komplai

Security & compliance

Everything your legal and IT-security teams need, in one place.

Compliance status, procurement pack, hosting options, and audit surface — together on one page so you can share the link with your team and their lawyers without forwarding six separate documents.

Compliance

  • GDPR
  • NIS2
  • EU AI Act
  • ISO 27001
  • ISAE 3402 Type II
  • D-mærket
  • WCAG 2.2 AA

Datatilsynet's DPA template. EU-only by default, no third-country transfers in the standard config. AI features positioned under Article 6(3). Documents and product UI both WCAG 2.2 AA.

Procurement pack

DPA, DPIA, TIA, risk assessment, sub-processor list, ISAE 3402.

Sent on day one, no NDA. Mapped to the controls your legal team and IT security will ask about. See the full procurement page for what each document covers, what it doesn't, and how each law applies to your setup.

See our standard documents

Hosting

Run komplai exactly where you want.

We meet your IT where it already lives. komplai is just Docker containers — we install on whatever you choose, set up backups, monitoring and updates, and you treat it like any other internal system. Many municipalities run it in their existing Azure tenant; some prefer dedicated EU hosting; others run it on-prem. All paths work. Same audit log, same DPA, same compliance posture wherever it lands.

Where it can run

  • On your premises

    Your own server, your datacenter, your on-prem appliance. 100% control — no third party involved.

  • Your cloud tenant

    Azure, AWS or GCP. Most Danish municipalities have an Azure strategy — komplai installs there same day.

  • EU cloud

    Hetzner Cloud (Falkenstein), gitc.dk (Copenhagen), or other EU providers. Schrems II–clean and out of US Cloud Act exposure.

  • Wherever else

    Other VPS providers, physical hardware, hybrid setups. Send us your setup — we'll figure it out.

We recommend an EU region or your own infrastructure for sovereignty reasons (AI Act, Schrems II), but we respect your call. What matters most is that it's easy for you.

AI models

  • Local model on each machine
  • Your own models (Ollama / vLLM)
  • Your API keys (OpenAI / Anthropic / Mistral)
  • Our EU models

Identity

  • Direct to your IdP (Entra · AD · ADFS)
  • Our Zitadel · EU-hosted
  • Our Zitadel · your on-prem

What you get wherever it runs

  • Installation + updates
  • Daily backups to your chosen storage
  • 24/7 monitoring with alerting
  • Audit log + compliance reports
  • DPA + maintained sub-processor list

Pricing depends on your infrastructure and usage. Send us your setup and we'll send back a quote — usually within one business day.