For SMBs in Regulated Sectors
An internal app that survives an audit — without hiring a compliance team
Healthcare clinics, financial advisors, law firms, and HR departments run on internal tools that were never built to handle sensitive data. alleex composes GDPR-by-default apps on EU infrastructure — so your next audit is an export, not an emergency.
Settings
Sector-appropriate defaults
The compliance-eu module pre-configures consent, retention limits, and data minimisation for your sector's typical data flows. You do not configure GDPR from scratch.
Download
Audit-log export in one click
Hash-chained log, CSV/JSON, ready for a regulator or internal review board. Exportable from the control panel — no engineering ticket required.
FileText
EU data-residency contract
Your data stays in the EU. We sign a Data Processing Agreement before you build — covering the Neon EU Postgres region and Cloudflare EU Workers.
What you can build
Common starting points
Patient and client record dashboards
An internal dashboard for managing patient or client records with EU hosting, role-based access, consent capture, and a full audit log. Not a medical device — a tool for managing your own data.
compliance-eu module + Better Auth with RBAC + audit-log module
Staff scheduling with PII handling
A scheduling tool that handles employee personal data with GDPR-compliant retention, access controls, and an audit trail. Runs in your EU instance, not a US SaaS.
compliance-eu module + Better Auth
Document management with retention policy
Upload, store, and manage documents with configurable retention periods, access logs, and deletion workflows that satisfy GDPR data minimisation requirements.
compliance-eu module + Cloudflare R2 (EU region)
Consent collection and management
A structured consent registry for your clients or patients — each consent is an Ed25519-signed receipt with a version, expiry, and re-consent trigger. Export as CSV for regulators.
compliance-eu module
Customer stories
Real customer stories — none yet.
We are in private beta. The first case studies will feature named customers who share real results. We do not publish testimonials we have not earned.
Become a design partner →FAQ
Common questions
Is alleex a medical device?
No. alleex produces apps — internal tools and dashboards. Whether those apps are subject to medical device regulation (EU MDR, IVDR) depends on their intended purpose and your use case. That determination is your responsibility; consult your legal or regulatory counsel. alleex does not make clinical decisions and does not process diagnostic data by design.
Where exactly is my data stored?
Your customer app database is a dedicated Neon Postgres project in the EU region (Frankfurt). Your app runs on Cloudflare Workers in the EU zone. Transactional email goes through Resend EU. These specifics are committed in the DPA we sign before you build — not just in a blog post.
Do I need technical staff to use alleex?
No, for composing and deploying. You describe the tool you need, alleex composes it from vetted modules, and you deploy to EU infrastructure. For significant customisation beyond the module catalog — custom business logic, integrations with sector-specific systems — you or a developer will need to work on the ejected repo.
Can alleex help with a GDPR audit?
alleex makes the audit evidence easier to produce: the audit log exports in one click, the subprocessor list is published, and the DPA is ready to show your regulator. alleex does not provide legal or regulatory advice — consult your DPO or counsel for your audit obligations.
What does 'not a medical device' mean for a healthcare clinic?
It means alleex composes an internal operations tool — appointment scheduling, staff dashboards, consent management — not a clinical decision-support system. Apps that store or display patient records for administrative purposes are typically not medical devices under EU MDR. Apps that influence clinical decisions may be. Your regulatory counsel can advise on your specific use case.
An internal app that survives an audit. Built in days.
Book a demo and we will walk through how alleex handles your sector's data requirements, show the audit log export, and answer questions about the DPA for your specific use case.
Free €0 · Pro €29/mo · Business €59/mo · Enterprise custom. See full pricing. Prices may change before general availability.