Regulations Reference

The EU General Data Protection Regulation (GDPR) is the most comprehensive data protection law globally, governing how organizations collect, store, and process personal data of EU residents.

The German Supply Chain Due Diligence Act (Lieferkettensorgfaltspflichtengesetz) requires companies to identify, prevent, and address human rights and environmental risks throughout their supply chains.

The EU Corporate Sustainability Due Diligence Directive establishes mandatory due diligence requirements for large companies regarding human rights and environmental impacts across their value chains.

REACH is the EU regulation on chemical substances and their safe use. It requires manufacturers and importers to register chemical substances and demonstrate they can be used safely.

The RoHS Directive restricts the use of specific hazardous materials found in electrical and electronic equipment (EEE) to protect human health and the environment.

ISO 27001 is the international standard for information security management systems (ISMS). Certification demonstrates a systematic approach to managing sensitive information.

SOC 2 is a compliance framework for service organizations, focusing on security, availability, processing integrity, confidentiality, and privacy of customer data.