№ 01 — FILING № 2024/1689 · EU OFFICIAL JOURNAL
EU AI ACT COMPLIANCE FOR SAAS
ARTICLE 50 DEADLINE before 2 August 2026. ANNEX III HIGH-RISK BY DECEMBER 2027. ANNEX I EMBEDDED BY AUGUST 2028. ONE AUDIT COVERS ALL THREE WAVES.
Three compliance waves through 2028. The AI Omnibus pushed high-risk obligations 18 months, but Article 50 still hits 2 August 2026. Most SaaS need Article 50 work now and Annex III prep before late 2027. Audits start at €997.
You'll pay €997 to Stripe. Intake form opens after payment. 100% refund if not Article 50 compliant by 2 August 2026.
FIVE-DAY DELIVERY · NO CALLS REQUIRED · REFUND GUARANTEED IF NOT ARTICLE 50 COMPLIANT BY 2 AUGUST
INCLUDED FREE: 12 months of EU AI Act monitoring with every audit. After your audit we watch the Act for you for a year and email you when something changes that affects you.
"Providers shall ensure that natural persons are informed that they are interacting with an AI system."
ART. 50(1), EU AI ACT
WAVE 1: ARTICLE 50 (NOW)
Chatbots, AI-generated content, deepfakes, biometric disclosures. Deadline: 2 August 2026. Audit and disclosure code in 5 days. €997, refund guaranteed.
WAVE 2: ANNEX III HIGH-RISK (DEC 2027)
CV screening, credit scoring, education grading, biometric ID, healthcare triage. Pushed by the AI Omnibus to 2 December 2027. 18 months to prepare properly. Annex III readiness audit available — book a scope call.
WAVE 3: ANNEX I EMBEDDED (AUG 2028)
AI built into machinery, medical devices, toys, lifts. Pushed to August 2, 2028. 26 months. Most pure SaaS does not land here, but if your product embeds AI into hardware sold in the EU, this applies.
AI Omnibus update (May 2026): high-risk obligations pushed to December 2027. Article 50 transparency obligations unchanged at 2 August 2026.
We audited disclos.eu against the EU AI Act and published the full report. Read it →
FOUR ASSUMPTIONS THAT PUT FOUNDERS IN THE €15 MILLION BAND
"WE'RE OUTSIDE THE EU, SO IT DOESN'T APPLY TO US."
The Act applies to any provider or deployer whose AI system is used by persons located in the EU. Country of incorporation is irrelevant. If your sign-up page accepts European email addresses, you are in scope.
"...irrespective of whether those providers are established within the Union or in a third country."
ART. 2(1)(A), EU AI ACT
"OUR MODEL PROVIDER HANDLES COMPLIANCE."
Using OpenAI, Anthropic, or another GPAI provider does not transfer your obligations. You are the deployer. Article 3(4) defines 'deployer' as any entity placing an AI system into service under its authority. Disclosure obligations belong to you.
"Deployer means a natural or legal person... that uses an AI system under its authority."
ART. 3(4), EU AI ACT
"WE DON'T USE 'AI' — WE JUST USE AN API."
The Act's definition of an AI system is intentionally broad: machine learning, logic-based systems, statistical approaches. If you call an inference endpoint and surface results to users, you are deploying an AI system under the Act.
"'AI system' means a machine-based system that... can, for a given set of objectives, generate outputs such as predictions, recommendations, decisions or content."
ART. 3(1), EU AI ACT
"THE AI OMNIBUS KILLED THE DEADLINE."
The AI Omnibus pushed high-risk obligations to December 2027 and embedded systems to August 2028. Article 50 transparency obligations and the penalty regime were unchanged — they still apply on 2 August 2026. Most SaaS face Article 50 first.
"Providers of AI systems intended to interact directly with natural persons shall ensure that AI systems are designed and developed in such a way that the natural persons concerned are informed that they are interacting with an AI system."
ART. 50(1), EU AI ACT — DEADLINE UNCHANGED AT 2 AUGUST 2026
OUR TEAM. FIVE DAYS. DONE.
Every audit reads your product end-to-end, classifies each AI surface against the Act, and returns a document pack your lawyer can review in under 20 minutes.
AI FEATURE MAP
Every place AI is used in your product — chat, autocomplete, image, voice, classification, scoring — surfaced and tagged with the risk category that applies.
ARTICLE-BY-ARTICLE GAP REPORT
What the law requires. What your app does. Where the delta is. With screenshots of your actual UI and the specific clause that applies.
COPY-PASTE DISCLOSURE CODE
React and HTML components for every AI feature. Plain-language wording in twenty-four EU languages. Drop in, ship, compliant.
TEMPLATES & ADDENDA
Model cards, transparency notices, DPA AI addendum, public trust page. Each one editable, branded, ready to forward.
PERSONAL LOOM WALKTHROUGH
A ten-minute video walking through your specific findings, recorded after the audit. Forward it to your CTO, your lawyer, your board.
30-DAY FOLLOW-UP
A check-in before 2 August. Re-audit at half price if the law changes or you add new AI features.
FIVE DAYS TO COMPLIANT.
DAY 0
SUBMIT YOUR BRIEF
Fill in the ten-question intake form. No call needed. Your product URL, AI features, and current compliance status. Takes under 5 minutes.
DAYS 1–3
WE AUDIT AND WRITE
We click through your product as a European end-user. We classify each AI feature. We write your specific gap report, disclosure code, and document templates.
DAYS 4–5
REPORT IN YOUR INBOX
One link. PDF report, code pack, templates, and a personal Loom walkthrough. Forward to your lawyer, CTO, or board. Implement before 2 August.
2 AUGUST 2026 — NON-NEGOTIABLE
DON'T WAIT FOR JULY.
Audits booked in June deliver in five days. Late July, the queue stretches to two weeks. After 2 August, fines start. Book now and be done before enforcement.
REFUND GUARANTEED · EU-BASED RESEARCH TEAM · NO CALLS REQUIRED
SOURCES + REFERENCES
Disclos is not a law firm. We deliver researched compliance checklists mapping your product against the published EU AI Act. This is not legal advice. Binding legal opinions require a qualified lawyer.