Simple, transparent pricing
Choose the plan that fits your CRA compliance needs. Every plan includes EU data residency and the full Academy.
Most Popular
Professional
For solo founders and 1–3 product manufacturers.
€59/mo
- 3 products · 3 users
- Everything in Free, plus:
- Unlimited SBOM uploads + vulnerability scanning
- Declaration of Conformity + end-user info PDFs
- Incident reporting (24h / 72h / 14d)
- 90-day activity log
- Email support (48h response)
- 100 AI Copilot messages / month
Business
For manufacturers with multiple product lines and an active compliance team.
€219/mo
- 15 products · 10 users
- Everything in Professional, plus:
- Daily continuous vulnerability monitoring
- Public PSIRT page + security.txt
- Full document template library
- API access (120 req/min)
- Priority support (8h) + guided onboarding
- 99.5% SLA
- 500 AI Copilot messages / month
AI Boost add-on
Top up any paid plan with 300 extra Copilot messages every month for €49/mo.
Need more than Business?
For large portfolios, regulated verticals, SSO, parent-child groups, or a custom SLA, we build a plan and price around your requirements.
- Unlimited products and team members
- SSO / SAML · SCIM provisioning · parent-child org linking
- Dedicated CSM, guided onboarding, and a custom MSA
Compare plans
Every feature, across every tier.
Feature
Free
Professional
Business
Limits
Products
1
3
15
Team members
1
3
10
SBOM uploads
—
∞
∞
Activity log retention
30 days
90 days
∞
CRA compliance
CRA scope assessment wizard
Product classification (default / important / critical)
Annex I compliance checklist
Conformity assessment (Module A / B+C / H)
Entity-role obligations (manufacturer / importer / distributor / AR)
Notified-body tracking
SBOM + vulnerabilities
SBOM upload (CycloneDX + SPDX)
—
Component catalog
—
Vulnerability scanning (OSV.dev)
—
CISA KEV flagging
—
CVSS severity classification
—
Triage workflow + MTTR tracking
—
Actively-exploited flag
—
Continuous monitoring frequency
On-demand
Weekly
Daily
VEX / CSAF export
—
—
Documents + PDFs
Declaration of Conformity PDF
—
End-user information sheet PDF (Annex II(3))
—
Document templates library
—
Full library
Full library
Technical file builder
—
AI assistant (Copilot)
Copilot messages / month
10 / mo
100 / mo
500 / mo
AI drafting (DoC, incident, threat model)
—
AI Boost add-on
—
+300 / mo (€49)
+300 / mo (€49)
Notifications & alerts
Notification topics
None
Important
Important
Incident management
Incident reporting (Article 14)
—
24h / 72h / 14d deadline tracking
—
Incident report PDF exports
—
ENISA filing assistance
—
—
CVE linkage from incidents
—
Public security (PSIRT)
Public PSIRT page (/security/<slug>)
—
—
security.txt (RFC 9116)
—
—
Public vulnerability-report intake
—
—
PSIRT triage workflow
—
—
Public trust page
—
—
Auditor share links
—
—
Product lifecycle
Release tracking + CVE-fixed mapping
Support-period tracking
Update-channel tracking
Training + help
Academy (10 CRA lessons)
Full access
Full access
Full access
Quizzes + PDF certificates
Team progress tracking
—
CSV export of team progress
—
By-screen lesson recommendations
CRA glossary (50+ terms)
Data + exports
GDPR data export (Art. 20)
GDPR deletion rights (Art. 17)
Activity log CSV export
—
Data residency
EU
EU
EU
Billing currency
EUR
EUR
EUR
Integrations
REST API access
—
—
Webhooks
—
—
SSO / SAML
Enterprise
SCIM provisioning
Enterprise
Slack slash commands
—
—
GitHub Action (SBOM upload)
—
—
Jira issue creation
—
—
Two-way Jira / ServiceNow sync
Coming soon
Coming soon
Coming soon
Security
Two-factor authentication (TOTP)
Role-based access (5 roles)
Multi-admin deletion confirmation
Audit log
Row-level security (org isolation)
Abuse rate-limiting on public endpoints
Support
Support channel
Community
Email
Priority email + live chat
Onboarding
Self-serve
Self-serve
1h guided call