AI laws and regulation in Slovakia

Low.

While there is no standalone Slovak “AI Act”, Slovakia has begun aligning its framework with the directly applicable  Regulation (EU) 2024/1689 - Artificial Intelligence Act (“EU AI ACT”) by amending sectoral legislation (for example, Act No. 56/2018 Z.z. on conformity assessment of products was amended by Act No. 318/2025 Z.z. to reference and enforce certain obligations and penalties under EU AI ACT.).

Existing frameworks that apply to AI systems (no standalone AI Act in Slovakia):

• Act no. 18/2018 Coll. on personal data protection: Implements and complements the GDPR in Slovakia, setting lawful bases, DPIA procedure, profiling/ADM safeguards and powers of the supervisory authority for any AI processing personal data. 
• Act no. 69/2018 Coll. on cybersecurity: Imposes risk management and incident‑reporting duties under the National Security Authority’s oversight, relevant whenever AI supports networks or critical services.
• Act no. 56/2018 Coll on product conformity/market surveillance: Establishes CE‑conformity, technical documentation and market‑surveillance rules for regulated products and safety components, which capture AI when embedded in or as part of such products; amended by Act No. 318/2025 Coll with effect from 1 January 2026. 
• Act No. 250/2007 Coll. on consumer protection, B2C digital/services: Prohibits unfair commercial practices and sets transparency/information obligations that apply to AI‑enabled consumer interfaces, advertising and rankings. 
• Act no. 452/2021 Coll. on telecoms and digital infrastructure: Governs electronic communications services, network security, numbering and spectrum, affecting AI used in telecom services and communications data processing. 
• Act no. 40/1964 Coll. (civil law, cross‑sector liability and personality rights): Provides the general framework for contractual and non‑contractual liability and protection of personality rights, forming the basis for claims involving AI‑related harm or misuse of likeness. 
• Act no. 513/1991 Coll. (Commercial Code): Regulates B2B contracts, competition and supplier liability, relevant to procurement, warranties and allocation of risk for AI‑enabled products and services.
• Act No. 185/2015 Coll. Copyright Act: Sets authors’ and related rights for works, computer programs and databases, informing use of training data and AI outputs. 
• Act no. 483/2001 Coll (banking regulation): Establishes prudential and conduct requirements for banks (including governance and outsourcing/ICT controls) that apply when deploying AI in credit, risk and customer processes under NBS supervision. 
• Act no. 492/2009 Coll. on payments/e‑money: Regulates payment institutions and e‑money, including security and data‑handling duties relevant to AI‑driven fraud prevention and automation. 
• Act no. 362/2011 Coll. on health/medical devices: Lays down requirements for medicines and medical devices, clinical trials and online supply, capturing AI when integrated into medical devices and subject to device conformity and supervision.
• Act no. 95/2019 on public‑sector IT: Sets governance, interoperability, security and accessibility standards for public‑sector IT, shaping procurement and operation of AI systems used by public authorities. 
• Act no. 301/2005 Coll. Criminal Code: Provides procedural rules for evidence and safeguards, relevant to the acquisition and use of biometric or algorithmic evidence by law‑enforcement. 

Slovakia has not created a standalone AI regulator; oversight is allocated across existing authorities whose mandates now reference or interact with the EU AI Act.

• Slovak Trade Inspection: Lead market‑surveillance authority for consumer products and services; empowered to order corrective measures, withdrawals and bans. 
• Office for Personal Data Protection of the Slovak Republic: Independent supervisory authority for personal‑data processing, including automated processing. 
• National Security Authority: National cybersecurity authority with rule‑making, incident‑reporting and supervisory powers; from 1 January 2026 also the market‑surveillance authority for “products with digital elements” (Cyber Resilience Act). 
• National Bank of Slovakia: Financial‑market supervisor (prudential, conduct and ICT/outsourcing controls) over regulated firms deploying AI. 

Slovakia has government‑approved strategy and policy documents that frame its stance on AI, even though they are not codified in the Collection of Laws:

• National AI Strategy of the Slovak Republic (2019): sets principles for trustworthy, human‑centred AI, outlines priority sectors, R&D, skills, and ethics.
• Action Plan for AI (2021–2023): operationalises the strategy with measures on governance, public‑sector pilots, data availability, standardisation, and talent.
• Digital Transformation Strategy of Slovakia 2030: a horizontal framework that embeds AI as an enabler across economy, public services, and industry.
• Public‑sector IT standards and methodologies: while primarily enforceable for public authorities via the Act on Information Technologies in Public Administration and its implementing decree, they are the locus for practical guidance on data management, interoperability and security that underpin AI projects in government. 

International AI Standards and Guidelines are implemented through the horizontal standardisation and conformity‑assessment framework rather than by naming AI‑specific instruments.

• ISO/IEC (and other international standards): Referenced indirectly via the Act on Technical Standardisation, which allows Slovakia to adopt or recognise “other technical standards” and normalisation documents issued by international standardisation bodies and to designate Slovak Technical Standards (STN), including adoptions of ISO/IEC and EN standards, for conformity purposes. 
• EU “harmonised standards” (CEN/CENELEC/ETSI): Explicitly relied upon in the Act on Conformity Assessment; the law repeatedly references “harmonised technical standards” for demonstrating compliance and for the authorisation/oversight of conformity‑assessment bodies-this will cover AI‑relevant harmonised standards designated under EU product legislation (including those linked to the EU AI Act) as they are published. 
• OECD AI Principles: There are no express citation in the Slovak legislation.

In practice, Slovak authorities use the above mechanisms (STN adoptions of ISO/IEC and EU‑harmonised standards) to anchor technical expectations for AI‑enabled products and systems.

As at 15 December 2025 there is no Slovak “AI Act” bill published in the official Collection of Laws; instead, Slovakia is adapting existing statutes to the directly applicable EU AI Act-most notably via Act No. 318/2025 Z. z., which amends the Act on Conformity Assessment of Products with effect from 1 January 2026, and through recent cybersecurity amendments.

• CMS Artificial Intelligence https://cms.law/en/int/insight/artificial-intelligence
• CMS EU AI Act – Questions and Answers https://cms.law/en/int/publication/eu-ai-act-questions-and-answers
• Guide to the EU AI Act for businesses outside the EU https://cms.law/en/int/publication/guide-to-the-eu-ai-act-for-businesses-outside-the-eu
• CMS International Digital Regulation Hub https://cms.law/en/int/publication/digihub
• EU AI Office https://digital-strategy.ec.europa.eu/en/policies/ai-office
• EU AI Continent Action Plan https://digital-strategy.ec.europa.eu/en/library/ai-continent-action-plan
• EU Apply AI Strategy https://digital-strategy.ec.europa.eu/en/policies/apply-ai
• EU AI Office https://digital-strategy.ec.europa.eu/en/policies/ai-office
• EU AI Act Whistleblower Tool https://ai-act-whistleblower.integrityline.app/ 
• EU White Paper on AI https://commission.europa.eu/system/files/2020-02/commission-white-paper-artificial-intelligence-feb2020_en.pdf
• EU AI Act - Questions and Answers