How it worksFeaturesPricingSign inGet started free
UK and EU GDPR compliance for SMBs

GDPR compliance for businesses that don't have a privacy team.

Enter your business name and website. Our AI scans your site, detects the tools you use, and builds your compliance documentation automatically - ROPA, privacy policy, vendor checks, and gaps to fix.

Get started free

Free plan available. No credit card. Setup takes about 15 minutes.

GDPR non-compliance is not a grey area. It's a liability.

The UK Information Commissioner's Office (ICO) can fine any organisation up to £17.5 million or 4% of global annual turnover - whichever is higher. Under EU GDPR, it's €20 million or 4%. These are not theoretical numbers: regulators issued over €6.8 billion in GDPR fines since 2018, and enforcement is increasing every year.

You don't need to be Meta to get fined.
The ICO regularly investigates SMBs. The most common violations - no valid legal basis for processing, missing privacy notices, and inadequate data processing agreements - are exactly the problems Complied+ helps you fix. The average GDPR fine for small organisations starts from around €1,000, but the reputational damage and lost contracts often cost far more.

You know you should sort out GDPR. You just haven't had time.

The ICO sent an email. Or a client asked for your privacy policy. Or you're adding new tools to your Shopify store and realised you have no idea if Klaviyo, Meta Pixel, and Stripe are all covered by a data processing agreement.

You're not a privacy expert. You don't have a legal team. And the enterprise compliance tools cost more than your quarterly ad spend. That's what Complied+ is for.

How it works

Step 1
We discover your business
Enter your business name and website. Our AI scans your site to detect the tools and trackers you already use, classifies your business type, and builds a compliance profile. You review what we found and fill in anything we missed.
Step 2
We build your ROPA
Our AI maps your business to a complete Record of Processing Activities under GDPR Article 30. Every processing activity, legal basis, retention period, and vendor is identified. You review and confirm.
Step 3
Policy, DPA status, remediation
You get a publish-ready privacy policy, a vendor DPA checklist, and step-by-step remediation guides for anything that needs your attention. Ongoing monitoring keeps you compliant as things change.

Most small businesses are using tools they haven't assessed.

When you signed up for Mailchimp, did you check whether their data processing agreement covers GDPR? Did you know that Meta Pixel makes you a joint controller, which means consent is the only lawful basis you can use?

Our vendor library covers 300+ tools with verified DPA status, transfer mechanisms, and plain-English risk notes. When we generate your ROPA, we link every vendor automatically.

Built for businesses like yours

If you handle personal data but don't have a DPO or legal team, Complied+ is built for you.

E-commerce shops
Shopify, WooCommerce, or custom stores collecting customer data, running ads, and using analytics.
SaaS startups
Processing user data, integrating third-party tools, and fielding DPA requests from enterprise clients.
Freelancers and consultants
Solo operators who handle client data and need a privacy policy and compliant processes without hiring a lawyer.
Agencies
Marketing, web, or IT agencies managing compliance across multiple client businesses from one dashboard.

Everything you need. Nothing you don't.

ROPA generation
Full GDPR Article 30 record built automatically from your business profile. AI-inferred with confidence scores so you know what to review.
Living privacy policy
Generated from your ROPA, not from a template. When your ROPA changes, your policy stays in sync automatically.
Vendor DPA library
300+ tools with verified DPA status, data transfer mechanisms, and plain-English risk notes. Linked to your ROPA automatically.
Risk radar
New tracker detected on your site? Vendor changed their DPA? We flag it with severity ratings and tell you exactly what to do.
DSR workflow
Subject Access Request comes in? Our AI drafts a response letter with legal reasoning from your ROPA, and tracks the 30-day deadline.
Audit-ready export
Export your ROPA as PDF, CSV, or JSON. Version history included so you can prove compliance at any point in time.
Automated site scannerGrowth
Continuous monitoring of your website for new trackers, cookies, and third-party scripts. Get alerted when something changes.
Compliance scoreGrowth
A single number showing where you stand. Track your progress over time and prove improvement to clients or auditors.
DPIA toolGrowth
Guided Data Protection Impact Assessments for high-risk processing. Pre-filled from your ROPA, with risk scoring and mitigation steps.
Breach response plannerGrowth
Step-by-step breach response workflow. Assess severity, determine ICO notification requirements, and generate a 72-hour response plan.

Simple, honest pricing.

All paid plans include a 14-day money-back guarantee. No long-term contracts.

MonthlyAnnualSave 20%
Free
£0
/month
See what Complied+ can do
  • 1 user
  • 5 ROPA activities
  • 40 vendors in library
  • Draft privacy policy
Start free
Most popular
Starter
£49
/month
Get your compliance sorted
  • 2 users
  • Unlimited ROPA activities
  • Full 300+ vendor library
  • Living privacy policy
  • DSR workflow
  • Risk radar
  • Audit-ready PDF export
Get Starter
Growth
£149
/month
Stay compliant, prove it
  • 5 users
  • Everything in Starter, plus:
  • Automated site scanner
  • DPIA tool
  • Breach response planner
  • Compliance score tracking
  • Priority risk alerts
Get Growth
Agency
£299
/month
Manage clients at scale
  • Unlimited users
  • Everything in Growth, plus:
  • Unlimited client businesses
  • Client workspaces
  • White-label exports
  • Agency dashboard
  • API access
Contact us
What Complied+ is
  • A practical compliance tool that does the heavy lifting for you
  • AI-generated documentation you can review, edit, and export
  • A verified vendor library so you know which DPAs you need
  • Ongoing monitoring that keeps your compliance current
What it isn't
  • Legal advice - every output is a draft for your review
  • A substitute for a DPO if you are legally required to appoint one
  • Suitable for special category data without professional oversight
  • A replacement for qualified counsel if you are facing ICO enforcement

Common questions

Do I need technical knowledge to use Complied+?
No. Enter your business name and website, and our AI does the rest. You review what we find and confirm. No legal or technical knowledge required.
How accurate is the ROPA it generates?
Our AI uses a curated taxonomy of processing activities for each business type and a verified vendor library. Fields where the AI is less certain are flagged with confidence scores for your review.
Is this legal advice?
No. Outputs are AI-generated drafts for your review. We are not a law firm and no solicitor-client relationship is created. See our Terms of Service.
What if I use a tool that's not in your library?
You can add any tool manually. We'll include it in your ROPA with a note that the DPA status needs manual verification.
Does Complied+ cover EU GDPR as well as UK GDPR?
Yes. The product covers both UK GDPR and EU GDPR. The core obligations are virtually identical. Our vendor library includes transfer mechanisms for both UK and EU adequacy decisions, and we flag where the two regimes differ.
Where is my data stored?
Your data is stored in the EU (Frankfurt, Germany) on Supabase infrastructure with encryption at rest and in transit. We do not share your data with third parties. Your compliance documentation is yours.
Is my data secure?
Yes. We use row-level security so each business can only access its own data. All connections are encrypted with TLS. Authentication uses magic links - there are no passwords to leak.
Can I export my data if I cancel?
Yes. You can export your ROPA as PDF, CSV, or JSON at any time, including after cancellation (for 30 days). Your data is yours and we make it easy to take with you.
How long does setup take?
About 15 minutes. Enter your business details, review what our AI finds, and you will have a complete ROPA, privacy policy, and vendor checklist ready to go.
Ready to sort out GDPR?

Free plan. No credit card. Takes about 15 minutes.

Get started free