Skip to main content

Description

Transparency disclosure tracking ensures compliance with the EU AI Act Articles 12 and 19: Article 12 requires information to be provided to users, and Article 19 requires comprehensive record-keeping for high-risk AI systems. The system enables compliance officers to monitor which AI interactions require transparency notifications based on automated risk classification and use case categorization, track disclosure status with completion rates and timeliness metrics, verify that end users received appropriate notifications about AI-generated content or automated decision-making, and maintain audit trails of all disclosure activities. Transparency requirements apply to high-risk AI systems under Annex III, including biometric identification, critical infrastructure management, education and employment decisions, essential services, law enforcement, migration control, and justice systems. Compliance officers can mark requests requiring disclosure, track notification delivery, document exemptions where disclosure is not required, and generate transparency compliance reports. The system supports customizable disclosure templates aligned with organizational policies and regulatory requirements, automated disclosure workflows for common scenarios, and exception handling for sensitive contexts where disclosure may be delayed or modified. This feature exists to ensure compliance with EU AI Act transparency obligations, maintain user trust, and provide audit-ready documentation of disclosure practices. It is primarily used by compliance officers for ongoing monitoring, legal counsel for policy development, and operations teams for implementing disclosure workflows.

Example

A compliance officer identifies 15 high-risk customer service interactions that require transparency disclosures, in which an AI system made automated decisions about service eligibility without human involvement. She reviews each request context to confirm disclosure requirements apply, marks them as “Disclosure Required” in the system, and verifies through the disclosure tracking dashboard that automated email notifications were sent to all affected customers within 24 hours informing them that AI was used in the decision-making process and providing instructions for requesting human review. She documents two cases in which disclosure was delayed due to ongoing fraud investigations under legal exception policies, generates a transparency compliance report showing a 98% timely disclosure rate, and presents the findings at the monthly compliance review meeting, demonstrating ongoing compliance with Article 12.

EU AI Act Transparency Requirements

Article 12: Information to Users

Requirement Overview Users must be informed when interacting with high-risk AI systems, particularly:
  • When subject to AI system decisions
  • When AI-generated content is involved
  • When biometric identification is used
  • When automated profiling occurs
Information to Provide
  • That AI system is being used
  • Purpose and context of AI usage
  • How AI contributes to decision-making
  • Right to request human intervention
  • Contact information for questions
  • Explanation of AI system capabilities and limitations

Article 19: Record-Keeping

Requirement Overview High-risk AI system providers must maintain logs sufficient to:
  • Demonstrate compliance with transparency obligations
  • Show what information was provided to users
  • Document when and how disclosures were made
  • Track user acknowledgments or objections
Log Requirements
  • Automatic logging enabled
  • Logs retained for appropriate period (typically 1-5 years)
  • Logs available for supervisory authority inspection
  • Logs protected against tampering (immutable audit trails)
PromptMetrics combines transparency tracking (Article 12) with automatic log retention (Article 19) in an integrated compliance solution.

When Transparency is Required

High-Risk AI Systems Under Annex III

Transparency disclosures are typically required for: Biometric Identification Systems
  • Real-time biometric identification in public spaces
  • Post (non-real-time) biometric identification
  • Biometric categorization systems
  • Emotion recognition systems
Critical Infrastructure
  • AI systems managing essential infrastructure (water, energy, transport)
  • Decisions affecting infrastructure safety or availability
Education and Vocational Training
  • AI-based student assessment or grading
  • Educational institution admission decisions
  • Vocational training evaluation
Employment Decisions
  • Recruitment candidate selection or screening
  • Promotion or demotion decisions
  • Task allocation or performance monitoring
  • Employment termination decisions
Essential Services
  • Creditworthiness assessment
  • Credit scoring or loan approval
  • Insurance risk assessment and pricing
  • Emergency service prioritization
  • Public benefit eligibility determination
Law Enforcement
  • Risk assessment for crime prediction
  • Evidence evaluation or case prioritization
  • Suspect identification or profiling
Migration and Border Control
  • Asylum or visa application assessment
  • Border crossing risk evaluation
  • Immigration status determination
Justice and Democratic Processes
  • Legal case outcome prediction
  • Electoral process influence detection
  • Democratic decision support systems

Limited-Risk Transparency

Additional transparency required for:
  • Chatbots: Users must know they’re interacting with AI
  • AI-Generated Content: Clear labeling of synthetic content
  • Emotion Recognition: Users informed of emotion analysis
  • Biometric Categorization: Users notified of categorization

