EU compliance library
EU compliance guides & checklists
Practical, source-linked guides for European SMEs — one per obligation, each grounded in the official regulation text. Informational only; review with qualified counsel before relying on them.
EU deadlines
EU compliance deadlines 2026 for SMEs
Track the 2026 EU compliance deadlines SMEs should prepare for: Pay Transparency, AI Act, PPWR, CRA reporting, e-invoicing, and accessibility evidence.
EU regulation calendar for SMEs
A practical EU regulation calendar for SMEs covering AI Act, GDPR, NIS2, DORA, Data Act, CRA, EAA, Pay Transparency, GPSR, PPWR, and e-invoicing.
EU checklist
GDPR
GDPR compliance for SMEs
Plain-English GDPR compliance for SMEs: lawful basis, ROPA, DPIA, DPO triggers, data subject rights, breach response, and evidence to retain.
GDPR checklist for SMEs
A practical GDPR checklist for SMEs covering processing records, lawful basis, privacy notices, processors, DPIAs, DPO checks, DSARs and breach response.
GDPR compliance for US companies
GDPR applies to US companies that process personal data of EU residents. Learn the key obligations, transfer mechanisms, and compliance steps for US businesses operating in or selling to the EU.
NIS2
NIS2 compliance for SMEs
NIS2 compliance for SMEs: scope triggers, essential vs important entities, cybersecurity measures, reporting timelines, supplier evidence and action plan.
NIS2 checklist for SMEs
A practical NIS2 checklist for SMEs covering scoping, Article 21 controls, incident reporting, supply-chain security, management accountability and evidence.
NIS2 supplier checklist
NIS2 supplier checklist for SMEs selling to essential or important entities: security evidence, incident contacts, continuity, access control and vendor review readiness.
DORA
DORA compliance checklist
DORA compliance checklist for financial entities and ICT providers: ICT risk, incidents, testing, third-party risk, registers and audit evidence.
DORA ICT register template
DORA ICT register template guidance: provider inventory, contracts, criticality, subcontractors, concentration risk, exit plans and evidence fields.
DORA for ICT providers
DORA for ICT providers serving EU financial entities: customer evidence, subcontractors, incident support, exit plans, resilience and contract readiness.
E-invoicing
EU e-invoicing requirements for SMEs
EU e-invoicing requirements for SMEs: ViDA direction, EN 16931, Peppol, country mandates, France, Germany, Belgium, Poland and evidence to prepare.
France e-invoicing for SMEs
France e-invoicing for SMEs: rollout timeline, receive/send readiness, data fields, platform preparation and evidence for finance teams.
Germany e-invoicing for SMEs
Germany e-invoicing for SMEs: receive/send readiness, EN 16931, XRechnung, ZUGFeRD, accounting workflow and evidence checklist.
Accessibility
European Accessibility Act for SMEs
European Accessibility Act for SMEs: covered products and services, e-commerce, banking, transport, telecoms, e-books, website evidence and checklist.
EAA website checklist
EAA website checklist for SMEs: accessibility statement, keyboard navigation, checkout, forms, alt text, contrast, support channels and evidence.
CRA
Cyber Resilience Act for SMEs
Cyber Resilience Act for SMEs: products with digital elements, software, vulnerability handling, reporting, CE evidence and 2027 readiness plan.
CRA software checklist
Cyber Resilience Act software checklist for SMEs: product scope, secure development, vulnerability handling, support period, user instructions and technical file.
CRA SaaS product checklist
CRA SaaS checklist for product teams: scope decision, remote data processing, secure SDLC, vulnerability handling, support commitments and customer evidence.
Data Act
EU Data Act compliance for SMEs
EU Data Act compliance for SMEs: connected products, user data access, B2B sharing, cloud switching, contracts and evidence checklist.
EU Data Act checklist
EU Data Act checklist for SMEs: connected product data, user access, third-party sharing, cloud switching, contract terms and evidence.
Data Act cloud switching checklist
EU Data Act cloud switching checklist for SMEs: vendor lock-in, exit terms, data portability, migration support, fees, security and evidence.
Pay Transparency
Pay Transparency Directive for SMEs
Pay Transparency Directive for SMEs: salary ranges, pay history ban, information rights, pay criteria, reporting thresholds and evidence plan.
EU salary range job ads checklist
EU salary range job ads checklist for SMEs: role bands, objective criteria, recruiter scripts, agency instructions and evidence under Pay Transparency.
Pay gap reporting checklist
Pay gap reporting checklist for EU employers: headcount thresholds, worker categories, pay components, 5% gap trigger and evidence.
Product compliance
EU product compliance for SMEs
EU product compliance for SMEs: GPSR, CRA, PPWR, ESPR, EAA, market surveillance, responsible person, technical files and evidence plan.
GPSR checklist for SMEs
GPSR checklist for SMEs selling non-food consumer products in the EU: responsible person, risk analysis, traceability, warnings, recalls and marketplace evidence.
Packaging Regulation PPWR for SMEs
Packaging and Packaging Waste Regulation for SMEs: scope, recyclability, packaging minimisation, labelling, data evidence and 2026 readiness plan.
Market entry
EU market entry compliance for SaaS
EU market entry compliance for SaaS companies: GDPR, AI Act, Data Act, DORA customer pressure, NIS2 suppliers, EAA, e-invoicing and evidence checklist.
US company selling to EU compliance checklist
Compliance checklist for US companies selling to EU customers: GDPR, EU representative, data transfers, AI Act, product rules, accessibility and contracts.
Software comparison
Best AI Act compliance software for SMEs
Best AI Act compliance software for SMEs: compare action-plan workflows, AI inventory, risk classification, evidence, training and EU data sovereignty.
Best GDPR compliance software for SMEs
Best GDPR compliance software for SMEs: compare ROPA, DPIA, breach workflow, processor records, evidence exports, pricing and EU data residency.
NIS2 compliance tool for SMEs
How SMEs should choose a NIS2 compliance tool: scope, entity classification, incident reporting, supplier controls, evidence and management oversight.
DataGuard alternative for EU compliance
DataGuard alternative for EU compliance: compare SME action plans, AI Act readiness, GDPR evidence, NIS2 scope and self-serve diagnostics.
Not sure which regulations apply to you?
Run the free regulation checker to map your obligations, or browse every EU regulation guide.
Last reviewed: