Five questions.
See which regulations affect your organization.
Tell us your industry, size, where you operate, how you use AI, and the pressure you’re under today. We map your answers against every EU regulation that binds software companies, and every voluntary framework your buyers are likely to ask for. The full breakdown ships to your inbox.
Browse the framework information bankLoading checker…
Common regulation profiles
These static examples help teams scope likely pressure before they run the full checker.
EU B2B SaaS company with 15-100 employees
An EU B2B SaaS company with 15-100 employees should usually treat GDPR, ISO 27001, SOC 2, and buyer security questionnaires as immediate planning items. NIS2, DORA, EU AI Act, and sector-specific rules can become relevant depending on customers, AI use, and regulated sectors.
EU fintech or software supplier to financial customers
EU fintech software suppliers should expect GDPR, ISO 27001, SOC 2, DORA-driven due diligence, and vendor risk evidence. Direct DORA duties depend on role and customer relationship, but financial-sector buyers often push DORA expectations into supplier reviews.
EU SaaS company building or embedding AI
An EU SaaS company using AI should plan for GDPR, AI governance, security controls, and EU AI Act readiness. High-risk AI use requires deeper risk management, documentation, monitoring, and human oversight than ordinary productivity AI features.
Finnish public-sector software supplier
Finnish public-sector suppliers should expect GDPR, ISO 27001-style security management, NIS2 pressure in relevant sectors, and procurement-specific criteria such as Julkri or Katakri depending on contract sensitivity.