VPointEU

Compliance, made visible.

Compliance
you can show,
not just file.

Trust, made visible — a European compliance platform for GDPR, whistleblowing, AI governance and training.

A unified compliance platform for the European mid-market — GDPR, AI governance, whistleblowing and workforce training. The proof your partners and procurement teams can actually see. ESG reporting, also on the way.

Request a demo Read our philosophy

— By the numbers

01.

Proven across
Europe.

150+

Organisations on the platform today— across Europe

8yrs

Compliance consultancy behind every module— from real practice

70%

Less manual work on routine compliance— up to, internal benchmark*

3+2

Modules live today, with AI Governance & ESG in development— Q3 2026 and beyond

* Figures are an internal benchmark based on customer measurement during Q1 2026. Detailed methodology available on request.

— Our philosophy

02.

Compliance
as trust, made visible.

Compliance is the only function that gets cheaper the better you do it. Most institutions still treat it as cost — as insurance, as a tax for operating in Europe. Your partners see it differently.

Your enterprise customers, your procurement reviewers, the supply-chain auditors at your largest client — they don't want to hear that you take compliance seriously. They want to see it: a DSAR resolved in eleven days, a whistleblower case closed with the source still anonymous, an AI governance inventory auditable in an afternoon, a training certificate every employee can produce on demand.

That isn't paperwork. That's trust, made visible — and in the deals you're trying to close, it's the difference between “we're still reviewing” and “contract on Friday.” VPoint is built for the institutions that figured out compliance isn't a cost centre. It's the most under-priced sales infrastructure in B2B.

Three modules live today,
two more on the way.

Each module stands on its own. Together, they form a compliance posture you can put in front of any partner, auditor or procurement team.

VPoint is built for institutions running a documented compliance programme — not for a one-off GDPR document pack.

i.

— GDPR & data protection

GDPR, finally tractable.

A unified spine for data-subject requests, consent, processing records and security incidents. Automated documentation, statutory clock-tracking, and audit-ready trails — distilled from eight years of compliance practice into one clear workflow.

  • DSAR, erasure & consent queues
  • Processing records & Article 30 ROPA
  • Security-incident workflow
  • Statutory clocks & audit trails
Read the module brief →Generally available

ii.

— Whistleblowing

Speak-up, in confidence.

End-to-end implementation of the EU Whistleblower Directive. Anonymous intake portals, encrypted case work, and investigator handoffs that protect the source from the first second — with a dynamic form builder for the cases you can't predict.

  • Anonymous, source-protected intake
  • Encrypted case lifecycle & SLAs
  • Investigator workbench with audit trail
  • Dynamic form builder per case type
Read the module brief →Generally available

iii.

— Workforce training

Training, AI-drafted from your policies.

Upload your internal policies and resources — the platform drafts video scripts, slides and tests. Your team refines, publishes, and tracks completions. Certificates issue automatically with expiry tracking and an audit-grade trail.

  • AI-drafted video scripts & slides
  • Tests with configurable passing scores
  • Certificates with expiry tracking
  • European languages, more on the way
Read the module brief →Generally available

iv.

— AI Governance — in development

AI Governance, Q3 2026.

In active development for a Q3 2026 release. The EU AI Act is the urgent driver — system inventories, Annex III risk classification, FRIA workflows, human-oversight registers — but the underlying competence is broader AI governance: inventory, classify, monitor, audit, document. Built so AI Act readiness is a side-effect of running a real governance programme. Readiness programme available now while the software module lands.

  • AI system inventory — in design
  • Risk classification (Annex III & beyond) — planned
  • FRIA & conformity workflow — planned
  • Human-oversight & audit registers — planned
Follow the roadmap →Coming Q3 2026

v.

— ESG reporting — planned

ESG & sustainability disclosures, next on the roadmap.

Following the EU AI Act, ESG and CSRD reporting will join the platform as a first-class module — bringing emissions, social impact and governance disclosures into the same clear workflow as the rest of compliance.

  • CSRD / ESRS reporting
  • Emissions inventory
  • Social & governance disclosures
  • Audit-ready data trails
Follow the roadmap →Coming 2027

VPoint is the first European platform we've adopted that didn't feel like a translation of an American product. The AI Governance module, in particular, reads as though it were written here.

Compliance Director

Regional financial institution, Czechia — anonymised on request

— Comparison

VPoint, side by side with modern compliance tools.

Compared with today's compliance platforms — security-certification tools (Vanta, Drata) and EU privacy suites (heyData, DataGuard). Most cover one slice deeply. VPoint runs the EU regulatory remit end to end.

What it's built for

the core job

Modern compliance toolsSecurity certs (SOC 2 / ISO 27001), or GDPR advisory + DPO
VPointOperating the EU regulatory remit, day to day

Cost

for a mid-market org

Modern compliance toolsEnterprise quotes (US) or per-seat add-ons
VPointMid-market, per-organisation tiers

Whistleblowing

EU Directive 2019/1937

Modern compliance toolsRarely a first-class module
VPointDedicated module: dynamic forms, anonymous intake, investigator workbench

Workforce training

how content is built

Modern compliance toolsGeneric course catalogue
VPointAI-drafted from your own policies

Data residency

where records live

Modern compliance toolsUS-built tools often US-hosted
VPointEU-only

— First 14 days

What happens
in your first 14 days.

Template-led setup, not a six-month rollout. Most institutions are running real compliance workflows in the platform within two weeks.

  1. Day 1–2

    Import what you have

    Existing policies, registers, and documentation lift into VPoint via templates and CSV. We help you triage what's current vs archive.

  2. Day 3–5

    Configure modules and roles

    Module enablement, RBAC, sub-processor list, statutory clocks, and notification flows are configured against your operating model.

  3. Day 6–8

    Train responsible users

    DPO, HR, and module owners trained on intake, case handling, training authoring, and audit-trail review. One 90-minute session per role.

  4. Day 9–12

    Run live workflows

    First whistleblower intake, DSAR queue, and training rollout go live in the platform. Statutory clocks running. DPO reviewing in-flight evidence.

  5. Day 13–14

    Produce first audit pack

    Export a complete audit-ready evidence pack: ROPA, DSAR history, incident log, training certificates. Hand to legal or external auditor.

— Proportionate pricing

One annual figure. No surprises.

Pricing that respects a mid-market budget. Tiers below cover the platform subscription. Implementation and support are quoted separately — the procurement comparison above lists indicative all-in figures for a 250-seat institution.

Tier — Foundation

For institutions of 50–250

€89/mo

per organisation, billed annually

  • Whistleblowing module
  • GDPR & data-protection core
  • Unlimited cases
  • EU data residency
  • Email support
Choose Foundation
Most chosen

Tier — Institutional

For institutions of 250–2,500

from€249/mo

per organisation, billed annually · scales with headcount

  • All three live modules
  • AI Governance module on Q3 2026 release
  • AI-drafted workforce training
  • Dedicated implementation lead
  • SLA 99.95% — 4-hour response
Choose Institutional

Tier — Sovereign

Ministries & regulated groups

POAannual

price on application — bespoke

  • Private deployment option
  • Roadmap input access
  • Custom AI Act registers
  • Procurement-grade vendor pack
  • Named compliance lead
Speak with us

Let's make your
compliance visible.

Thirty minutes with our European compliance team. No sales theatre, no obligation. A careful look at what your partners need to see — and how to get there.

Request a demonstration

Get in touch

Tell us about your compliance posture and we'll come back within one business day.

Address
Na Roudné 443/18, 301 00 Plzeň, Czech Republic
Company ID
IČO 25232240

By submitting, you agree we may contact you about your enquiry. See our privacy policy.