Expertise · AI Governance — EU AI Act & GDPR

Use AI without giving up control.

My approach

AI delivers value quickly in the Mittelstand. But without guardrails, it brings liability too. I sort out what's allowed, what needs review and what's better left alone. I see the EU AI Act and GDPR not as a brake but as the framework that makes AI usable in the first place. That's what I learned in my AI-Manager training and translated into concrete use cases.

EU AI Act: risk classes and the path to compliant AI governance — infographic

How I apply it

In practice, I classify every use case by its risk level and settle the responsibilities before a tool goes live. I involve data protection and the works council early, rather than repairing things afterwards. My yardstick is simple: what stands up to scrutiny and what doesn't? That keeps AI usable without the company giving up control.