SimpleAct connects the EU AI Act and GDPR in one platform: capture, assess, and document AI systems – with governance workflows, incident management, runtime monitoring, and integrations for Jira, Teams, or ServiceNow. AI governance and data protection in one system, audit-ready.
✓ No credit card required · ✓ Cancel anytime
Three steps. No legal knowledge required. No chaos.
Inventory
4 AI systems
GPT-4 Assistant
OpenAI
Candidate Matching
Internal
Document Analysis
Microsoft
Support-Chatbot
No more spreadsheets. Every AI system, every provider, every risk level — central, current and auditable.
Does the system make HR decisions?
Are people automatically assessed?
Is there human oversight?
Risk Result
Risk Level
HIGH
Assessment Details
System falls under Annex III, Art. 6 EU AI Act.
Action required
No legal expertise needed. The guided questionnaire translates the AI Act into clear risk decisions.
Dashboard
AI Act 20264
Systems
1
High Risk
3/4
Assessed
78%
Compliance
Risk distribution
4 systemsCompliance checklist
6 / 6100% completed ✓
No stress before audits. Your dashboard shows in real time where you stand — and what to do next.
The AI Act requires companies to demonstrate where and how AI is used, whether use is permitted, and whether sensitive data is processed – or face significant penalties.
With proper documentation you stay on the safe side. Without proof, fines of up to 7% of global annual turnover (max. €35M) can be imposed. With SimpleAct you avoid these risks.
The Digital Omnibus (May 2026) shifts Annex III high-risk obligations to 2 December 2027. Start now — building governance structures takes months, not days.
According to the Software AG Shadow AI Study (2024), 50% of knowledge workers use AI tools without IT approval. What is not captured cannot be documented – and without documentation there is no compliance.
Capturing AI use without a system means: unstructured Excel lists, no systematic risk assessment, no version control. With SimpleAct you avoid these risks.
* Software AG Shadow AI Study 2024, n=6.000 Wissensarbeiter (USA, UK, DE)
Answer 5 short questions in under 1 minute and find out whether your company needs AI documentation.
This lets us tailor the results to your situation.
→ Create an AI inventory and document your high-risk systems.
⚖️ This check is not legal advice. If in doubt we recommend legal review.
Most tools do either AI governance or data protection. With SimpleAct, one captured AI system triggers both sides automatically – all tied to a single audit trail.
Name, vendor, purpose, affected areas, responsible person – entered once.
Owners, reviews, approvals, and a gap-free audit log span both sides – one body of evidence instead of two separate stacks.
That is the difference: competitors document AI or data protection. SimpleAct shows the link between the two – exactly where authorities and audits look.
See how the platform worksOne platform instead of two tools: Starter covers the EU AI Act, and from Professional onwards GDPR is included. Enterprise adds security, integrations, and organisational rollouts.
For smaller companies and first AI governance processes
billed annually
Start with EU AI ActGDPR can be added later
For multiple teams and real governance requirements
billed annually
Start ProfessionalGDPR included from here
For complex compliance, governance, and security requirements
Starter can later be expanded to Professional or Enterprise. GDPR is included from Professional onwards.
For a fast product check
Pilot projects are enabled individually and after the period either transition into a regular subscription or end cleanly.
See pilot projectAs a German company we take data protection and security seriously. Made in Germany means the highest standards with no compromise.
Security & InfrastructureEuropean data protection
German quality
All your data is stored exclusively on German servers in Nuremberg. Backups are held in Falkenstein (Hetzner). No cloud providers outside the EU.
Encryption at rest and in transit, plus regular security reviews for the highest data security.
Our team has experience in data protection (GDPR) and AI governance.
Developed and hosted in Germany with a focus on data protection and reliability.
Fresh updates on the EU AI Act, AI compliance, and practical implementation guidance.
Die EU-Kommission hat den Verhaltenskodex zur Kennzeichnung von KI-generierten Inhalten veröffentlicht. Für Unternehmen wird damit konkreter, wie Chatbots, Deepfakes und KI-generierte Texte ab August 2026 transparent gekennzeichnet werden müssen.
Am 7. Mai 2026 haben sich Parlament und Rat auf den Digital Omnibus on AI geeinigt. Die Hochrisiko-Pflichten verschieben sich auf Dezember 2027 und August 2028. Was genau beschlossen wurde, welche neuen Verbote dazukommen und warum die zusätzliche Zeit kein Grund zum Pausieren i
Artikel 16(l) des EU AI Act verpflichtet Anbieter von Hochrisiko-KI zur Barrierefreiheit nach European Accessibility Act und Web Accessibility Directive. Warum diese oft übersehene Pflicht zur Produktsicherheits- und Haftungsfrage wird und was Anbieter und Betreiber jetzt tun sollten
Am 19. Mai 2026 hat die EU-Kommission ihre Entwurfsleitlinien zur Hochrisiko-Einstufung nach Artikel 6 veröffentlicht. Was der Filter-Mechanismus nach Art. 6(3) erlaubt, welche drei Schlupflöcher die Kommission schließt und was Unternehmen jetzt prüfen sollten.
Warum die neuen High-Risk-Guidelines des EU AI Act Unternehmen jetzt betreffen
KI im Recruiting und Personalmanagement ist Hochrisiko nach Anhang III des EU AI Act. Was das für die Personalleitung bedeutet, welche Tools betroffen sind und welche strategischen Entscheidungen jetzt auf C-Ebene anstehen.
In a short demo we show how to build your AI inventory, classify risk and document it audit-ready – tailored to your situation.
Made in Germany · EU hosting · no credit card
