CHAPTER III

Article 19: Automatically generated logs

Plain English Summary

What this article does: Requires providers to retain automatically generated logs for high-risk AI systems. Who it applies to: Providers of high-risk AI systems (and deployers where logs are under their control). Key requirements: Para 1: Providers must keep the logs automatically generated by their high-risk AI system for at least 6 months, unless otherwise provided by EU or national law.

1. Providers of high-risk AI systems shall keep the logs referred to in (1), automatically generated by their high-risk AI systems, to the extent such logs are under their control. Without prejudice to applicable Union or national law, the logs shall be kept for a period appropriate to the intended purpose of the high-risk AI system, of at least six months, unless provided otherwise in the applicable Union or national law, in particular in Union law on the protection of personal data.

2. Providers that are financial institutions subject to requirements regarding their internal governance, arrangements or processes under Union financial services law shall maintain the logs automatically generated by their high-risk AI systems as part of the documentation kept under the relevant financial services law.

Cross-referenced Articles

Built by Paul McCormack — lawyer, product leader, and founder of Kormoon. This site is an independent informational resource only and does not constitute legal advice. No reliance should be placed on its contents. For the authoritative text, refer to the official EUR-Lex source linked in the Annexes tab, or consult your legal advisor.

© 2026 Paul McCormack. All rights reserved.

kormoon.aiOfficial EUR-Lex Source
Share