AI Act Ready — Installation, configuration and usage
Install, activate and use AI Act Ready to structure your EU AI Act compliance from PrestaShop: AI system scan, registry, obligations, document generation in 6 languages and auditor export.
AI Act Ready helps you structure your compliance work with Regulation (EU) 2024/1689 on artificial intelligence, directly from the PrestaShop back office: inventory your AI systems, keep a guided registry, track obligations, generate documents in 6 languages and produce a consolidated auditor export.
AI Act Ready is a structuring tool, not a compliance certificate. Compliance depends on your actual practices. The risk classification produced by the module is an operational indication, not a legally binding opinion. For a high-risk system, the advice of a qualified legal professional is required.
Requirements
- PrestaShop 8 and 9 (8.0.0 minimum)
- PHP 7.4 minimum (8.1 to 8.3 recommended)
- MySQL 5.7+ or MariaDB 10.3+ (JSON columns)
- PHP extensions: gd or imagick (PDF rendering), mbstring, json, openssl
- Back-office administrator access
The module ships dompdf in its vendor folder. No external dependency or Composer is required in production.
Installation
- Download
datafirefly_aiact-1.0.0.zipfrom your order on datafirefly.com. - In the back office, open Modules > Module Manager, then click Upload a module.
- Select the ZIP and run the installation.
- On install, the module creates its tables, registers its hooks and adds the AI Act menu with its 6 tabs in the sidebar.
Licence activation
- Open AI Act > Licence & Settings.
- Enter the key received by email, in the format
DFAIA-PRO-XXXX-XXXX-XXXX. - Click Activate licence. The module contacts
license.datafirefly.comover HTTPS and caches the result locally.
Fail-open mode: if the licence server is temporarily unreachable, the module stays fully functional for 7 days from the last successful check. No service interruption.
Back-office overview
The AI Act menu has six tabs: Dashboard, AI Registry, Obligations, Documents, Journal and Licence & Settings. The recommended path follows this order: scan and complete the registry, then handle obligations, then generate documents.
1. Dashboard
The dashboard gives an overview: a completeness indicator for your work, the number of inventoried AI systems, remaining obligations and shortcuts to the main actions. It is your entry point to track progress.
2. AI Registry
The registry is the heart of the module: one record per inventoried AI system, kept in your PrestaShop database.
Automatic scanner
The scanner compares your installed modules against a signature database maintained by DataFirefly. It detects about 90% of popular PrestaShop AI modules and 100% of DataFirefly modules. Modules whose name or folder contains AI terms (chatbot, gpt, openai, llm, neural…) are surfaced with a “to review” status for manual classification — they are never classified automatically.
The scanner does not detect in-house custom AI (inline PHP, theme) or serverless API calls from the front end. Add these systems manually via Registry > Add manually. The scan is a starting aid, not a condition of compliance.
Guided classification questionnaire
For each system, you fill in the purpose, the AI Act role (provider, deployer, importer, distributor), the GDPR legal basis, the internal owner and the go-live date. Based on your answers, the module proposes a risk level (minimal, limited, high, prohibited, GPAI) together with its rationale.
3. Obligations
From the classification, the module lists the obligations applicable to each system, with the precise regulation article (Art. 50, Art. 4…) and the effective date. Obligations are organised in a kanban: To do / In progress / Done / Not applicable. For each obligation, you can attach evidence (screenshot reference, PDF, internal URL).
The risk classification relies on the FLI (Future of Life Institute) methodology and DataFirefly extensions adapted to PrestaShop. It has no formal legal value and cannot be relied upon before a supervisory authority. In an audit, only your actual practices and documentation count.
4. Documents
The module generates four PDF documents, each in 6 languages (FR, EN, ES, DE, IT, PT):
- Internal AI Policy — registry summary, purposes and governance (Art. 4, Art. 26).
- AI Literacy Charter — staff training charter for AI systems (Art. 4).
- Light DPIA — impact assessment for limited-risk systems.
- AI T&C clauses — clauses ready to add to your terms and conditions (Art. 50).
A “Generate audit file” button produces a consolidated auditor PDF: cover, full registry, obligations with evidence and timestamps, AI journal, applied Rules Pack version and a unique audit ID.
The generated documents are generic pre-filled templates. They must be reviewed and adapted to your context before any official use. For ES, DE, IT and PT, review by a local legal professional is recommended before any binding use. They do not constitute legal advice.
5. Journal
Every significant action (scan, obligation update, document generation) is timestamped in a journal exportable to CSV. The journal can be fed by compatible DataFirefly modules through the JournalCollector::record() API. For third-party AI modules, integration on their side is their responsibility; you can document manually.
In v1.0, the completeness of the journal depends on third-party adoption of the API. The module provides the interface, not the third-party integration. If you do not use DataFirefly modules, the journal will mainly be fed by your actions within the module and your manual documentation.
6. Licence & Settings
This tab manages licence activation, the Rules Pack update cron token and the front-office display options (always disabled by default):
- Art. 50 notice — front-end transparency notice (opt-in).
- Chatbot disclosure badge — per product-page badge, enabled per system.
Data and privacy
Only the SHA-256 hash of your licence key and your server IP are transmitted to license.datafirefly.com, for licence validation and rate-limiting. The AI registry, obligations, evidence, journal, documents and all store data (customers, orders, products) stay exclusively in your PrestaShop database. The key is never stored in clear text.
Multistore
The module is natively multistore: each store has its own independent registry, obligations and journal. Scanning, obligations and front display toggles are managed per store. The cron token is shared at the global level.
Regulatory updates (Rules Pack) and renewal
The module ships a baseline Rules Pack covering Art. 50 and Art. 4, verified against official sources (AI Act Explorer FLI + European Commission). The module cron contacts the server to fetch updated versions, which requires an active licence.
The €69/year renewal keeps the licence active and the Rules Pack current (Commission guidelines, national transpositions, GPAI codes of conduct). Without renewal, the module keeps working with the last pack received but no longer benefits from regulatory updates.
Uninstall
Before uninstalling, export your registry and journal to CSV/PDF from the Documents tab. Uninstalling removes all module tables and configuration keys.
On uninstall, the module tables are dropped, configuration keys are purged, hooks are unregistered and back-office tabs removed. No orphan data remains in the database. Your exported data stays entirely under your control — no lock-in.
FAQ
The scanner does not detect my chatbot or AI module
Check that the module is actually installed (not just downloaded). If it is custom or recent, it may not yet be in the signature database. Add it manually via Registry > Add manually; this option requires no prior scan.
The licence key is rejected
Copy and paste the key from the delivery email (format DFAIA-PRO-XXXX-XXXX-XXXX) rather than retyping it. Check that it has not expired and that your host does not block outgoing HTTPS connections to license.datafirefly.com.
The PDFs do not generate
Make sure the PHP gd (or imagick) extension is enabled, required for dompdf PDF rendering.
Is the module compatible with PrestaShop 9?
Yes. AI Act Ready is compatible with PrestaShop 8 and 9. It is, however, specific to PrestaShop and does not cover Shopify or WooCommerce.
Does this module make me EU AI Act compliant?
No. It equips you to document and structure your work. Compliance depends on your actual practices and, in some cases, on external legal advice.
Support
Support is provided by DataFirefly Limited (Dublin, Ireland), in French and English, within 48 business hours: support@datafirefly.com or the form at datafirefly.com/support. For an urgent request, mention “URGENT” in the subject.