Is a self-declaration enough under the EU AI Act?

It depends on the risk classification. Many limited-risk systems rely on transparency obligations and supplier self-declaration rather than third-party conformity assessment. High-risk systems generally require a formal conformity assessment and EU database registration that a self-declaration alone does not satisfy. Confirm your classification first.

Does this make my product compliant?

No. Generating a declaration document does not create compliance — the underlying measures must actually be in place. This tool helps you structure and articulate the declaration and flags obvious gaps, but it is not legal advice and is not a substitute for a qualified compliance review.

What is risk classification under the AI Act?

The AI Act sorts systems into prohibited, high-risk, limited-risk (transparency obligations), and minimal-risk tiers. Your obligations escalate sharply with the tier. This generator is aimed at limited-risk and minimal-risk systems; if you select high-risk, it warns you that self-declaration is insufficient.

What goes in a declaration of conformity?

Typically the provider and system identity, the intended purpose, the standards or requirements relied upon, the risk classification, a statement of conformity, and the signatory. The transparency obligations — telling users they are interacting with AI and labelling synthetic content — are central for limited-risk systems.

No. The questionnaire and generated declaration run entirely in your browser; nothing is sent to a server. The output is a template you should review and adapt.

AI Supplier Compliance Declaration Generator

AI supplier compliance declaration

The EU AI Act puts obligations on providers of AI systems that scale with risk. For many limited-risk systems — chatbots, content generators, recommendation features — the core duties are transparency and a supplier self-declaration rather than a full third-party conformity assessment. This generator walks you through a structured questionnaire about your system and assembles a declaration-of-conformity template aligned with the Act’s transparency and documentation expectations, while flagging the obligations you have not yet confirmed.

How it works

You enter the basics — system name, provider, intended purpose — then pick your risk classification and tick the conformity measures you have actually implemented: a transparency notice that users are interacting with AI, labelling of synthetic content, technical documentation, human-oversight provisions, a record-keeping/logging capability, and a data-governance process. The tool checks your answers, warns clearly if you select a high-risk classification (where self-declaration is not sufficient), and assembles the rest into a clean, copyable declaration template with the unmet obligations called out so you can close them first.

Tips and notes

Confirm your risk tier before anything else. A high-risk system needs a formal conformity assessment and database registration, not a self-declaration.
The measures must be real. A declaration that asserts controls you have not built is worse than no declaration — it is a misrepresentation.
Transparency is the limited-risk core. Tell users they are dealing with AI and label AI-generated media; these are the load-bearing obligations.
Get it reviewed. Treat the output as a drafting aid for your compliance or legal function, not as legal advice.