Marking Requests for Disclosure

Disclosure Workflow

1

Identify High-Risk Interactions

Review automated risk classifications in Request History to identify requests requiring transparency disclosure.
2

Validate Disclosure Requirement

Examine request context, prompt content, and use case to confirm transparency obligation applies.
3

Mark as Disclosure Required

In request detail view, click “Mark for Transparency Disclosure” button to flag the request.
4

Select Disclosure Template

Choose appropriate disclosure template based on use case (biometric, employment, essential services, etc.).
5

Set Disclosure Deadline

System automatically calculates deadline (typically 24-48 hours) based on risk level and regulatory requirements.
6

Trigger Disclosure Workflow

Automated or manual notification sent to affected user(s) with disclosure information.
7

Track Delivery Confirmation

Monitor disclosure status to confirm successful delivery and user acknowledgment.

Disclosure Status Types

Disclosure Required
  • Transparency obligation identified
  • Disclosure not yet sent
  • Within required timeframe
Disclosure Sent
  • Notification delivered to user
  • Delivery confirmation received
  • Awaiting user acknowledgment
Disclosure Completed
  • User received and acknowledged disclosure
  • Audit trail complete
  • Compliance obligation satisfied
Disclosure Delayed
  • Legitimate reason for delay (legal exception)
  • Documented justification required
  • Alert set for follow-up
Disclosure Not Required
  • Exemption applies (documented rationale)
  • Risk level below transparency threshold
  • Use case does not trigger obligation

Tracking Disclosure Status

Disclosure Tracking Dashboard

Dashboard Location: Compliance → Transparency Disclosure Key Metrics
  • Total requests requiring disclosure: X
  • Disclosures completed: X (XX%)
  • Disclosures pending: X
  • Overdue disclosures: X
  • Average time to disclosure: X hours
  • Disclosure compliance rate: XX%
Status Breakdown
StatusCountPercentageTrend
Completed1,23495%
Pending (on-time)423%
Overdue81%
Delayed (justified)151%
Total1,299100%

Disclosure Timeliness Tracking

Monitor disclosure completion times: Timeliness Thresholds
  • Immediate (< 1 hour): Real-time AI interactions (chatbots)
  • Same-day (< 24 hours): High-risk automated decisions
  • Standard (< 48 hours): Most Annex III systems
  • Extended (< 7 days): Complex cases with legal review
Compliance Targets
  • 95% of disclosures completed within standard timeframe
  • 100% within maximum allowable delay (7 days unless legally exempted)
  • Zero unresolved overdue disclosures over 14 days
Overdue disclosures create regulatory risk. Address overdue items immediately or document legal justification for delay.

Disclosure Templates & Best Practices

Standard Disclosure Templates

PromptMetrics provides pre-built templates for common scenarios: Biometric Identification Disclosure 
Subject: Notice of Biometric Data Processing

Dear [User],

We are writing to inform you that biometric identification technology
was used during your interaction with our system on [Date/Time].

Purpose: [e.g., Identity verification for account access]
Data Processed: [e.g., Facial recognition]
Human Oversight: [e.g., Security team review within 24 hours]

Your Rights:
- Request human review of the decision
- Object to biometric processing
- Request deletion of biometric data

Contact: [email protected]

This notice is provided in compliance with EU AI Act Article 12.
Employment Decision Disclosure 
Subject: AI-Assisted Decision Notice

Dear [Candidate],

This notice informs you that artificial intelligence technology
contributed to an employment decision regarding your application.

Decision: [e.g., Initial screening and interview invitation]
AI Role: [e.g., Resume screening for skill matching]
Human Review: [e.g., Final decision by hiring manager]

Your Rights:
- Request an explanation of how AI contributed to the decision
- Request human review and reconsideration
- Provide additional information for review

Contact: [email protected]

This notice is provided in compliance with Article 12 of the EU AI Act.
Chatbot Interaction Disclosure 
Notice: AI Assistant

You are interacting with an AI-powered chatbot. This system uses
artificial intelligence to generate responses, but may not always
Provide accurate or appropriate information.

Human Support: Requesta  human agent at any time by typing "human."

This is an automated system. Responses are generated by AI technology.

