Draftit is a compliance and data protection platform from Sweden, positioned as an all-in-one solution for βdata protection, information security, and regulatory compliance.β According to the main content, it covers use cases such as GDPR, NIS 2, whistleblowing, supplier agreements, and information asset control. Its core goal is to replace fragmented Excel-based management and turn responsibilities, information, decisions, and audit materials into a continuous structure. Its user base is mainly in the Nordics, and the official website says it is used by 2,700+ organizations.
In terms of protection type, Draftit is more focused on data compliance governance and information security management than traditional firewalls, EDR, or vulnerability scanning tools. It supports records of processing activities, DPIA, supplier tracking, ongoing follow-up of risks and processing activities, and can establish links between processing, systems, purposes, and external parties, making it easier to support regulatory reviews, audits, and internal retrospectives. For compliance certifications, the content explicitly mentions an ISO 27001-certified information security management system, and the use of the Visma Cloud Delivery Model as a framework for secure development, operations, and tracking, emphasizing controlled management of changes, incidents, and availability.
Public information about deployment is limited. It can only be confirmed that this is a platform developed and operated by Draftit, with an operating environment designed for organizations that require strong traceability and compliance. Whether it supports on-premises deployment, private cloud, or multi-tenant SaaS is not disclosed. In terms of management capabilities, its strength lies in assigning responsibilities, recording assessments, tracking risks, and maintaining documents required for audits and regulatory purposes within a unified system. Alerting capabilities are not clearly described. Integration capabilities are also not publicly explained, with no visible information about API, IAM, SIEM, ticketing, or data catalog integrations.
The official website does not disclose pricing, plans, trials, or payment methods, and only provides a sales contact option, so buyers will need to request a quote before purchasing. Its advantages are relatively comprehensive coverage of compliance workflows, making it suitable for long-term GDPR and NIS 2 management; ISO 27001 and VCDM also add credibility. Its drawbacks are limited pricing transparency, insufficient information on technical integrations, deployment flexibility, and alerting capabilities, and unclear localization support for markets outside the Nordics.
Draftit is suitable for companies, public institutions, or highly regulated organizations in the Nordics and broader Europe that need systematic data protection management, especially teams still relying on spreadsheets to maintain GDPR documentation, DPIA, and supplier compliance. Its accessibility from China is unknown, and the official website does not mention China-based nodes, Chinese-language support, RMB payments, or adaptation to Chinese regulations. If deploying it in China, key factors to evaluate include network connectivity, contracts, and cross-border data requirements. Alternatives may include OneTrust, TrustArc, DataGrail, Vanta, Drata, or local Chinese data compliance platforms.
β This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on draftit.se official site.
draftit.se is an Sweden Cybersecurity provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach draftit.se directly.