; the other Art. 5 prohibitions have no such exception. This is an orientation, not legal advice – please obtain qualified legal counsel.
→ Have the use case legally reviewed before proceeding.
Art. 6(1) AI Act
High-risk AI as product safety component (Art. 6(1))
Based on your answers, your AI system is part of a product (or itself a product) under an Annex I harmonisation law and undergoes third-party conformity assessment. It therefore qualifies as a high-risk AI system and must meet the Chapter III requirements (risk management, data quality, technical documentation, human oversight, accuracy/robustness), integrated into the existing product conformity procedure. This is an orientation, not legal advice.
→ Align the AI Act duties with your existing product conformity procedure.
Art. 6(2) i. V. m. Anhang III AI Act
High-risk AI system (Art. 6(2), Annex III)
Based on your answers, your system is used in an Annex III area and qualifies as high-risk (possibly reinforced by profiling of natural persons). Extensive Chapter III duties apply: risk management, data governance, technical documentation, logging, transparency, human oversight, accuracy/robustness/cybersecurity, plus EU-database registration (Art. 49). Any Art. 50 transparency duties apply in addition. This is an orientation, not legal advice.
→ Plan a high-risk AI conformity programme and check for a possible Art. 6(3) exception.
Art. 6(3), Art. 6(4), Art. 49(2) AI Act
Annex III area, but exception possible (Art. 6(3))
Your system is in an Annex III area but, per your answers, meets one of the four narrow Art. 6(3) conditions and does not materially influence decision-making – it is therefore likely NOT high-risk. However, you must document this assessment before placing it on the market (Art. 6(4)) and register in the EU database (Art. 49(2)); authorities may request the documentation. Important: as soon as any profiling of natural persons occurs, the exception falls away and the system is always high-risk. This is an orientation, not legal advice.
→ Carefully document the exception and register per Art. 49(2).
Art. 50 AI Act
Transparency obligations (Art. 50)
Based on your answers, your system is subject (only) to Art. 50 transparency duties: e.g. disclosing AI interaction, machine-readable marking of synthetic content, informing about emotion/categorisation systems, or labelling deepfakes. Based on your answers, no prohibited or high-risk categories were triggered, so only these transparency duties apply – affected persons must be clearly and timely informed. This is an orientation, not legal advice.
→ Implement the applicable marking and disclosure duties.
Art. 4 AI Act
Minimal risk – no product-specific obligation
Based on your answers, your system triggers no prohibited, high-risk or transparency-relevant categories. It is subject to no product-specific AI Act duties. However – as for all AI actors – the AI-literacy duty (Art. 4) applies. This is an orientation, not legal advice; re-classify if the intended use changes.
→ Ensure AI literacy among your staff (Art. 4).
Art. 2 AI Act
Out of scope (Art. 2)
Based on your answers, your use falls exclusively under a scope exclusion (purely personal, national security/defence, pure research & development, or no EU nexus). The AI Act does not currently apply to this use. As soon as professional/commercial EU use is added or the system is placed on the market, the exclusion ends and re-classification is required. This is an orientation, not legal advice.
→ Re-classify if the purpose or market access changes.
Art. 3(1) AI Act
Not an AI system under the AI Act
Based on your answers, your system does not infer its outputs but follows fixed, human-coded rules. It therefore does not meet the definition of an AI system (Art. 3(1)) and the AI Act does not apply. Other laws (e.g. data protection, product safety) may still apply. This is an initial orientation, not legal advice.
→ If you add inference/learning, re-run this classification.
Decisive for this classification:
Additional transparency duties (Art. 50)
Regardless of the risk tier, these duties apply to your system:
Art. 50(1) — Direct interaction (Art. 50(1)): affected persons must be able to tell they are interacting with an AI system (e.g. a chatbot notice) — unless it is obvious.
Art. 50(2) — Synthetic content (Art. 50(2)): as a provider you mark AI-generated audio, image, video or text output as artificially generated or manipulated, in a machine-readable format.
Art. 50(3) — Emotion recognition / biometric categorisation (Art. 50(3)): as a deployer you inform affected persons that the system is in operation and process personal data in line with the GDPR.
Art. 50(4) — Deepfakes / AI text on matters of public interest (Art. 50(4)): as a deployer you disclose that the content is artificially generated or manipulated. For manifestly artistic, satirical or fictional works, an appropriate disclosure that does not spoil the work suffices.
Additionally: provider of a GPAI model
Art. 51–55 — In addition: as a provider of a general-purpose AI (GPAI) model you have separate obligations — technical documentation and information for downstream providers, a copyright-compliance policy and a summary of the training content (Art. 53). For a model with systemic risk, the Art. 55 obligations apply on top. These duties apply regardless of the risk tier of your specific use above.
Next step
Have your system checked document-precise against the EU AI Act, DORA & GDPR — every legal citation machine-verified against EUR-Lex.
This classification is an automated orientation aid, not legal advice. What governs is the statutory text and the circumstances of your specific case; when in doubt, seek qualified advice.