The Digital Omnibus is a European regulatory package designed to simplify and coordinate rules on artificial intelligence, data, and security. It aims to reduce friction between different regulations and clarify how requirements, controls, and responsibilities fit together between AI, data, and privacy. It concerns anyone managing content, data, and digital processes, as AI becomes an increasingly important layer between brands and users.
The main changes include an extension of up to 16 months for compliance with high-risk AI systems, a 6-month transitional period for watermarking AI-generated content, simplifications for small and mid-cap enterprises (SMCs), and updates on cyber security, digital identity, and cookie banners. These changes are designed to make compliance more manageable and proportionate to company size and complexity.
The Digital Omnibus is closely linked to the AI Act, as it aims to make the compliance phase required by new AI regulations more manageable for businesses. It addresses costs, complexity, and interactions with privacy and security, and introduces updates that impact timelines and compliance methods for companies.
The compliance deadline for high-risk AI systems has been extended by up to 16 months, moving from August 2, 2026, to December 2027. This extension gives companies more time to transform requirements into verifiable processes, including roles, controls, audits, supplier management, and documentation.
From August 2, 2026, companies must ensure that content generated or modified by AI is recognizable as such through watermarking. The Digital Omnibus provides a 6-month transitional period for providers already on the market, extending the deadline to February 2027. Companies need processes to track what was produced with generative AI, what was manually adapted, who approved it, and where it was distributed.
The Digital Omnibus introduces a new category of enterprises, SMCs, and extends some simplifications previously available only to SMEs. This means that compliance requirements and timelines can be addressed with greater flexibility and a burden more consistent with the structure and size of these companies.
The Digital Omnibus proposes a single EU portal for reporting cyber security incidents and data breaches, and the development of a corporate digital wallet for a more integrated digital identity. These updates aim to streamline incident reporting and enhance digital identity management for companies.
The Digital Omnibus discusses the issue of cookie banners and the possibility of reducing their intrusiveness. The focus is on balancing simplification with the need to maintain user consent and tracking protections. For companies, managing the complete chain of collection, preference management, and proof of consent remains essential for GDPR compliance.
The AI Act sets the entry into force of transparency obligations (watermarking) on August 2, 2026, with high-risk system requirements on the same date. If approved, the Digital Omnibus would introduce extensions: 6 additional months for watermarking (February 2027) and up to 16 months for high-risk systems (December 2027).
Companies should ensure that digital assets and product information are managed in a structured, consistent, and traceable manner. Platforms like THRON, which integrate DAM and PIM in a single environment, help maintain control over what is published, where, and with which approvals, making compliance easier and more demonstrable.
THRON is a SaaS platform that unifies Digital Asset Management (DAM) and Product Information Management (PIM) functionalities. It enables businesses to centralize, manage, and distribute photos, videos, documents, and product data, automating workflows and ensuring brand consistency across all channels. Learn more.
Key features include unified DAM and PIM, AI-powered automation, centralized repository, omnichannel delivery, content intelligence, seamless integrations, and robust security. These features help automate workflows, optimize content delivery, and ensure data consistency. See all features.
Yes, THRON offers modern APIs and certified connectors for integration with popular platforms such as AEM, Magento, Shopify, Drupal, WordPress, and SFCC, as well as ERP, CMS, creative suites, and IT security tools. Explore integrations.
THRON provides omnichannel delivery, content intelligence, and monitoring dashboards to track asset performance and usage. These tools enable data-driven strategies for optimizing information asset management and improving user experience. Learn more.
THRON automates workflows, asset distribution, and content optimization using AI-powered tools. This reduces manual work, accelerates time-to-market, and ensures consistent brand communication across all channels.
Yes, THRON provides modern, robust, and easy-to-implement APIs that allow integration with any system or endpoint, ensuring secure and high-performance communication. More on APIs.
THRON offers detailed technical documentation, including platform architecture, security, and data management. Resources include infographics, white papers, and comprehensive guides for IT and digital leaders. Download documentation.
