Using AI?
The AI Act now
sets the rules.
The EU AI Regulation applies — whether you build AI yourself or simply use it. Wait too long and you risk fines, operating bans and lasting damage to your reputation. We make your company AI-Act-compliant — pragmatically, quickly and from a single source.
The EU's new AI law —
without the legalese.
The EU AI Act is the world's first comprehensive legal framework for artificial intelligence. It classifies AI systems by their risk and defines the obligations that apply to companies that use, develop or provide AI — regardless of industry or company size.
Not a voluntary standard — a law.
The EU AI Act (Regulation EU 2024/1689) is directly applicable EU law. It applies to every company that uses, provides or develops AI systems in the EU — even if the company is based outside the EU. Ignorance is no protection from liability.
Almost everyone who uses AI.
Providers that develop or place AI on the market. Deployers that use external AI systems (ChatGPT, Copilot, in-house analytics tools). Importers and distributors. Public bodies and municipalities, too. Anyone who touches AI is affected — in one form or another.
Up to €35 million or 7% of turnover.
The AI Act provides for tiered fines: up to €35 million or 7% of global annual turnover for prohibited AI practices, and up to €15 million for other violations. On top of that come operating bans, public reprimands and civil liability risks for management.
Four tiers — very different obligations.
Most AI applications
AI in spam filters, product recommendations or games. No mandatory requirements — a voluntary code of conduct is recommended.
Chatbots & generative AI
Transparency obligation: users must know they are interacting with AI. AI-generated content must be labelled as such.
HR, credit, healthcare & more
Strict requirements: technical documentation, risk analysis, human oversight, logging, conformity assessment. Deployers and providers bear full responsibility.
Social scoring & manipulation
AI systems for the social scoring of individuals, subliminal manipulation techniques and real-time biometric surveillance have been fully prohibited since February 2025.
The dates you should
keep on your radar.
The EU AI Act takes effect in several phases. Not every deadline is equally relevant — but the critical ones you can't ignore.
Entered into force
Regulation (EU) 2024/1689 was published and is directly applicable law in all EU member states.
CompletedBans in effect
Prohibited AI practices (Art. 5) and AI literacy obligations for staff (Art. 4, "AI literacy") apply.
Now in forceGPAI & labelling
Rules for general-purpose AI models (GPAI), labelling obligations for AI content and national supervisory authorities become active.
Now in forceHigh-risk AI
Full application for all high-risk AI systems (Annex III). Documentation, logging and conformity must be in place.
Critical deadlineTransition periods
Final deadlines for high-risk AI in Annex I products already placed on the market (CE-marked machinery, medical devices, etc.).
FutureWhat happens if you do nothing?
The choice is simple: act now and create clarity — or wait and accept the risk. The comparison below shows what's at stake.
Without AI Act compliance
- ✕ Fines of up to €35 million or 7% of global annual turnover
- ✕ Operating bans for non-compliant AI systems
- ✕ Reputational damage with customers, partners and the public
- ✕ Competitive disadvantages against compliant rivals
- ✕ Personal liability risks for management
- ✕ Costly retrofitting under time and regulatory pressure
AI-Act-ready with Pixelschnitzel
- ✓ Legal certainty for every current and planned AI system
- ✓ Governance structures that hold up for new systems too
- ✓ Clear documentation as a trust signal for customers and authorities
- ✓ A competitive edge through demonstrable, certifiable compliance
- ✓ A proactive strategy instead of reactive box-ticking under pressure
- ✓ Peace of mind for management — documented and audit-proof
Not just theory —
finished compliance.
Plenty of consultants will explain the AI Act to you. We get it done. From risk analysis to technical documentation to governance structure — all from a single source, practical and tailored to your company.
Request a free consultation →BVMID-certified
Recognised AI expertise, not an off-the-shelf consultant.
Finished documentation
We deliver audit-proof documents, not just recommendations.
Technical & legal
Both sides combined — software and compliance from one source.
Personally reachable
No ticket system. A direct contact, based in the Ruhr region.
From analysis to
finished compliance.
Free initial consultation
45–60 minutes. We get to know your starting point: which AI systems are in use, what the biggest risk is, and what the most sensible next step looks like.
Inventory & assessment
A structured survey of all AI systems, tools and processes — including shadow AI, external providers and automated decisions that may count as AI.
Risk classification
For each system we determine the risk class under the AI Act. A clear categorisation instead of a grey area: minimal risk, limited risk, high risk or prohibited.
Documentation & governance
We produce the required technical documentation, usage policies and approval processes. All practical, in writing, audit-proof.
