Platform Features

AI governance and GDPR
in one platform

One platform for AI compliance, GDPR data protection, ISO/IEC 42001, NIST AI RMF, DORA, UK GDPR, and CCPA. Manage DSARs, breaches, RoPA, and vendor tracking alongside AI risk assessment and documentation.

GDPR & Data Protection

DSAR Manager

Track data subject access requests from intake to completion with status tracking and deadline management.

Breach Center

Log and manage data breaches. Track notification deadlines for supervisory authorities and data subjects.

Record of Processing Activities

Generate RoPA documents covering lawful basis, data categories, retention periods, and DPO details.

Vendor & Processor Tracking

Maintain a register of data processors with DPA status, contracts, and cross-border transfer tracking.

DPIA Support

Data Protection Impact Assessment templates aligned with Art. 35 requirements.

Consent Records

Track consent collection, withdrawal, and lawful basis verification across processing activities.

Cross-Border Transfer Tracking

Track data transfers outside EU/EEA and document adequacy decisions, SCCs, or BCRs.

No AI Required

All GDPR tools work standalone. You do not need to register AI systems to use data protection features.

AI System Registry

System Inventory

Register all AI systems with owner, vendor, purpose, and deployment status.

Tags & Labels

Categorise systems for filtering and reporting.

Risk Owner

Assign responsibility for each AI system.

Version Tracking

Track system and vendor versions.

Bulk Import

Import multiple systems from CSV.

AI Risk Assessment

Guided Questionnaire

15-question assessment based on Article 6 and Annex III with structured risk factor breakdown.

6-Level Classification

Prohibited, High-Risk, Limited, Minimal, Unclassified.

Risk Score & Justification

Quantified risk with detailed explanation of why each factor contributes to the score.

Cross-Framework Compliance

Framework Configuration

Enable EU AI Act, EU GDPR, UK GDPR, CCPA/CPRA, ISO/IEC 42001, NIST AI RMF, and DORA per tenant.

Unified Control Crosswalk

Master tasks map to multiple frameworks so one evidence item can support several obligations.

Framework Badges

Checklist items show the active framework references and rationale behind each mapping.

ISO/IEC 42001 Readiness

AI management system controls for governance, lifecycle, suppliers, monitoring, and evaluation.

NIST AI RMF Mapping

References across Govern, Map, Measure, Manage, Test, Monitor, and Respond activities.

DORA Operational Resilience

ICT risk management, continuity, incident reporting, supplier risk, and exit strategy tasks.

Document Generation

10 AI Act Documents

System Card, Risk Report, Tech Docs, Audit Log, Instructions, Oversight, Governance, QMS, Declaration, CE Marking.

5 GDPR Documents

RoPA, DPIA, DSAR Log, Processor Register, and Breach Report.

HTML & PDF Export

Professional documents ready for submission.

Assessments & Monitoring

AI Literacy (Art. 4)

Staff knowledge assessment with score.

Fundamental Rights (Art. 27)

FRIA for public authorities and essential services.

Post-Market Monitoring (Art. 72)

Track system performance and feedback.

Incident Reporting (Art. 73)

Log and track serious incidents.

Compliance Calendar

Never miss a deadline.

Authentication & Security

Email + Password

Standard login with strong password policy.

Google OAuth

Sign in with Google.

SAML & OIDC SSO

Enterprise single sign-on.

TOTP 2FA

Authenticator app verification.

Passkeys

Passwordless hardware key login.

Team & Collaboration

Role-Based Access

Admin, editor, and viewer roles.

Multi-Client Management

Compliance professionals manage client orgs.

Support Tickets

In-app messaging with our support team.

Self-Service Platform

Instant Signup

Start your 14-day free trial in seconds.

Self-Service Billing

Manage your plan, payment method, and invoices.

In-App Support

Create tickets and chat with our team directly.

Data Export

Export all your data at any time.

Account Management

Update team, plan, and settings without contacting us.

Coverage

Framework Coverage

The platform starts with EU AI Act and GDPR as the locked baseline, then lets each tenant enable additional frameworks. Checklist tasks are generated from a shared crosswalk so teams can reuse evidence across legal, privacy, certification, and resilience requirements.

EU AI Act

Art. 4: AI Literacy
Art. 5: Prohibited Practices Screening
Art. 6: Risk Classification
Art. 9-15: Compliance Obligations
Art. 14: Human Oversight
Art. 17: Quality Management
Art. 27: Fundamental Rights Assessment
Art. 50: Transparency
Art. 72: Post-Market Monitoring
Art. 73: Incident Reporting
Annex IV: Technical Documentation

GDPR

Art. 5: Lawful Basis & Data Minimisation
Art. 6: Lawful Basis Verification
Art. 13/14: Privacy Policy Updates
Art. 15-22: Data Subject Rights
Art. 17: Right to Erasure
Art. 22: Automated Decision-Making
Art. 28: Vendor DPAs
Art. 30: Record of Processing Activities
Art. 35: Data Protection Impact Assessment
Art. 37: DPO Appointment
Art. 44-49: Cross-Border Transfers

ISO/IEC 42001

AI management system governance
Roles, responsibilities, and competence
AI lifecycle management
Supplier and third-party controls
Monitoring and conformity evaluation

NIST AI RMF

Govern and organizational accountability
Map AI context and requirements
Measure risk, bias, and robustness
Manage response and mitigation plans
Monitor and respond to operational risk

DORA, UK GDPR, CCPA

ICT risk and continuity tasks
Incident and breach reporting alignment
Supplier, processor, and exit strategy tracking
UK GDPR privacy governance
CCPA/CPRA notice, rights, and consumer privacy tasks

Ready to get compliant?

Start with a 14-day free trial. No credit card required.

Start Free Trial