AI Act for Retail & E-commerce: Which AI Systems Are High-Risk and What You Must Do

Under the EU AI Act (Regulation 2024/1689), the following AI applications in Retail & E-commerce are classified as high-risk and require full conformity assessment before August 2, 2026:

Generally minimal risk. Exceptions: biometric customer tracking, emotion recognition, dynamic pricing affecting essential services

These systems fall under Article 50 transparency, Article 5 (emotion recognition ban in certain contexts). Providers must implement risk management (Article 9), maintain technical documentation (Article 11), ensure data governance (Article 10), and enable human oversight (Article 14).

Transparency for chatbots/virtual assistants. No emotion recognition for in-store surveillance. Disclosure of AI-generated content.

Providers (developers of AI systems) bear primary compliance responsibility: conformity assessment, CE marking, EU database registration, and post-market monitoring.

Deployers (companies using AI systems) must ensure human oversight, conduct Fundamental Rights Impact Assessments where required, and maintain usage logs.

AI Act enforcement begins August 2, 2026. No precedent currently exists. This page will be updated as enforcement cases emerge.

Penalties for non-compliance range up to EUR 35 million or 7% of global annual turnover for prohibited practices, and EUR 15 million or 3% for other violations.

• AI Act High-Risk Classification Guide
• Conformity Assessment: Step-by-Step
• Fines and Penalties Across EU
• August 2026 Deadline Checklist