Flexible pricing, so you only pay for what you need.

#1 Product suite for all your data protection and information security compliance needs.

Select a plan that is right for you:

Data Protection (GDPR & ISAE 3000)

Our pricing plans have been designed to meet the core requirements of compliance and your business needs across a range of data protection frameworks.

Data Protection


Per month

Data Protection Premium


Per month

Company size and organisational structure

Group of companies and organisational structure

Up to 3 entities

Up to 3 entities

Number of users



Company size

Up to 100 full-time employees

Up to 100 full-time employees

Mapping and RoPAs

Data mapping and art. 30 records

IT systems and vendors mapping

Automated data suggestions

Combine information security assets with records

Automated geographical overview and map of data locations

Risk management

Risk assessment builder for assets, vendors, processing activities etc.

Automated risk overview and prioritization

Risk reporting

Automated suggestions to threats and security measures

Option to customize catalogues for threats, risks and security measures

AI-supported automation of risk descriptions (coming soon)


Generate all mandatory documents by simply answering questionnaires

Automated renewal work flows

ComplyCloud maintains the legal content in accordance with practice and changes

Document approval and digital signature work flows

Automated log files of all controls to always document compliance

Task management and collaboration

Pre-made and automated cycle of work (compliant with ISAE 3000 and ISO 27701)

Automated task generation from annual cycle of work

Task management features (assign, delay, verify etc.)

Create and customize your own controls with custom frequency, approval-flow etc.

Automated documentation of controls with legal argumentation, gaps and recommendations

Vendor management

Overview of all vendors and vendor information

Geographical overview of data flows and locations

Automated generation of data in records based on vendor information

Include vendors in task management

Risk assessment builder for vendors

Generate data processing agreement, NDAs and check lists for data processing agreements

Vendor audits

Inclusion of vendors in annual cycle of work

Tasks generation for audits of vendors

Collect and log vendor audit documentation on vendors

Send audit questionnaires to vendors (scope compliant with ISAE 3000 and ISO 27001)

One-click audits - we do the annual audits for you

Get a quote

Platform and security

ISAE 3000 (type 2) prepared and shared annually

EU-dedicated hosting and encryption at rest

Differentiated user access and rights

Single-sign-on (SSO) SAML protocol

Automatic user provisioning with SCIM

Rest API for integrations

Optional Add-ons

ComplyHero Awareness and Training

Explore our e-learning platform that truly makes compliance knowledge stick.

Lawyer on Demand

Get priority access to our legal team support.

Onboarding and Implementation

Take charge of your success with a personalized onboarding and complete implementation.

Learn More >

Full feature overview of our add-ons


Automated Vendor Management and Audits


Collection of vendor data

Mapping of "where is our data?" overview

Annual maintenance of collected vendor data

Automated sub-processor information and mapping

Collection of audit material from vendors (ISAE 3000, ISO certificates, SOC2 etc.)

Legal professional review of audit material and completion of full audit report

If no audit material exists, individual audit with information collection and questionnaire


ComplyHero Awareness and Training


Online learning platform with easy admin setup

Content and material built in accordance with ENISA's best practices for awareness training

Tailormade courses with a mix of videos, quizzes and explainer graphics

New and updated courses are made every year to follow practice and improve content

Tailored onboarding

Email support

Multi-language translation

Dashboard and course progress insights

Reporting download as CSV

AD Integration/SSO with work e-mails (coming soon)

The following content that may be assigned as you please: NIS2 for managers and executives, GDPR and IT security basics for all employees, GDPR for HR employees, GDPR advanced for all employees, IT security advanced for all employees, GDPR for sales and marketing, GDPR and IT security for IT employees


Lawyer on Demand


Priority access to our legal team


Legal support by legal professionals via online meetings or e-mail



Onboarding and Implementation


Customized onboarding

Priority support

Dedicated customer success manager