By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Annex VIII

Information to be Submitted upon the Registration of High-Risk AI Systems in Accordance with Article 49

Updated on 31 July 2024 based on the version published in the Official Journal of the EU dated 12 July 2024 and entered into force on 1 August 2024.

Section A - Information to be submitted by providers of high-risk AI systems in accordance with Article 49(1)

The following information shall be provided and thereafter kept up to date with regard to high-risk AI systems to be registered in accordance with Article 49(1):

1. The name, address and contact details of the provider;

2. Where submission of information is carried out by another person on behalf of the provider, the name, address and contact details of that person;

3. The name, address and contact details of the authorised representative, where applicable;

4. The AI system trade name and any additional unambiguous reference allowing the identification and traceability of the AI system;

5. A description of the intended purpose of the AI system and of the components and functions supported through this AI system;

6. A basic and concise description of the information used by the system (data, inputs) and its operating logic;

7. The status of the AI system (on the market, or in service; no longer placed on the market/in service, recalled);

8. The type, number and expiry date of the certificate issued by the notified body and the name or identification number of that notified body, where applicable;

9. A scanned copy of the certificate referred to in point 8, where applicable;

10. Any Member States in which the AI system has been placed on the market, put into service or made available in the Union;

11. A copy of the EU declaration of conformity referred to in Article 47;

12. Electronic instructions for use; this information shall not be provided for high-risk AI systems in the areas of law enforcement or migration, asylum and border control management referred to in Annex III, points 1, 6 and 7;

13. A URL for additional information (optional).

Section B - Information to be submitted by providers of high-risk AI systems in accordance with Article 49(2)

The following information shall be provided and thereafter kept up to date with regard to AI systems to be registered in accordance with Article 49(2):

1. The name, address and contact details of the provider;

2. Where submission of information is carried out by another person on behalf of the provider, the name, address and contact details of that person;

3. The name, address and contact details of the authorised representative, where applicable;

4. The AI system trade name and any additional unambiguous reference allowing the identification and traceability of the AI system;

5. A description of the intended purpose of the AI system;

6. The condition or conditions under Article 6(3)based on which the AI system is considered to be not-high-risk;

7. A short summary of the grounds on which the AI system is considered to be not-high-risk in application of the procedure under Article 6(3);

8. The status of the AI system (on the market, or in service; no longer placed on the market/in service, recalled);

9. Any Member States in which the AI system has been placed on the market, put into service or made available in the Union.

Section C - Information to be submitted by deployers of high-risk AI systems in accordance with Article 49(3)

The following information shall be provided and thereafter kept up to date with regard to high-risk AI systems to be registered in accordance with Article 49(3):

1. The name, address and contact details of the deployer;

2. The name, address and contact details of the person submitting information on behalf of the deployer;

3. The URL of the entry of the AI system in the EU database by its provider;

4. A summary of the findings of the fundamental rights impact assessment conducted in accordance with Article 27;

5. A summary of the data protection impact assessment carried out in accordance with Article 35 of Regulation (EU) 2016/679 or Article 27 of Directive (EU) 2016/680 as specified in Article 26(8) of this Regulation, where applicable.

Report error

Report error

Please keep in mind that this form is only for feedback and suggestions for improvement.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.