ISO 27001 · GDPR · automated
ISO 27001 and GDPR compliance,without the spreadsheet hell.
ComplAI gives small and mid-sized organisations a complete compliance workspace. Pre-populated, AI-drafted, audit-ready in days, not quarters.
app.complai.io / dashboard
Combined readiness
0/100
▲ 12 this month
Stage 2 ready in 2 weeks
Policies
14/14
Risks treated
23/27
Annex A
78/93
Action required · 4
2 critical risks awaiting treatment
1 management review overdue
DSAR-006 approaching 30-day deadline
14
policies drafted
in 92 seconds
93
ISO 27001 controls
mapped to your workspace
44
GDPR evidence rules
pre-loaded
8
audit reports
one click each
Why teams pick ComplAI
The compliance work nobody wants to do, automated.
Three pillars packed into a product your team can run themselves: policies, risk, audit-readiness.
01 · Policy Library
AI-drafted policies in minutes.
Your full ISMS policy set, mapped to ISO 27001 Annex A and GDPR Articles, with version control and management sign-off built in.
Policy Library
auto_awesomeAI batchInformation Security Policy
ApprovedAccess Control Policy
ApprovedAcceptable Use Policy
ApprovedData Retention Policy
In ReviewIncident Response Policy
Generating…02 · Risk Register
Risks, pre-populated.
We analyse your business profile and vendors to bootstrap a risk register that's 80% complete on day one.
Severity × Likelihood
3 critical03 · Audit Reports
Audit-ready, on demand.
Statement of Applicability, RoPA, Management Review minutes. Every PDF your auditor asks for, in seconds.
Audit Reports
PDF · auditor-readyStatement of Applicability
18 pages
Risk Treatment Plan
9 pages
Article 30 RoPA
12 pages
Management Review
6 pages
How it works
From signup to audit-readyin an afternoon.
01
Tell us about your business.
Enter your URL. We auto-detect industry, vendors, data flows, and obvious risks. Prefer manual? Fill in a short form instead. Takes 30 seconds.
https://acme-hotels.com
check_circleScannedIndustry
Hospitality
Region
EU · Greece
Sites detected
6 properties
Vendors
23 found
02
Review the workspace we built.
Risks, policies, RoPA records, training plans, vendor register: all pre-populated and tagged to ISO 27001 controls and GDPR articles. Verify, edit, approve.
Workspace overview
Auto-populatedPolicies
14
Risk Registry
26
Article 30
9
Vendors
23
Training
12
Incidents
0
03
Show your auditor.
Readiness reports, SoA, evidence trail. Export to PDF or share read-only access. Cuts the prep work. You keep the certificate.
Readiness Report
Stage 2 ready87
/ 100
Combined readiness
▲ 12 points this month
Auditor-ready PDF · download
arrow_forwardInside the product
Built for the team that has to ship the certificate.
Real product, real workflows. No vapourware screenshots.
Compliance Map
Every control, scored, in one view.
93 ISO Annex A controls and 44 GDPR rules in a heatmap that updates as you work. Click any cell to jump straight to evidence.
81% covered
+12 this week
app.complai.io / compliance-map
Risk Registry
Risks treated, not just logged.
Treatment plans, owners, and due dates per risk. Coverage matrix to spot where one policy buys you two controls.
26 risks tracked
23 treated
app.complai.io / risk-registry
Policy Library
Every policy. One source of truth.
14 policies drafted from your business profile in 92 seconds. Version control, sign-off workflow, and approval audit log included.
14 / 14 approved
v2 ready to ship
app.complai.io / policies
Pricing
Simple plans. Cancel anytime.
Start free, upgrade when you need more sites, users, or AI throughput.
Free
Try the basics on your own.
- check_circle1 site, 1 editor
- check_circle5 AI credits / month
- check_circleBasic AI generation
- check_circleCommunity support
Team
For compliance teams — both frameworks
- check_circleISO 27001 + GDPR (both frameworks)
- check_circle1 site, 3 editors, 10 contributors
- check_circle150 AI credits / month
- check_circleUnlimited viewers
- check_circleFull PDF + Excel exports
- check_circle15 training seats / month
Enterprise
Unlimited sites, custom onboarding & SLA
- check_circleUnlimited sites & users
- check_circleUnlimited AI generation
- check_circleAPI access
- check_circleDedicated onboarding & SLA
- check_circleCustom integrations
- check_circleAnnual security review
Prices shown ex-VAT.
FAQ
Questions teams ask before they sign up.
Still have a question? Email us. We usually reply within a working day.
Is ComplAI a replacement for a real auditor?add
No. ComplAI gets you audit-ready faster, but it's not a certification authority. You'll still need an accredited auditor for your formal ISO 27001 certificate. Most teams use ComplAI to prepare for that audit in roughly a quarter of the usual time.
Does it cover both ISO 27001 and GDPR?add
Yes, all 93 ISO 27001:2022 Annex A controls plus 44 GDPR evidence rules out of the box. Modules are framework-tagged so you can filter the sidebar to ISO-only or GDPR-only at any time.
How is my data secured?add
All data is stored in Google Cloud Firestore, encrypted at rest and in transit. We support EU data residency. ComplAI itself is built to ISO 27001 standards. We eat our own dog food.
Can I export everything to take to my audit firm?add
Yes. PDF exports for Statement of Applicability, Risk Register, Article 30 records, breach notifications, training records, Management Review minutes, and a Readiness Report. All auditor-ready.
What if my organisation is outside the EU?add
ComplAI supports GDPR Art. 27 (EU representative determination) and works globally. The product UI is English; data residency stays in EU regions.
Do you offer a free tier?add
Yes, free for 1 user / 1 site with basic AI generation. Upgrade to Starter when you need more team members, more sites, or higher AI throughput.