Template Customization

Customize templates to match your organization:
  • Add company branding and logos
  • Include specific contact information
  • Reference internal policies
  • Translate to multiple EU languages
  • Adjust tone and formality
  • Add industry-specific details

Best Practices for Disclosure

Use Plain Language: Avoid technical jargon or legal complexityBe Specific: Clearly state what AI system was used and for what purposeHighlight Rights: Make user rights prominent and actionableProvide Contact: Include clear contact information for questions or objections
Immediate Disclosure: For real-time AI interactions (chatbots, emotion recognition)Prompt Disclosure: Within 24-48 hours for automated decisionsPre-Decision Disclosure: When possible, inform users before AI processing beginsNo Unnecessary Delays: Complete disclosures as quickly as technically feasible
Log All Disclosures: Maintain audit trail of what, when, how disclosedTrack User Responses: Document acknowledgments, objections, or questionsRecord Exemptions: Document and justify any disclosure delays or exemptionsPeriodic Review: Regularly review disclosure practices for effectiveness
Multiple Channels: Offer disclosure via email, in-app notification, and websiteAccessible Format: Ensure disclosures are accessible to users with disabilitiesLanguage Options: Provide disclosures in the user’s preferred languageClear Actions: Make it easy for users to request human review or object

Exemptions and Special Cases

When Disclosure May Be Delayed or Modified

Law Enforcement Exemptions
  • Ongoing criminal investigations where disclosure may compromise the investigation
  • National security considerations
  • Court order restricting disclosure
  • Requirement: Document legal basis, notify supervisory authority, disclose when safe
Emergency Situations
  • Life-threatening emergencies requiring immediate AI-assisted decisions
  • Disclosure delayed until the emergency is resolved
  • Requirement: Disclose within 48 hours of emergency resolution
Trade Secret Protection
  • Detailed AI system explanation may reveal proprietary information
  • Disclosure modified to protect trade secrets while meeting transparency obligations
  • Requirement: Provide sufficient information for user understanding without revealing secrets
Data Subject Objection
  • User specifically requests not to receive AI usage notifications
  • Documented user consent to waive disclosure
  • Requirement: Obtain explicit, informed consent; maintain audit trail

Documenting Exemptions

When invoking the exemption:
1

Identify Legal Basis

Document specific legal provision allowing exemption (e.g., GDPR Article 23, criminal investigation).
2

Justify Necessity

Explain why standard disclosure is impossible or inappropriate in this specific case.
3

Time-Bound Exemption

Set the expiration date when normal disclosure will resume, or circumstances will be reviewed.
4

Notify Stakeholders

Inform legal counsel, supervisory authority if required, and document internal approval.
5

Monitor Resolution

Track exemption status and ensure disclosure is completed when the exemption no longer applies.

Automated Disclosure Workflows

Workflow Automation (Pro Plan)

Reduce manual effort with automated disclosure workflows: Trigger Configuration
  • Automatically mark high-risk requests for disclosure based on risk classification
  • Set disclosure deadlines based on use case category
  • Select the appropriate disclosure template by AI system type
Notification Delivery
  • Automated email notifications to affected users
  • In-app notifications for registered users
  • SMS notifications for time-sensitive disclosures (optional)
Confirmation Tracking
  • Email delivery confirmation
  • User acknowledgment tracking (click-through, reply, in-app confirmation)
  • Automated follow-up for unacknowledged disclosures
Escalation Rules
  • Alert compliance officer for overdue disclosures
  • Escalate to legal for complex exemption cases
  • Notify management of systemic disclosure issues

Compliance Reporting

Transparency Compliance Reports

Generate reports demonstrating Article 12 compliance: Report Contents
  • Total high-risk requests requiring disclosure
  • Disclosure completion rate by use case category
  • Average time to disclosure
  • Overdue disclosure summary with justifications
  • Exemption documentation and legal basis
  • User objections or complaints
  • Corrective actions taken
Report Formats
  • PDF for regulatory submissions
  • CSV for data analysis
  • JSON for programmatic access
Use Cases
  • Quarterly supervisory authority reports
  • Internal audit reviews
  • Board of Directors governance reporting
  • Annual compliance certifications

Compliance Overview

Return to the main compliance officer introduction.

Risk Assessment

Identify high-risk systems requiring transparency disclosures.

Request History

Search and filter requests to identify disclosure requirements.

Compliance Monitoring

Monitor real-time transparency disclosure compliance metrics.