BlogWhat we learn
What we learn
from every audit.
Technical notes, real cases and reading on the EU AI Act — written by the people who run the audits, not the ones who talk about them.
COVER
AI Act and GDPR: integrating DPIA and FRIA without duplication
Many high-risk AI systems process personal data, so the DPIA (GDPR) and the FRIA (AI Act) overlap. Here is how to run them as a single exercise.
· 4 min read
IMG
· 5 min
AI Literacy (Art. 4 EU AI Act): how to build a compliant programme
AI literacy is an EU AI Act obligation in force since 2 February 2025. Here is what Article 4 really requires and how to build a compliant, proportionate training programme.
IMG
· 3 min
Provider or deployer? Who is responsible for what under the EU AI Act
Under the EU AI Act, obligations depend on your role: provider or deployer. Here's who does what, and when a company that merely uses AI becomes a provider.
IMG
· 1 min
EU AI Act 2026: what Italian SMEs must do before enforcement begins
From 2 August 2026, oversight of high-risk AI systems begins. Here is the minimum compliance checklist for an Italian SME.