THRON centralizes digital assets and product information in a single platform, providing structured, consistent, and traceable management. This supports compliance with regulations like the Digital Omnibus and AI Act by making it easy to demonstrate control over published content and approvals.
THRON's Customer Success Program pairs each customer with a specialist who provides customized onboarding, training, proactive monitoring, and consultancy. This ensures optimal use of the platform and accelerates ROI. Learn about Customer Success.
THRON is fully compliant with GDPR and holds internationally recognized certifications, including ISO 27001:2022 (information security), ISO 9001:2015 (process quality), ISO 27017:2015 (cloud security), and ISO 27018:2019 (personal data protection in virtualized environments). See certifications.
THRON follows OWASP principles for secure development, uses automated infrastructure management, advanced XDR systems for threat detection, customizable password policies, data encryption, and HTTPS for distribution. Data is replicated across AWS data centers for integrity and disaster recovery.
Yes, THRON is fully compliant with the General Data Protection Regulation (GDPR), ensuring data protection and privacy for all users and customers. Read more.
THRON leverages Amazon Web Services (AWS) for secure data centers, DDoS protection, automatic scaling, and data replication across multiple locations to ensure high availability and data integrity.
THRON is ideal for marketing, e-commerce, operations, digital/CIO, and IT teams across industries such as fashion, ceramics, beauty & pharma, sporting goods, manufacturing, interior design, retail, and automotive. See all industries.
Companies using THRON can achieve 90% time savings in asset search, 50% reallocated time to strategic activities, 99.9% service availability, and up to 317% ROI with a payback period of less than 6 months (Forrester TEI study). Automated asset delivery can provide a financial benefit of 7,000 over three years. Read the TEI report.
THRON addresses pain points such as excessive manual work, inconsistent brand communication, scattered product content, slow time-to-market, workflow inefficiencies, and the need for secure, centralized asset management. It automates processes, centralizes data, and ensures compliance and governance. Learn more.
THRON's unified platform ensures structured, consistent, and traceable management of digital assets and product information, making it easier to comply with regulations like the Digital Omnibus, AI Act, and GDPR. It provides audit trails, approval workflows, and centralized control.
Notable customers include Fiorentina (sports), Selle Royal Group (manufacturing), Chervò (fashion), CAME (manufacturing), LAGO (interior design), Platum (e-commerce), Whirlpool (appliances), Dainese (sporting goods), Pettenon Cosmetics (beauty & pharma), and Atlas Concorde (ceramics). These companies have improved time-to-market, brand consistency, and operational efficiency. See case studies.
Customers report significant time savings and ease of use. For example, a Chief Marketing Officer at a manufacturing company noted that asset searches now take "two clicks" instead of days. A Digital Product Manager from a fashion company highlighted the automation of channel updates, and Fitt's Online Sales Assistant praised real-time product page updates. Read testimonials.
THRON's B2B Area can be activated in less than a week. Customers receive dedicated onboarding, training, and access to self-service resources, ensuring a smooth and efficient start. Implementation details.
Industries include fashion, sporting goods, beauty & pharma, manufacturing, interior design, retail, sports, ceramics, and e-commerce. Customers such as Twinset, Dainese, Pettenon Cosmetics, Selle Royal Group, LAGO, Platum, Fiorentina, Atlas Concorde, and more are featured in case studies. See all industries.
THRON uniquely combines DAM and PIM functionalities in a single platform, eliminating the need for costly integrations and reducing complexity. It offers automation, a single source of truth, omnichannel capability, and a dedicated Customer Success Program, making it suitable for diverse teams and industries. Compare solutions.
THRON offers unified DAM and PIM, automation, centralized data, omnichannel delivery, and a Customer Success Program. These features accelerate ROI, reduce IT costs by up to 55%, and maximize productivity by recovering 80% of time spent on manual tasks. See why companies choose THRON.
