Frequently Asked Questions

complixo is a compliance management platform built for European businesses. It helps you manage compliance across multiple frameworks — EU AI Act, GDPR, NIS2, and DORA — from one dashboard, with integrated controls, evidence management, and risk tracking.

Sign up for a free account — no credit card required. The guided onboarding will walk you through setting up your organization, adding your first applications, and detecting which compliance frameworks apply to you.

Yes. The free plan lets you explore the platform with 1 application and 2 frameworks in view-only mode. It includes risk classification and a dashboard overview. Upgrade to a paid plan when you need more capacity.

Absolutely. Besides the free plan, we offer an interactive demo at complixo.com/try where you can explore the platform with sample data — no account needed.

Plans start at €49/month (Starter), €99/month (Professional), and €299/month (Consultant). All plans are billed annually. See our pricing page for a full feature comparison.

Currently we offer annual billing only. This keeps our pricing transparent and allows us to offer lower per-month rates.

Yes. You can cancel your subscription at any time from your dashboard. Your account remains fully active until the end of your current billing period. We do not provide partial refunds. You can export all your data before your access ends.

complixo ships with 4 built-in frameworks: EU AI Act, GDPR, NIS2, and DORA. Professional and Consultant plans can also create custom frameworks for internal policies or other standards.

complixo uses a Common Control Framework (CCF) approach. You define a control once — like access management — and map it to multiple frameworks simultaneously. This eliminates duplicate work and gives you a unified view of your compliance posture.

Yes, additional frameworks are on our roadmap. ISO 27001 and SOC 2 are planned as next additions. Consultant customers can already create custom frameworks based on any standard.

All data is stored in Frankfurt, Germany (EU) using Supabase with PostgreSQL. All serverless functions run in the EU (Frankfurt). We do not transfer data outside the European Economic Area.

Yes. We practice what we preach. complixo is fully GDPR compliant with EU-only data hosting, full data export and deletion capabilities, row-level security for data isolation, and a hash-chained tamper-proof audit trail.

We use row-level security (RLS) policies so each organization can only access its own data. All connections use HTTPS with HSTS. We implement security headers (CSP, X-Frame-Options, X-Content-Type-Options) and maintain a hash-chained audit log for tamper detection.

Yes. You can export your compliance data in PDF, Excel, CSV, or Word format at any time. Account deletion is available in settings and removes all your data from our systems.

complixo connects risks to mitigating controls and links evidence to prove controls work. This creates a complete chain: identify risk, implement control, provide evidence — all connected and ready for auditors.

Yes. Professional and Consultant plans support CSV/Excel import with a field mapping wizard. This makes migration from existing tools straightforward.

Professional plans include Jira and Slack integrations. Consultant plans get full API access for custom integrations. More integrations are planned.

Free: 1 user, Starter: 3 users, Professional: 15 users, Consultant: unlimited. Each user gets their own role (owner, admin, editor, or viewer) with appropriate permissions.

The Consultant plan supports multi-organization management. This is ideal for consultants who need to manage compliance across multiple client organizations from a single account.