Vendor checks & adjustments
A close look at external AI services: data processing agreements, data flows, provider compliance. Where needed, we support technical adjustments directly.
Ongoing support
On request: regular reviews, updates when new systems or legal changes arise, and a direct contact for every AI compliance question.
The right offer
for your situation.
From a first overview to complete, lasting compliance — we tailor the package to where you stand and to your timeline.
The fast entry point. In a structured workshop we analyse your AI systems, name the risks and deliver a first written action plan.
- Analysis of existing AI systems (up to 5 systems)
- Initial risk classification under the AI Act
- Identification of shadow AI
- Prioritised action plan (in writing)
- Results presentation for management
Complete AI Act readiness in one focused sprint. The result: documentation, processes and a clear action plan.
- Full inventory of all AI systems
- Risk classification & requirements profile per system
- Technical documentation (compliant, audit-proof)
- Governance policies & usage rules
- Vendor checks of relevant providers
- Action plan with priorities & timeline
- Closing workshop & handover
Once the plan is set and implementation begins. We support technical and organisational measures step by step.
- Implementation of concrete compliance measures
- Technical adjustments to AI systems
- Implementation of logging & monitoring
- Integration of transparency and labelling solutions
- Documentation on completion of each module
Ongoing support for companies that want to keep the AI Act under control for the long term — without building up their own resources.
- Regular reviews of existing documentation
- Monitoring of legal changes & updates
- Updates for new AI systems or providers
- Quarterly report with compliance status
- A direct contact for all questions
Florian Brosig —
your AI Act expert.
"Compliance projects don't fail because of the law — they fail because no one knows where to start. That's exactly where we come in — with a clear view and no consultant overhead."
What companies ask us
most often.
Yes. The AI Act applies to every company that uses (as a deployer) or develops (as a provider) AI systems in the EU — regardless of industry, size or origin. If you use ChatGPT in sales, an AI tool in HR or an automated analytics system, you're affected as a deployer and have concrete obligations. This also applies to companies based outside the EU.
A provider develops or markets AI systems (for example, a software company offering an AI product). A deployer uses an existing AI system within their own company. Both carry obligations, but different ones. For deployers: documenting use, risk classification, staff training, and correct use in line with the provider's instructions. For providers, technical requirements, conformity assessment and CE marking are added on top.
Yes — as a deployer you also have obligations when using external AI tools. You need to ensure that usage is documented, that no high-risk applications run without appropriate governance, and that staff are informed about the risks and limits of the systems in use. You also need to review data processing agreements with the providers — and many companies have significant catching up to do here.
Absolutely. The AI Act doesn't distinguish between whether you develop AI or merely use it. As a deployer you're obliged to keep an inventory of the AI systems in use, know their risk class, train your staff and take additional measures for high-risk AI. Companies that use many external tools often have the greatest need to act.
A Quick Scan usually takes 1–2 weeks and includes a structured workshop day at your premises, an analysis of up to 5 AI systems and a written report with prioritised measures. You get a clear picture of where you stand, what's urgent — and a concrete plan for what to do next. No consultant overhead, no impenetrable jargon.
Yes — significantly. On-premise AI systems that run on your own infrastructure and send no data to external cloud services are far easier to document, control and audit. You reduce the risk of uncontrolled data sharing, make governance measures easier to demonstrate, and often arrive at the more pragmatic solution for mid-sized companies. We also advise on building on-premise AI infrastructure — more on that here.
Clarity on your
AI compliance in 60 minutes.
In the free initial consultation we analyse your starting point together — which systems are affected, what's genuinely urgent and what you should do next. No obligations, no overhead.
Tailored.
And honestly calculated.
Every project is different, so we don't work with list prices. We make the numbers transparent before any investment — including a business case and a concrete ROI if you want one.
Built around your business processes. From a small tool to a complete platform. What it costs and what it returns — we'll tell you after the first call.
RAG, chatbots, on-premise models, OCR, mail classification. We start where AI delivers measurable value — not where the hype is.
Server and GPU prices are highly volatile right now. We provide an up-to-date calculation before you approve any order.
Lean structures. No sales machine that costs more than the development itself. No corporate overhead. Thanks to our lower cost structure, we're below market price for comparable work — provable in a side-by-side quote.
On request, we calculate a complete business case with a concrete ROI before the project starts. So you decide on impact, not on price.
As soon as a problem is technically solvable, we're on it. There is no "can't be done" here without a reason — and usually with a pragmatic alternative.