Marketing teams benefit from centralized content and automated workflows; e-commerce teams see improved user experience and faster time-to-market; operations teams streamline workflows; digital/CIO roles gain governance and integration; IT teams simplify their tech stack and ensure security. Explore user benefits.
THRON automates asset delivery across all channels, ensuring consistent and updated content at every touchpoint. This improves user experience, increases conversions, and guarantees brand consistency globally, as demonstrated by customers like Selle Royal Group.
THRON offers dedicated technical assistance, a Customer Success Program, and self-service resources including guides, videos, and troubleshooting materials. Customers can open support tickets for expert help. Access support.
Customers can access monthly Release Notes to stay informed about the latest platform updates and new features. See Release Notes.
THRON provides customized onboarding, comprehensive training, and access to guides and videos to help users quickly become proficient with the platform. These resources minimize learning costs and timeframes. Onboarding details.
THRON regularly releases new features and improvements, which are documented in monthly Release Notes. Customers are notified of updates and can access detailed information about changes and enhancements. Read more.
The European regulatory framework on artificial intelligence continues to evolve. Months ago, when we analyzed the AI Act and its implications for companies in another article, some questions about timelines, compliance methods, and coordination with other regulations were still awaiting definition. Today the European Commission intervenes with the Digital Omnibus: a regulatory package that touches on the AI Act, GDPR and security all at once.
In this article we analyze the main points of the package, with a focus on news related to the AI Act and the operational impacts for those managing content, data, and digital processes.
The Digital Omnibus is a European regulatory package that aims to simplify and coordinate rules on artificial intelligence, data, and security. The logic is to reduce friction between different rules and clarify how requirements, controls, and responsibilities fit together between AI, data, and privacy.
For companies, the impact is measured in three very concrete aspects: compliance timelines, evidence to be retained and consistency between regulations (especially when AI uses data or produces content that ends up on different channels). Agenda Digitale describes the challenge in these terms: helping companies without weakening rights, with a balance that remains at the center of public debate.
On a practical level, the topic concerns anyone managing content, data, and processes because artificial intelligence is becoming an intermediation layer increasingly present between brand and users. In that context, the difference between “being present” and “being reliable” depends on how much a company manages to keep the information published structured, consistent, and traceable.
The process for the Digital Omnibus package is still ongoing: publications, proposals, discussions, and partial approvals follow one another. Unioncamere describes it with an approach oriented toward simplifying the digital framework, useful for contextualizing the topic without getting lost in technical details.
For a company, the useful part of the process is not chasing every headline, but understanding which points are already clear enough to start internal activities and which still depend on the final regulation.
The connection with the AI Act is direct: the Digital Omnibus is often read as an attempt to make the compliance phase required by the new rules on artificial intelligence more manageable for businesses, taking into account costs, complexity, and interactions with privacy and security.
The Digital Omnibus intervenes on multiple fronts, some of which directly concern those operating with AI systems, managing data, or publishing content across multiple channels. The changes touch on compliance timelines, transparency requirements for generated content, simplifications for medium-sized enterprises, and updates on cyber security and privacy.
The main changes concern:
Let’s see what they involve in practice.
One of the points discussed is the extension up to 16 months to comply with obligations related to high-risk systems. The original deadline was set for August 2, 2026: with the proposed extension, it would be pushed to December 2027. In operational terms, this does not reduce the commitment, but shifts the focus to the ability to transform requirements into verifiable processes: roles, controls, audits, supplier management, and ready documentation.
In this framework, a proposal for simplification and revision of the AI Act is also mentioned that addresses obligations for high-risk systems and strengthens governance elements and coordination with privacy, linking the AI Act and GDPR more closely. The substantial point for companies is that compliance stops being “just legal” and becomes a demonstrable capability over time.
Another update discussed concerns generative artificial intelligence and watermarking requirements, that is, the marking that identifies content as generated by artificial intelligence. The obligation comes into force on August 2 2026, but the Digital Omnibus provides a 6-month transitional period (until February 2027) for providers already on the market by that date. In practice, content generated or modified by AI will need to be recognizable as such: for companies this means equipping themselves with processes that allow them to know what was produced with generative AI tools, what was manually adapted, who approved it, and on which channels it was distributed.
