Blog

The EU compliance field guide
for SaaS teams.

Plain-English explainers on the EU AI Act, GDPR, and the European Accessibility Act — written for the people actually shipping the code.

All posts annex-iii · 2 article-26 · 2 article-50 · 1 chatbot · 1 checklist · 2 compliance-plan · 3 deadlines · 1 deployer · 3 dpia · 1 eu-ai-act · 10 fria · 1 gdpr · 1 high-risk · 4 limited-risk · 1 provider · 1 risk-classification · 2 saas · 3 templates · 2 transparency · 1 vendor-management · 1

eu-ai-act compliance-plan checklist high-risk limited-risk

EU AI Act Compliance Checklist for SaaS (2026 Edition)

30-step EU AI Act compliance checklist for SaaS founders. Risk tiers, deadlines, documentation, and a free PDF download. Updated 2026.

May 12, 2026 11 min read Read →

eu-ai-act vendor-management deployer article-26 templates

The AI Act Vendor Questionnaire: What to Ask Your AI Providers (and the Red Flags)

If you deploy a third-party AI system, Article 26 makes you responsible for verifying your provider. Here's the questionnaire you should be sending — 25 questions across 6 categories, with the red-flag answers.

Apr 29, 2026 9 min read Read →

gdpr dpia fria eu-ai-act templates

DPIA Template for AI Systems: A Plain-English Walkthrough (GDPR Article 35 + AI Act Article 27)

When you need a DPIA for an AI system, what Article 35(7) actually requires, and how to combine it with a Fundamental Rights Impact Assessment so you write the document once instead of twice.

Apr 27, 2026 10 min read Read →

eu-ai-act annex-iii high-risk checklist

The Annex III Checklist: A 10-Question Test for Whether Your AI Is High-Risk

A copy-and-paste checklist for the eight Annex III high-risk categories of the EU AI Act. Ten yes/no questions, and what each yes triggers.

Apr 25, 2026 8 min read Read →

eu-ai-act chatbot article-50 transparency

Is My Chatbot High-Risk Under the EU AI Act?

Almost no chatbots are high-risk under the EU AI Act — most fall under Article 50 (limited-risk transparency). Here's how to tell which one you have, and what to do about it.

Apr 23, 2026 8 min read Read →

eu-ai-act article-26 deployer saas

Article 26 of the EU AI Act: What Deployers Actually Owe (and Why Most SaaS Teams Are Deployers)

If you use a third-party AI system in a high-risk context, you're a deployer under the EU AI Act. Article 26 is shorter than the provider obligations but non-trivial — here's what it actually requires.

Apr 21, 2026 10 min read Read →

eu-ai-act saas compliance-plan provider deployer

The EU AI Act for SaaS Companies: A Plain-English Field Guide

What the EU AI Act actually means if you ship a SaaS product with AI features into the European Union — written for the founder, not the lawyer.

Apr 19, 2026 10 min read Read →

eu-ai-act risk-classification saas

Is Your SaaS High-Risk Under the EU AI Act? A Practical Checklist

A 10-question checklist that maps common SaaS features to EU AI Act risk tiers — so you know in under 15 minutes whether Article 6 and Annex III apply to you.

Apr 18, 2026 9 min read Read →

eu-ai-act deadlines compliance-plan high-risk

The EU AI Act Deadline Is August 2, 2026 — Here's What SMB SaaS Teams Should Do in the Next 90 Days

August 2, 2026 is when Articles 6–27 of the EU AI Act fire for Annex III high-risk AI. A 90-day playbook for SMB SaaS teams who realised too late — and why the Digital Omnibus rumour won't save you.

Apr 18, 2026 10 min read Read →

eu-ai-act annex-iii high-risk risk-classification

Annex III Explained — 8 Categories That Make Your AI High-Risk

The 8 EU AI Act Annex III categories, each with real SaaS examples, the obligations they trigger, and a 'you're probably not in this category if…' note so you don't over-scope.

Apr 18, 2026 11 min read Read →

The EU compliance field guide for SaaS teams.