Understanding your situation
A customer, partner, or procurement team has asked you to evidence how your AI product or service complies with the EU AI Act as part of vendor due diligence.
What you need to prepare
- ✓The due-diligence questionnaire or request
- ✓Your role and the product/system in scope
- ✓Your compliance status and supporting documentation
- ✓Data-protection and security measures (GDPR overlap)
- ✓A summary suitable for the customer's vendor file
- ✓A responsible contact
Related templates & guides
🏛️ Authority
The requesting customer, partner, or procurement team.
⚖️ Legal basis
Regulation (EU) 2024/1689 obligations relevant to your role; GDPR where personal data is processed; contractual AI-compliance clauses.
Expert tips
- 1Answer the questionnaire's questions directly and in its order.
- 2Provide a short compliance summary the customer can file.
- 3Reference documentation you can share under NDA if needed.
- 4Address the GDPR overlap if the system processes personal data.
- 5Give a named contact for technical or legal follow-up.
Frequently Asked Questions
What does a customer expect in an AI due-diligence response?
A direct answer to each question, identification of your role and the product in scope, your compliance status, references to supporting documentation, treatment of any GDPR overlap, and a named contact for follow-up.