Do you have control over AI usage?
Map systems, assess risk and document measures — before management, regulators or media ask.
30 days free. No credit card. · For procurement — request a quote
AI systems
23
Assessed
18
High-risk
4
AI survey Q2 2026
7 using private AI accounts
4 systems missing risk assessment
Recent activity
\u00b7 HR completed FRIA for recruitment system
\u00b7 IT registered 3 new systems from survey
\u00b7 Supervision bundle exported Mar 28
From uncontrolled AI to documented control
Four steps. Each builds on the previous. The whole process takes under one hour per system.
Map
Find out what’s actually being used.
< 1 week
for whole org.
Send survey links to department heads. Employees answer 4 anonymous questions — no login, under 3 minutes. Uncover shadow AI and hidden usage.
Register
Turn findings into a structured register.
1 click
to register
Transfer survey findings with one click. Each system gets an owner, vendor, use cases and department. One source of truth.
Assess
See what needs follow-up.
~15 min
per system
Everyday questions classify risk automatically. High-risk? FRIA wizard for public sector, DPIA recommendation for private.
Document
Collect everything in one audit-ready bundle.
One click
complete ZIP
Export the supervision bundle — register, assessments, FRIA, contracts, guidelines. Ready for management or regulators.
For whom
Built for organisations with high governance standards
Digitalisation / IT leader
“We’ve rolled out AI tools, but nobody has an overview of how they’re actually used.”
KI-Krav gives you one place with visibility, risk overview and documentation — ready to show management or regulators.
Start free mapping →CEO / Director
Accountable for AI usage. Dashboards, status and audit-ready exports.
DPO / Legal
DPIA, FRIA, guidelines and contract templates. Wizards with legal references.
HR / Procurement
Is AI usage in recruitment high-risk? Automatic classification and documentation.
Built for trust and procurement
EU/EEA data. Audit trail on everything. Export bundle ready for the day someone asks.
EU/EEA
Data storage
Supabase, Frankfurt. No third-country transfers.
100%
Audit trail
All actions logged with who, what, when.
EHF
Procurement-ready
EHF invoice, DPA, org hierarchy, observer access.
One ZIP
Audit-ready export
Register, assessments, FRIA, contracts, guidelines.
Simple, transparent pricing
No hidden fees. Cancel anytime. Start free today.
Free
- Includes 30 days Pro access
- 3 AI systems (after trial)
- Risk classification
- Basic documents
- Public AI register
Pro
- Unlimited AI systems
- FRIA wizard + publishing
- Contract templates (NO + EN)
- Incident reporting
- Supervision bundle ZIP export
- PDF + PowerPoint reports
- Email support
Enterprise
- Everything in Pro
- Organisation hierarchy
- Master dashboard
- EHF invoice
- Data Processing Agreement (DPA)
- SLA agreement
- SSO (coming soon)
Frequently asked questions
Yes, already today. GDPR requires that employers have an overview of processing activities — including AI. The AI Act strengthens this from August 2026. KI-Krav’s survey module covers both.
An AI systems register, risk assessment per use case, documented measures, and a complete supervision bundle. KI-Krav gives you all of this.
Send a survey. Department heads forward the link. Employees answer anonymously. You see what’s used, by whom, and whether it’s high-risk — without talking to anyone personally.
The employer is responsible — even when employees act against instructions. Unauthorised sharing is a privacy incident with a 72-hour reporting obligation. The survey uncovers this.
Per use case. Copilot for email is different from Copilot for sorting job applications. KI-Krav separates this in risk classification.
DPIA is about preventing privacy breaches. FRIA is about fundamental rights impact. KI-Krav supports both and guides you to the right assessment based on risk level.
Learn about FRIA assessment →