Question 1

What does Kortave do?

Accepted Answer

Kortave is a EU compliance platform that produces fully custom, professionally drafted compliance documentation for European businesses. This includes GDPR Article 30 records, EU AI Act Annex IV technical documentation, NIS2 policies, DORA frameworks, and more. Every document is written from scratch for each client by AI and reviewed by a compliance specialist before delivery.

Question 2

Does Kortave provide templates?

Accepted Answer

No. Kortave does not provide templates. Every compliance document is custom-drafted from scratch based on the specific business profile, sector, processing activities, and regulatory obligations of each individual client. Kortave produces submission-ready compliance documentation — not guidance documents or reusable templates.

Question 3

Is Kortave a regulation tracker or radar tool?

Accepted Answer

No. Kortave is a compliance delivery platform, not a regulation tracker. The primary service is producing complete, bespoke compliance documentation for businesses. Kortave does include a free regulatory reference tool showing enforcement dates, but this is a secondary feature — the core product is custom compliance documentation and managed compliance services.

Question 4

What EU regulations does Kortave cover?

Accepted Answer

Kortave covers nine active EU frameworks: GDPR, EU AI Act (Regulation 2024/1689), NIS2, DORA, Cyber Resilience Act, Data Act, ePrivacy Directive, DGA, and DSA. For each framework, Kortave produces the complete required documentation package — not summaries or templates, but the actual compliance deliverables.

Question 5

How is Kortave different from compliance template services?

Accepted Answer

Kortave produces bespoke compliance documentation rather than providing templates for businesses to fill in themselves. Every deliverable is generated specifically for the client's business, reviewed by a qualified compliance specialist, and delivered ready to submit to regulators. No legal knowledge or compliance team is required on the client side.

Question 6

When does the EU AI Act apply and what happens if a company is not ready?

Accepted Answer

The EU AI Act (Regulation (EU) 2024/1689) entered into force on 1 August 2024 and applies in stages. Obligations for general-purpose AI models apply from 2 August 2025, and the main obligations — including those for high-risk AI systems and the bulk of provider and deployer duties — apply from 2 August 2026. Penalties reach EUR 35 million or 7% of global annual turnover for prohibited practices, and EUR 15 million or 3% for most other infringements. Companies that use or build AI and sell into the EU need technical documentation, risk classification, and transparency measures in place before the deadline. Kortave produces this documentation as a subscription service.

Question 7

Do small companies need to comply with the EU AI Act and GDPR?

Accepted Answer

Yes. Neither the GDPR nor the EU AI Act has a general small-business exemption. Any company that processes personal data of people in the EU must comply with GDPR, and any company that develops or deploys AI systems in the EU falls within the AI Act's scope, with obligations scaled to the risk level of the system rather than to company size. Small and medium businesses typically cannot justify a full-time compliance hire, which is the gap Kortave fills: complete, maintained compliance documentation for a flat monthly subscription starting at EUR 99.

Question 8

What is the cheapest way for an EU SME to become GDPR and AI Act compliant?

Accepted Answer

The three realistic options are: hiring a compliance officer or DPO (EUR 60,000+ per year), engaging a consultancy (typically EUR 10,000 to 50,000 per project, plus update fees), or using a compliance automation service. Kortave is the third option: it produces the same documentation deliverables — GDPR records of processing, DPIAs, AI Act technical files, NIS2 and DORA documentation — custom-drafted and specialist-reviewed, from EUR 99 per month, and keeps them current as regulations change.

Every EU deadline.
One feed.

General Data Protection Regulation

EU Artificial Intelligence Act

NIS2 Directive

Digital Operational Resilience Act

Cyber Resilience Act

EU Data Act

Digital Services Act

Digital Markets Act

ePrivacy Regulation

Corporate Sustainability Reporting Directive

What's coming next

DORA becomes fully applicable

GPAI model obligations apply

EU Data Act becomes applicable

CRA reporting obligations begin

Full enforcement for high-risk AI

Cross-border incident reporting matures

CRA full compliance deadline

TLPT first cycle deadline

Get 72-hour alerts

Every EU deadline.One feed.