Concura
Concura — EU AI Act compliance, regulatory-grade
Article 50 is enforceable 2 Aug 2026 — Omnibus does not defer it.

EU AI Act Article 50 compliance, sorted in 14 days.

A fixed-scope, fixed-price disclosure package for EU AI SMEs. Chatbot disclosure UX, machine-readable labels, six-month log retention policy. From “do we even need this?” to a downloadable, regulator-ready document set your customers and investors can read.

From €4,500 fixed. No hourly billing. 2–3 week delivery.

Regulator-ready

Citations to Article 50 §1–§4, Article 13 user-information cross-cut, Article 12 logging. Every artefact maps to a regulation paragraph.

2–3 week delivery

Discovery call on Day 1. Master document + readout call on Day 12. Email support for 30 days (Sprint) or 90 (Sprint+).

Not a law firm

Technical compliance engineering — disclosure deliverables, not legal opinions. Lawyer referrals in every member state for reserved-practice work.

What you get

Six artefacts. One document set.

Every Sprint delivery is built around six artefacts, each mapped to a specific Article 50 paragraph and reviewed against your actual product surfaces — no generic boilerplate.

  • Article 50 Scope Memo

    3–5 page memo naming exactly which §1–§4 paragraphs apply to your system — and what is out of scope.

  • Disclosure UX copy

    Drop-in strings for chatbot banners, AI-generated content metadata blocks, biometric / deepfake notices. Locale-aware.

  • Machine-readable marking spec

    JSON-LD schema and metadata-injection pattern designed for your content pipeline (S3, Vercel Blob, Mux, custom).

  • Article 12 logging spec

    Events, fields, six-month retention default, tamper-evident signing pattern. What your AI Act auditor will ask for.

  • Article 14 oversight UI

    Confidence display, override button, override audit log, escalation flow. Drop-in iframe / SDK for your product.

  • Master compliance memo

    Signed, dated, versioned. One PDF your regulator, your customers, and your investors can all read.

Pricing

Two tiers. Fixed scope. Hidden pricing is not for us.

Both prices are below the boutique single-system documentation band (€4–10k) per the Wavect market reference. Scope is a deliverable slice, not a full-readiness engagement.

Sprint

€4,500/ fixed

50% deposit, 50% on delivery

  • Article 50 disclosure package (the 6 artefacts)
  • Article 13 user-information pack (cross-cut)
  • Article 12 logging spec, 6-month retention
  • Article 14 oversight UI kit, drop-in iframe
  • 30-day email support
  • Master compliance memo (PDF + Notion)
Buy Sprint
Most popular

Sprint+

€7,500/ fixed

Everything in Sprint + Annex III prep

  • Everything in Sprint
  • Article 9 risk-management pack (4 artefacts)
  • Article 10 data-governance pack (5 sub-artifacts)
  • Annex IV 9-section technical file skeleton
  • Article 27 FRIA memo (private deployers)
  • Biometric double-verification design review
  • 90-day email support
Buy Sprint+

Not ready to commit? Take the self-assessment first →

How it works

From intake to delivery in 12 working days.

  1. 1

    Take the self-assessment

    90 seconds. Five questions to map your Article 50 surface and recommend a tier.

  2. 2

    Sign in + submit intake

    We email a magic link. The intake form captures your AI feature surfaces, deployment context, and three gating questions.

  3. 3

    Discovery call (60 min)

    We walk through your product together. We send the Article 50 Scope Memo the same day.

  4. 4

    Draft + readout

    Five to ten working days to draft the six artefacts. 90-minute readout call. Final delivery, balance invoice.

  5. 5

    30 / 90-day support

    Email support for any clarification. At Day 90 we check whether your scope has changed.

Frequently asked

Honest answers.

What if we already have a privacy policy?

+

A privacy policy is not Article 50 documentation. The deliverables map to specific Article 50 paragraphs and give your customers and regulator something they can actually read end-to-end.

Is this legal advice?

+

No. We deliver technical compliance engineering — disclosures, schemas, UX copy, logging specs. For legal opinions, regulator correspondence, or reserved-practice work, we refer to qualified counsel in the relevant member state (we have a referral list across DACH, NL, FR, ES, IT).

Why is the deadline not 2 December 2027 (the AI Act Omnibus deferral)?

+

The 2027 deferral covers Annex III high-risk obligations only. Article 50 transparency obligations (chatbots, synthetic content, biometric categorisation, deepfakes, public-interest AI text) are still enforceable 2 August 2026. If you have any of those features, the August date binds.

What if our roadmap changes between deposit and delivery?

+

Scope is frozen at Day 4 of the engagement. Material changes after that move to a 'Phase 2 addendum' memo with a re-priced delta — protects both of us.

Can we pay in USD / GBP / non-EUR?

+

Stripe handles FX on the test-mode checkout. For production invoices in non-EUR, we can invoice in USD with manual bank transfer.

What's the difference between Sprint and Sprint+?

+

Sprint covers Article 50 transparency + the back-end ops artefacts (Articles 12, 13, 14). Sprint+ adds Article 9 risk-management, Article 10 data-governance, the Annex IV 9-section skeleton, FRIA, biometric design review, and 90-day (vs 30-day) support. Sprint+ is for multi-system deployments or companies planning EU enterprise sales in 2027.

Free 15-minute Article 50 gap review.

Send us a quick note with your product URL and the AI feature you’re worried about. We’ll come back with a 1-page written gap memo within one business day — no pitch, no obligation.