Vaxelia
Vaxelia
Platform overview Worldview Plan & Procedure Workflows Applets Compliance
All solutions Vaxelia for Fashion More industries coming soon
Partners overview Weaver Build on Vaxelia SDK & API Partner Program
Pricing
About Contact Careers
EN

Platform/Compliance

Compliance, built right in.

Most platforms leave compliance to you, or sell it as an add-on. Vaxelia includes a full compliance app as part of the engine, covering the rules your business has to follow, with the workflows, evidence and AI oversight regulators expect.

See the engine

Compliance app

Every obligation, on one dashboard.

app.vaxelia.com / compliance
Dashboard
Data Protection Officer view
Search⌘K
DP
Framework coverage
100%
GDPR
92%
EU AI Act
78%
HIPAA
64%
SOC 2
Upcoming deadlines
FRIA: recommendation model
EU AI Act · Art. 27
9 days
GOTS renewal for Atelier Lyon
Sustainability · supplier cert
14 days
Records of processing review
GDPR · Art. 30
21 days
Open data requests3 active
RefTypeStageDue
DSR-4821AccessVerifying12d
DSR-4820ErasureFulfilling8d
DSR-4818AccessIntake28d

Example screen, sample data

The frameworks you answer to, all covered.

One compliance app, covering data protection, AI oversight, security and industry rules.

Data protection & privacy
GDPR
Handle people’s data requests, privacy notices, cookie consent, records of what you process, and regulator contacts.
HIPAA
Business associate agreements, breach response, and health-data requests.
CCPA
Handle the data requests California consumers can make.
AI oversight
EU AI Act
Keep a register of every AI system, run rights-impact assessments (Art. 27), log automated decisions, explain them to people (Art. 13), let them challenge them (Art. 14), and publish plain-language model cards.
Security & resilience
SOC 2
Audit-ready evidence packs, signed and tamper-proof.
ISO 27001
An evidence room and audit packs for your security management system.
NIS2
Track security incidents and run breach-notice workflows (Art. 23(4)).
DORA
Operational-resilience incident handling for financial firms.

Every plan includes GDPR, CCPA and EU AI Act coverage; HIPAA, NIS2, DORA and SOC 2 / ISO 27001 audit support unlock as you move up plans. How many frameworks and how deep the features go scale with your plan. See pricing

Workflows, evidence and oversight in one place.

Data requests
A public request form, plus an internal queue with ID checks (encrypted document handling) all the way through to completion.
AI oversight
Register every AI system, run impact assessments, log automated decisions, explain them to people, and handle challenges across the full EU AI Act lifecycle.
Privacy notices & cookie consent
Rich, versioned privacy notices in multiple languages, hosted for you, plus a public cookie-consent banner you can configure per site.
Incident command
Track security incidents by severity through a clear workflow, with regulator notices recorded.
Audit-ready evidence
Build signed, tamper-proof evidence packs (PDF/JSON/ZIP) for audits, backed by a risk register and an evidence room.
Regulator contacts & BAAs
A register of your regulators, and HIPAA business-associate agreements in one place.
Dashboard for each role
Tailored views for your data-protection officer, security lead, compliance officer, auditor and owner, with coverage gauges and deadlines.
Six languages
The whole app in English, German, Spanish, French, Dutch and Portuguese.

A look inside

A view for every role.

Tailored views for your data-protection officer, security lead, compliance officer, auditor and owner.

The Compliance Posture dashboard: open incidents, high-risk AI systems, framework coverage across GDPR, SOC 2, NIS2, and HIPAA, and EU AI Act governance.

Compliance that runs with your business.

Because compliance is part of the engine, it sees what the rest of the platform does. When a specialist or a workflow makes an automated decision, the app logs it for the AI Act automatically. When a Plan touches regulated data, the obligation shows up. Compliance runs on the very same business it watches over, so there’s no separate system to reconcile.

See how Plans work

Security & privacy

Private and secure by design.

Your data kept private
Walled off at the infrastructure level. No other company can reach your data, and nothing you do trains anyone else’s system.
Access control
Role-based access down to the workspace, record and field; extra checks on sensitive actions; every role change logged.
Encryption
AES-256 at rest; TLS 1.3 in transit.
Sign-in
Single sign-on (SAML 2.0, OpenID Connect) and multi-factor login.
Data residency
EU primary; alternative regions for Enterprise.

Make compliance part of how you run.