Disclosure package
What ships in the box
Six artefacts, itemised. No “we’ll get to that later” deliverables, no hidden add-ons. You see the full contents before you pay.
EU AI Act Compliance Sprint · €4,500 fixed price · 2–3 week delivery
The 6 artefacts
Each item below is a concrete deliverable, not a phase. You receive the file, you sign it off (or request changes), then we move to the next. Most clients approve all six inside 14 working days.
1. Article 50 disclosure package
Six ready-to-publish artefacts: chatbot disclosure copy, synthetic-content marking + machine-readable metadata, biometric/emotion-recognition notice, deepfake disclosure, Article 13 user-information pack (cross-cut), and the operator matrix. Each piece is signed, dated, and traceable to the specific Regulation paragraph it satisfies.
2. Article 13 user-information pack
Plain-language explanations of how your system works, what data it processes, and what the user can do about it. Designed to be embedded in your product UI, your docs site, or both. Cross-cuts Article 13 (high-risk information) and Article 50 (transparency) so you only write it once.
3. Article 12 logging spec
Six-month retention specification covering what to log, where, in what format, and how to query it for incident response. Includes the log schema, the retention policy, and a one-page operations runbook. Maps to Article 12 (logging) and feeds directly into your post-market monitoring plan.
4. Article 14 oversight UI kit
Drop-in iframe + accompanying design tokens for the human-oversight interface your deployers need. Two variants: a minimal mode for low-risk deployments and a full-control mode for high-risk. Includes accessibility notes (WCAG 2.1 AA) and a one-screen quick-reference card for end users.
5. Master compliance memo (PDF + Notion)
The single document that holds it all together. Signed PDF for the file, Notion for living updates. Includes the Article 50 scope memo, the cross-reference table from each artefact to the Regulation paragraph it implements, and a redline of the policies you'll need to update internally. This is the document your customer asks for first.
6. 30-day email support
Thirty days of post-delivery email support, 24-hour response during European business hours. Covers questions from your legal team, your customers' procurement diligence, and the regulator's clarification letters. Anything outside scope is flagged with a quote, not a surprise invoice.
What we need from you
A 30-minute kickoff call, a 60-minute mid-engagement review, and one named point of contact. Everything else we figure out from your product, your docs site, and the assessment questionnaire. If your product is in scope for Annex III (high-risk), we add the Annex IV technical file skeleton to the same engagement — see Sprint+.
What we do not do
- No legal opinion. You retain your own counsel.
- No “ongoing monitoring” contract. That’s a separate retainer.
- No “phases billed separately”. The €4,500 is the price.
- No work without a signed engagement letter. Yours to redline before signing.
How the engagement runs
- Day 0. Engagement letter countersigned. Stripe Payment Link confirms €4,500.
- Day 1–2. Kickoff call (30 min). We send the assessment questionnaire and request access to your docs site.
- Day 3–10. Drafts of artefacts 1, 2, 3 land in your inbox. You review, comment, approve.
- Day 11–14. Artefacts 4, 5, 6 land. Master compliance memo finalised.
- Day 15+. 30-day support window opens. You ship to your customers.
Ready to start?
Two options, depending on how ready you are to commit.
Or email [email protected] with questions.
Not sure which tier fits? The assessment takes 90 seconds and tells you which paragraphs apply, generates a 1-page scope memo, and recommends a tier. No email required.
