Applicability Checker

🌐 AI Provider

Active: Loading...

🔑 Use Your Own API Key

Provider

API Key

Model (optional) Encrypt locally

Use fingerprint, Face ID, or security key.

Saved key found. Enter PIN to unlock.

Incorrect PIN.

Use biometric to unlock your saved key.

⚠️ Key not saved - will be lost when you close this tab

⚠️ Beta Notice & Disclaimer

Important: While this tool indicates potential applicability, the specific scope of whether a regulation/directive actually applies to your situation must be reviewed and confirmed by dedicated legal experts.

Results are not legal advice
May contain errors or inaccuracies
AI analysis may hallucinate or misinterpret data
Always consult qualified legal professionals

By clicking "I Agree & Continue", you acknowledge that you have read and agree to our full disclaimer.

⚠️ Beta Launch Notice

Both AI scanners are free during beta.

How it works

We look up your company based on its domain
AI suggests matching criteria (checkboxes)
You review and adjust selections
Regulations are rule-based, not AI

🤖 AI hints show reasoning — dismiss with ×

AI Analysis:

📄 Drop PDF or click

❌

How it works

PDF processed locally in your browser
Text analyzed by AI, then discarded by us
AI suggests matching criteria
Regulations are rule-based, not AI

🤖 AI hints show reasoning — dismiss with ×

How it works

Text analyzed by AI, then discarded by us
AI suggests matching criteria
Regulations are rule-based, not AI

🤖 AI hints show reasoning — dismiss with ×

⚠️ Do not submit personal identifiable info.

⚠️ DeepSeek's ToS does not explicitly prohibit using your data for AI training.

Zero-Knowledge Ephemeral Pipeline*

🧠 Amnesic agents 🗑️ No storage* 🚫 No training 📝 No logs*

⚠️

📍 Location & Ownership

🔵 Based in the EU ℹ️ 🌍 Serves EU customers ℹ️

💡

Most EU-based companies also serve EU customers. Check "Serves EU customers" above to see market-placement regulations like CRA, RED, and Product Liability Directive.

🌐 Based outside the EU ℹ️

⚠️

No regulations will match. Non-EU companies are only subject to EU cybersecurity regulations if they serve the EU market. Check "Serves EU customers" above if you place products or services on the EU market.

Ownership structure

⚠️ Non-EU controlled / subsidiary ℹ️

Regulatory designation

⚠️ Designated Critical Entity ℹ️

🏢 Organization Type

🔧 Manufacturer / Producer ℹ️ 0

What do you manufacture?

🔌 Hardware with digital elements ℹ️ 💿 Software products ℹ️ 🏥 EHR / Health data software ℹ️ 🩺 Medical devices ℹ️ ⚙️ Machinery / Industrial equipment ℹ️ 📡 Radio / Wireless devices ℹ️ 🚗 Vehicles / Automotive ℹ️ ⚓ Marine equipment ℹ️

💼 Service Provider ℹ️ 0

What services do you provide?

☁️ Cloud / SaaS / PaaS / IaaS ℹ️ 🌐 DNS / Domain services ℹ️ 🔐 Trust services (eID, signatures) ℹ️ 🖥️ Managed IT services (MSP) ℹ️ 🛡️ Managed security (MSSP) ℹ️ 📞 Telecommunications ℹ️ 🛒 Online platforms / Marketplaces ℹ️ 🌐 Domain name registrar ℹ️

🏗️ Infrastructure Operator ℹ️ 0

What infrastructure do you operate?

⚡ Energy (electricity, gas, oil) ℹ️

🚆 Transport (select sub-sector)

✈️ Aviation ℹ️ 🚆 Rail transport ℹ️ 🚢 Maritime / Ports ℹ️ 🛣️ Road transport ℹ️

🏥 Healthcare facilities ℹ️ 🩸 Blood / Tissue establishments ℹ️ 💧 Water / Wastewater ℹ️ 🖧 Digital infrastructure ℹ️

🏭 Sector & Customers

🏦 Financial Services ℹ️ 0

Financial sector type

🏦 Bank / Credit institution ℹ️ 🛡️ Insurance / Reinsurance ℹ️ 📈 Investment / Fund manager ℹ️ 💳 Payment / E-money ℹ️ 🪙 Crypto-asset provider ℹ️ ☁️ ICT/Cloud provider to financial sector ℹ️

🏛️ Public Administration ℹ️ 🛰️ Space ℹ️ 🎖️ Defense / Military ℹ️ 🎓 Research / Education ℹ️

Who are your primary customers?

⚠️ Supply to critical infrastructure ℹ️ ⚠️ ICT services to financial sector ℹ️ ⚠️ Sell to public administration entities ℹ️ ⚠️ Sell to Union institutions ℹ️

⚡ Activities

👤 Processes personal data ℹ️ 🏛️ Provides essential services to society ℹ️ 💻 Develops or sells ICT products/services ℹ️ 🤖 Develops or deploys AI systems ℹ️

AI System Details

🧠 General Purpose AI (GPAI) ℹ️ 📥 AI output used in EU ℹ️ 🚫 Prohibited AI Practices ℹ️

📊 Organization Size

👤 Micro ℹ️ 👥 Small ℹ️ 🏢 Medium ℹ️ 🏙️ Large ℹ️

📋 More Organization Size Guidance

Note: Size thresholds primarily affect NIS2. Product regulations (CRA, MDR, RED) and data protection (GDPR) apply regardless of size.

ℹ️ Scope & Size Thresholds

General Rule: NIS2 applies to medium and large enterprises (50+ employees or €10M+ turnover) in Annex I/II sectors.

Exceptions (size threshold does NOT apply):

Trust service providers (qualified or non-qualified)
DNS service providers and TLD name registries
Sole providers of essential services in a Member State
Entities specifically designated by Member State authorities

Member State Variations: Each country's NIS2 transposition may designate additional sectors or entities. Consult your national NIS2 law.

Unsure of your classification? The EU uses complex rules for SME classification that consider linked enterprises and ownership structures. If your company has investments in other entities (or vice versa), use the official EU self-assessment tool to determine your correct size category.

🔗 Open EU SME Classification Wizard →

📤 Import

⚠️ Beta Notice & Disclaimer

Results are for informational purposes only and do not constitute legal advice. May contain errors or inaccuracies. Read the full disclaimer →

← Select criteria on the left to see applicable EU regulations.

⚠️ Beta Notice & Disclaimer

Results are for informational purposes only and do not constitute legal advice. May contain errors or inaccuracies. Read the full disclaimer →

📋 Recent Updates

Dec 2025: AI Scanner with inline hints
Dec 2025: Migrated to Gemini 2.0 Flash LLM
Jan 2025: Legal accuracy improvements

View full changelog →

Ask me about which filters apply to your situation. I can only discuss filter selections.

💡

Missing market-placement regulations?

You selected "Based in the EU" but not "Serves EU customers". If you place products or services on the EU market, check "Serves EU customers" in the Location section to see regulations like CRA, RED, MDR, and Product Liability Directive.

💡

Limited manufacturer results?

Most manufacturer regulations (CRA, RED, PLD) apply to products placed on the EU market. If you sell to EU customers, also check "Serves EU customers" in the Location section.

💡

Size alone doesn't filter regulations.

Size thresholds primarily affect NIS2 exemptions for micro/small enterprises. Select your organization type and location to see which regulations apply to you.