How GeraCompliance works
Fixed-scope AI Act and GDPR compliance — fast, audit-ready.
Quick answers
- What does GeraCompliance deliver?
- A fixed-scope, fixed-price compliance sprint covering EU AI Act risk classification and mitigations plus GDPR posture. Output is a versioned audit-ready dossier you can show to regulators, auditors, and buyers.
- How long does a sprint take?
- Most sprints complete in 4–6 weeks. Critical-risk classifications can take longer if substantial mitigation engineering is required.
- Who is GeraCompliance for?
- AI product companies shipping in the EU, especially scale-ups in regulated sectors (healthcare, fintech, HR, education) and any business that needs to show compliance evidence to buyers.
- What does an audit-ready dossier include?
- Risk classification with reasoning, data flow diagrams, processing register, DPIA, technical and organisational measures, transparency notices, model cards, vendor list, and a signed change log. Exportable as PDF and machine-readable JSON.
The journey, step by step
- 1
Risk classification
We classify your AI system's risk tier under the EU AI Act and identify GDPR special categories. Output: written classification with reasoning.
- 2
Gap analysis and remediation
Where gaps exist, we ship the fixes (DPO appointment, DPA templates, data flow diagrams, technical mitigations, transparency notices).
- 3
Audit-ready dossier
You receive a versioned dossier — signed, exportable, ready for a regulator, an auditor, or a procurement team. We update it as your product evolves.
Ready to start?
GeraCompliance delivers fixed-scope, fixed-price compliance sprints for the EU AI Act and GDPR. Each sprint produces an audit-ready dossier — risk classification, mitigations, documentation, and conti