complair.
Language
English Deutsch Français Español
Get started — free
80 days until EU AI Act high-risk enforcement (Aug 2, 2026)
For SaaS teams using or shipping AI in Europe

Track every AI system, obligation, owner, and deadline in one board.

When a buyer asks how you govern AI, answer from a live inventory: what you use, who owns it, which risk tier applies, and which proof backs the answer — across AI Act, GDPR, EAA, and ISO 42001-aligned controls. Without hiring a governance team.

Start free See what you produce

Built for SaaS teams preparing for the August 2026 AI Act deadline.

AI Systems Board
Live AI inventory
Hiring Copilot
Deployer
High FRIA due KI
Support Chatbot
Provider
Limited Transparency JM
Lead Scoring AI
Deployer
Minimal Inventoried ME
Done · this week
Annex IV technical file Done
OpenAI questionnaire Done
14 / 22 obligations +3 this week ↑
Ready for
EU-AI-ACT GDPR EAA ISO-42001 SOC-2 NIST-AI-RMF DORA CRA EU-AI-ACT GDPR EAA ISO-42001 SOC-2 NIST-AI-RMF DORA CRA
The questions in your inbox

Three questions land in your inbox each quarter. ComplAir has the answer.

Most teams do not start with "we want compliance software." They start with a buyer waiting on diligence, an auditor asking for evidence, or a regulator starting a clock. Each one of these costs you an afternoon. ComplAir keeps the answer ready.

[buyer] legal@acme-buyer.com
Re: Annex IV technical file before signing

“Before we countersign, can you send the Annex IV file for the AI features in scope and the deployer rationale?”

Have it
Last packet generated 4 days ago. Annex IV § Q12, p.3.
Open the packet →
[auditor] privacy@external-auditor.eu
Re: GDPR Art. 30 record + DPIAs

“Please attach the latest ROPA and the DPIAs covering the AI systems that touch personal data.”

Have it
ROPA last refreshed 3 days ago. 2 DPIAs linked.
Export the bundle →
[regulator] anspdcp@dataprotection.ro
Re: Personal data breach notification

“We received your notification under Article 33 GDPR. Please confirm the affected categories within 72 hours.”

Have it
72-hour clock active. Draft saved 8 minutes ago.
Continue draft →

Each one took an afternoon. ComplAir keeps them ready.

Workflow

From AI list to review-ready proof.

Stop chasing answers across spreadsheets, Slack threads, and the lawyer's reply queue. ComplAir runs the whole loop.

Start with the systems your team already uses. Complair turns them into decisions, owners, documents, and reusable evidence.

01
2 min

Inventory

Pick from a catalog of 200+ SaaS AI tools, or paste a URL and we'll scrape the rest.

02
Instant

Classify

Our classifier maps each system to Annex III tiers with rationale you can override.

03
1 click

Document

22 auto-generated templates — Annex IV, DPIA, FRIA, AI policy, transparency notice, more.

04
Always

Track

Vendor questionnaires, state transitions, audit log and deadline reminders.

And when you're ready to show your buyers the work — Complair publishes a trust page they can review themselves. See Scale →

Common controls

One control can satisfy
three compliance asks.

AI Act, GDPR, EAA, and ISO 42001 often ask for overlapping proof: oversight, transparency, risk management, logging, and incident response. Complair maps controls once, then shows which obligations they support.

Built around EU AI Act obligations, with control mapping that stays compatible with GDPR, EAA, ISO 42001-aligned, and NIST AI RMF workflows.

  • 15 controls mapped to 40+ articles across AI Act, GDPR, EAA
  • Every checklist item chips the regulations it satisfies
  • Evidence attaches once — all covered citations inherit it
  • ISO 42001 / NIST AI RMF-aligned export of the control proof
control graph LIVE
Control
Human oversight
Designed into the system
AI Act
Art. 14
GDPR
Art. 22
EAA
Art. 4
1 policy, 3 citations updated just now
Risk classifier

Classify each system
with rationale you can defend.

Add an AI system. We tell you: is it prohibited, high-risk, limited-risk, or minimal? Which Annex III use-case applies. Which obligations kick in. All with plain-English reasoning — and an override if you disagree.

  • Automatic Annex III mapping
  • Role detection — provider or deployer
  • Per-system obligation set with Articles
  • Explainable with full rationale
Hiring Copilot High risk
Role
Deployer
Annex III
§ 4 (a) Employment
Confidence
94%
Obligations
14 active
Why high-risk? The system ranks candidates for employment decisions, triggering Annex III § 4(a). As deployer, you owe transparency to candidates, human oversight, and a fundamental-rights impact assessment.
Art. 26 Art. 27 Art. 50 +11
4
regulations mapped
< 1 hr
to first compliance score
22
auto-generated documents
98
days until Annex III
Buyer request ready

Show the proof when asked.
Move on.

Start free. No credit card. Map your first 5 AI systems, assign owners, and generate the first evidence your buyers will ask for. Stop chasing answers across spreadsheets, Slack threads, and the lawyer's reply queue.

Map your first 5 AI systems free See pricing