Compliance & GRC

Armadillex

Est. 2024 Jerusalem, Israel Updated 2026-03-19
aiprivacygdprai-governance
Unverified by r/legaltech members — this page is based on publicly available information, not hands-on testing or practitioner feedback. Verify your experience with Armadillex

Armadillex is an AI-powered platform for data privacy operations and AI governance, focused on automating DPA (Data Protection Agreement) management. Core capabilities: automated DPA updates and analysis across vendor portfolios, DPIA (Data Protection Impact Assessment) generation, ROPA (Records of Processing Activities) creation, breach notification workflow, and agreement modifications. The platform stores and analyzes privacy documentation to extract insights, identify vulnerabilities, and support risk profiling. AI governance capabilities recently added for EU AI Act compliance. Founded 2024 in Jerusalem by Arye Schreiber (privacy lawyer, MA Cantab, LLM, MBA, CIPP/E, CIPM — previously founded MyEDPO, a DPO-as-a-service firm) and Daniel Jaffe (CTO). The product was born from Schreiber’s experience as an outsourced DPO — he built the tool he wished he had while managing privacy compliance manually. 396 LinkedIn followers, ~8 employees, hiring. Attended IAPP Brussels 2025. Beyond the Code podcast feature (Jul 2024). Funding undisclosed. CRITICAL CORRECTION: TLTF listing described this as an IP services firm — completely wrong. Actual product is data privacy/AI governance. Competes in a market dominated by OneTrust ($920M+ funding), Securiti, TrustArc, and BigID — but positioned as a focused DPA automation tool rather than comprehensive privacy platform. No independent reviews, no customer references, no security certifications discoverable despite handling privacy-sensitive documentation. No pricing publicly available.

Company Info

  • Founded: 2024
  • Team size: ~8 employees
  • HQ: Jerusalem, Israel
  • Sector: Data Privacy / AI Governance

What We Haven’t Verified

This page was assembled from publicly available information. The original TLTF listing incorrectly described this company as an IP services firm — that description was wrong. Feature claims and workflow mappings are based on what the vendor and third-party listings publish — not hands-on testing or practitioner feedback.

Workflows

Based on practitioner evidence, Armadillex is used in these workflows:

Filing & Compliance

What practitioners struggle with

Real frustrations from legal professionals — the problems Armadillex addresses (or should address). Sourced from practitioner reviews, Reddit threads, and case studies.

Privacy team spends 3 months every year manually mapping data flows by sending questionnaires to engineering teams and chasing responses — by the time the data inventory is complete, engineering has shipped 20 new features and the map is already stale, leaving the DPO unable to answer a regulator's question about where personal data actually lives

Filing & Compliance 11 vendors affected In-house counsel · Legal ops · inhouse-enterprise · compliance-officer

When a consumer submits a GDPR or CCPA data deletion request, the privacy team has to manually trace where that individual's data lives across 50+ SaaS applications, databases, and third-party processors — missing even one system risks a regulatory fine, and the 30-day response deadline creates constant fire drills

Filing & Compliance 16 vendors affected In-house counsel · Legal ops · Government · Large firm (51–200)

Legal and compliance are told to get the company ready for the EU AI Act, but nobody has a live inventory of AI systems, risk classifications, evaluations, and approval records — every regulator or board update turns into a questionnaire chase across product, engineering, procurement, and security, and by the time the evidence pack is assembled the models have already changed

Filing & Compliance 3 vendors affected In-house counsel · Legal ops

Privacy team at an advertiser, publisher, or data-heavy company has 100+ vendors touching consumer data - each one needs diligence on data practices, service-provider terms, and state-law obligations, but questionnaires are flying around in email and spreadsheets, and when a regulator or big client asks whether the team did adequate diligence, nobody can prove it without digging through inboxes

Filing & Compliance 2 vendors affected Mid-size firm (11–50) · Large firm (51–200) · In-house counsel · Legal ops

Where it fits in your workflow

Before Armadillex

DPO or privacy counsel at an organization with 100+ vendor relationships needs to review/update DPAs following regulatory changes (GDPR amendments, new SCCs, sector-specific requirements) → historically a months-long manual project of reviewing each agreement → Armadillex automates analysis and identifies required changes across the portfolio

After Armadillex

After DPA analysis → risk reports generated showing compliance gaps → updated DPA language suggested → ROPA documentation updated → ready for regulator audit. Breach workflow: incident → Armadillex generates notification documentation within 72-hour GDPR window → submitted to DPA (data protection authority).

Integrations & hand-offs

Armadillex (AI privacy platform) → DPO/privacy counsel (review and approval); → vendor/procurement teams (DPA distribution and signature); → data protection authorities (regulatory submissions); → legal counsel (for complex negotiations). Integration with existing privacy tools mentioned in FAQ but specifics unknown.

Also used by similar teams

Vcomply

Community Data

Loading practitioner-sourced data…