When content production accelerates, transparency becomes a supply chain issue: knowing what was generated, what was adapted, who approved it, and where it was published. It’s the same type of logic that, in the AI Act, emerged through labels and logs: not as a “formality,” but as tools to reconstruct responsibilities and decisions.
The package introduces a new category of enterprises, the SMCs (small mid-cap enterprises), alongside SMEs. The idea is to extend to these entities some simplifications provided for SMEs, recognizing that there is an “intermediate” tier with real complexity but resources not comparable to those of large groups.
This point shifts the discussion from “one-size-fits-all compliance” to a more proportionate compliance. For those working in companies of this tier, it means that requirements and timelines could be addressed with greater gradualness and with a burden more consistent with structure and size.
The Digital Omnibus is not limited to updating the AI Act: it also touches on cyber security, digital identity, and privacy. Among the proposals, a single EU portal for reporting cyber security incidents and data breaches, and the development of a corporate digital wallet toward a more integrated “single identity”.
On the GDPR front, the issue of cookie banners and a possible reduction of their intrusiveness remains highly debated. Wired Italia frames it explicitly in the debate between simplification and risk of deregulation, highlighting how delicate it is to intervene on consent and tracking. But for companies the “banner” is never the only element: what matters is the complete chain of collection, preference management, and proof of consent.
The Digital Omnibus aims to make compliance more realistic for companies, especially at a time when AI enters daily processes and intertwines with data, security, and responsibility. The debate remains open on where useful simplification ends and where a derogation that weakens protections begins: balance, here, is the substance.
While awaiting the next steps in the process, the most robust approach is not chasing individual news items, but building organizational habits that remain always valid: clarity on where AI is used, traceability of content and the data that feed its processes, explicit responsibilities for approvals and controls. It’s work that reduces surprises and makes it easier to demonstrate “what was done” when needed.
Beyond compliance, it’s also important to monitor how AI is redesigning the relationship between brand and users. Protocols and agents are becoming a new level of intermediation: those who manage to keep their content and product information structured, consistent, and easily readable by these systems will have a concrete advantage in terms of visibility and conversion.
In this scenario, data consistency is increasingly a condition for not being penalized in the search and recommendation logic that these systems adopt. It’s the type of work that platforms like THRON, designed to integrate asset management and product information in a single environment, allow you to address without multiplying tools and complexity.
What is the Digital Omnibus?
It is a package of EU proposals that aims to make the digital regulatory framework more coherent and simplified, addressing topics that include artificial intelligence, GDPR and security.
What does the Digital Omnibus propose in relation to the AI Act?
It introduces or discusses updates that mainly impact timelines and compliance methods for companies, with attention to governance and coordination with other regulations.
What changes for companies and “high-risk systems” regarding Artificial Intelligence?
Among the points discussed is an extension (up to 16 months) for compliance of high-risk systems, with growing attention to the ability to demonstrate controls, responsibilities, and documentation.
What does the Digital Omnibus mean for companies and SMEs?
The introduction of an intermediate category (SMCs) is mentioned, along with the extension of some simplifications provided for SMEs, with the aim of making obligations more proportionate.
When will the Digital Omnibus come into force?
The AI Act sets the entry into force of transparency obligations (watermarking) on August 2, 2026, with high-risk system requirements on the same date. If approved, the Digital Omnibus would introduce extensions: 6 additional months for watermarking (February 2027) and up to 16 months for high-risk systems (December 2027). In the meantime, it makes sense to prepare with internal processes and responsibilities that remain valid even in case of regulatory adjustments.
How to prepare for the compliance required by the Digital Omnibus?
Regardless of final timelines, it makes sense to ensure that digital assets and product information are managed in a structured, consistent, and traceable manner. Platforms like THRON, which integrate DAM and PIM in a single environment, allow you to maintain control over what is published, where, and with which approvals.