If your SaaS product uses AI and serves EU customers, the EU AI Act applies — even if you're headquartered outside Europe. Most AI features trigger at least Article 50 transparency obligations in 74 days. Some may be high-risk with a 561-day deadline.
Article 50 requires that users interacting with AI know they're interacting with AI. This applies to nearly every AI-powered SaaS feature.
Any AI chatbot, virtual assistant, or support agent that interacts with EU users must disclose it is AI-powered
Text generation, code completion, email drafting, or any feature where AI creates content users may believe is human-written
Synthetic media features, avatar generators, or AI-created visuals must be labelled as AI-generated
AI that analyses tone, emotion, or intent in user communications must inform users the analysis is happening
If your AI makes or influences decisions about people in these categories, you face the full set of 10 high-risk obligations.
Not every feature with "AI" in the name triggers obligations. Pure rule-based systems and internal-only tools may be exempt.
Not sure? The free classifier takes 5 minutes and tells you exactly where your system falls.
Your role determines your obligations
If you build and ship the AI model, you're a provider — full obligations apply. If you integrate a third-party AI (OpenAI, Anthropic, etc.) into your product, you may be a deployer with lighter obligations — but you're still responsible for transparency, human oversight, and ensuring the system is used as intended. Many SaaS companies are both provider (of their product) and deployer (of the underlying model).
Read: Deployer vs Provider — which are you? →