The pre-deployment AI DPIA template fuses GDPR Article 35 obligations with EU AI Act Article 26 (deployer) and Article 27 (FRIA where applicable) into a single working-session document; sections 7 and 8 are conditional on the EU AI Act risk classification established in section 1, which means deployers complete the full document only when the system is classified as high-risk under Annex III.

Premise: a generic GDPR DPIA misses the AI-specific risks (memorisation, prompt injection, automated-decision Article 22 exposure) and the AI Act deployer obligations that activate 2 August 2026. The template is sized for one working session because retrofitted DPIAs (the 2025 supervisory-authority failure pattern) are themselves a compliance signal. Anchored to GDPR Article 35, EU AI Act Articles 26+27, the Datenschutzkonferenz Muss-Liste 2024, and the 2025 Dutch AP + Italian Garante guidance on AI human-in-the-loop documentation. 90-day review cycle because Article 26 enforcement interpretations will start clarifying in late 2026.