Kertos

Kertos, founded in 2021 by Dr. Kilian Schmidt (CEO), Johannes Hussak, and Alexander Prams (CTO), is a Munich, Germany-based company. It develops AI-powered SaaS software to automate complex compliance processes like GDPR, ISO 27001, DORA, NIS2, AI Act, and ISO 42001 for scale-ups and enterprises. The platform streamlines data privacy, information security, and broader regulatory requirements efficiently. Kertos has secured approximately $4.4 million in total funding, augmented by a recent €14 million Series A round in 2024 aimed at scaling its compliance automation across Europe. With an estimated valuation of $16.2 million and annual revenues of $5 million, the company maintains a workforce of 51 to 100 employees, also led by Daniel Schneider (Director of Sales) and Felix Ungeheuer (Head of Product).

High-Level Overview

Kertos is a Munich- and Berlin-based technology company providing a no-code, AI-native platform that automates compliance processes for fast-growing European businesses, supporting frameworks like GDPR, ISO 27001, SOC 2, EU AI Act, TISAX, and NIS2.[1][2][3] It serves companies such as Enpal, Blacklane, and Flink by scanning IT infrastructure, automating data privacy requests, document management, and audits via over 100 integrations, saving hundreds of hours of manual work and enabling audit-readiness without Excel chaos or consultants.[1][2][3] With 45+ diverse employees from 15 nationalities, Kertos focuses on intuitive, secure compliance, recently raising €14M in Series A funding to expand its AI-driven automation across Europe.[1][5]

Origin Story

Kertos was founded by Dr. Kilian Schmidt, who brings deep legal expertise from roles as Senior Legal Counsel and Data Protection Officer at Home24, a stint at Freshfields Bruckhaus Deringer, and scaling legal teams at TIER Mobility (from 50 to 800 employees across 65 cities) and Gorillas Technologies.[1] Frustrated by the lack of technology in legal compliance—especially handling data protection requests that involved up to 15 people per process—Kilian launched Kertos to create a next-generation, Europe-made solution.[1][2] Co-founder Johannes highlighted early enterprise challenges like unclear data locations and responsibilities, leading to a tool that X-rays IT infrastructure via interfaces, uses AI to learn from decisions, and employs zero-trust architecture for secure, encrypted processing without data sharing risks.[2] Incubated at CISPA, Kertos gained traction quickly post-launch with major customers, automating live operations and proving its value in time and cost savings.[2]

Core Differentiators

Kertos stands out in compliance automation through these key strengths:

• No-code, AI-native platform: Automates end-to-end processes—from asset discovery and IT scans to RoPAs, TOMs, policies, and audits—learning from user decisions for continuous improvement, unlike manual or consultant-heavy alternatives.[1][2][3][5]
• Broad framework support in one hub: Handles GDPR, ISO 27001, SOC 2, EU AI Act, TISAX, NIS2, and more, centralizing documents, workflows, and 100+ tool integrations (e.g., email, CRM, ticketing) for seamless operations.[3]
• Privacy-first security: Zero-trust model ensures encrypted info stays with customers; data is displayed briefly then deleted, minimizing risks in data subject requests.[2]
• Developer- and user-friendly experience: Intuitive interface accelerates certifications (e.g., ISO 27001 in weeks), with fast collaboration, approvals, and proven relief for high-security growth companies.[1][3]
• Europe-focused innovation: Tailored for EU regs, available on AWS Marketplace, with rapid adoption by scale-ups like Enpal.[1][3][4]

Role in the Broader Tech Landscape

Kertos rides the surging demand for AI-automated compliance amid escalating EU regulations like GDPR enforcement, the EU AI Act, and NIS2, where manual processes burden fast-scaling tech firms facing cyber threats and data privacy scrutiny.[2][3] Timing is ideal: post-GDPR fines and AI boom have exposed compliance as a growth bottleneck, with enterprises wasting hours on requests; Kertos' X-ray scans and zero-trust AI address this holistically, enabling secure scaling without shifting burdens to employees.[1][2] Market forces like rising cybersecurity challenges (e.g., via CISPA ties) and cloud adoption favor its AWS integration and multi-framework support, positioning it to influence Europe's startup ecosystem by making "effortless compliance" standard for SaaS, fintech, and mobility players.[1][3][4] By automating what consultants charge premiums for, it democratizes audit-readiness, fostering innovation in regulated sectors.[3][5]

Quick Take & Future Outlook

Kertos is primed for hypergrowth with its €14M Series A fueling AI enhancements and European expansion, targeting more frameworks and deeper integrations to capture the booming compliance automation market.[5] Trends like AI regulation proliferation and zero-trust mandates will amplify demand, while its no-code edge could disrupt legacy tools, evolving Kertos into the go-to platform for global scale-ups navigating EU rules. Expect partnerships with more AWS-like ecosystems and potential Series B as customer wins (e.g., ISO certifications in weeks) compound, solidifying its role in sustainable, tech-driven compliance.[3][4] This positions Kertos not just as a tool, but as the intuitive backbone for compliance in an AI-everywhere world—echoing its founding vision of rethinking the field entirely.[1]