EU company or EU market launch
EU frameworks first: GDPR, ePrivacy, CRA, DSA, Data Act, and AI Act as applicable
What digital regulations apply to your product?
Any website or app with EU users
GDPR, ePrivacy
Online checkout or subscription sold to EU consumers
Consumer Rights, GDPR, ePrivacy
An AI system or AI-powered product
EU AI Act, GDPR
Commercial software, IoT, or connected product
Cyber Resilience Act
A crypto, DeFi, or digital asset product
MiCA, GDPR
Software or cloud services for EU banks / insurers
DORA
Digital infrastructure for EU clients
NIS2
Marketplace, social, hosting, app store, or UGC
Digital Services Act, GDPR, ePrivacy
Connected-product data or cloud switching
Data Act, Cyber Resilience Act where product security applies
A health tech or medical AI product (US)
HIPAA, FDA AI guidance
Consumer smart device sold in the UK
UK PSTI product security
Software defects could cause damage through a product
Product liability
Fintech, lending, tax, or customer-data workflow
FTC Safeguards
EU company with customers outside Europe
Global Privacy, outbound market scope
Email, SMS, ads, or child-directed global flows
CASL, COPPA, PIPEDA, LGPD, PDPA, APPI, PIPL
A Luxembourg-registered company
CNPD plus applicable EU frameworks
An app built with AI coding tools
Vibe-coded app security
Not sure if you are in scope? See Does EU law apply to you?
For company creation, legal structure, and incorporation, use entrepreneur.burhuc.com.