Cybersecurity SME
Check Compliance

Cybersecurity for the Retail & Commerce Sector

Large-scale distribution, e-commerce and retail chains. 20-5000 employees.

Applicable Regulations

AI Act

4 guides

EU Regulation 2024/1689

Regulation of artificial intelligence systems in the EU with a risk-based approach. Phased application: prohibited practices from Feb 2, 2025, GPAI obligations from Aug 2, 2025, high-risk systems from Aug 2, 2026

Penalties: Up to €35M or 7% of turnover (prohibited practices); €15M or 3% (other obligations); €7.5M or 1% (inaccurate information). SMEs: proportionate caps
Authority: AI Office (EU Commission) + AgID (Italy)
Deadline: August 2, 2026
Explore guides

GDPR

4 guides

EU Regulation 2016/679

Personal data protection in the European Union

Penalties: Up to €20M or 4% of annual global turnover
Authority: Data Protection Authority (Garante per la Protezione dei Dati Personali)
Explore guides

ISO 27001

2 guides

ISO/IEC 27001:2022 - International standard

Information Security Management System (ISMS)

Penalties: N/A (voluntary standard)
Authority: Accredited certification bodies (Accredia in Italy)
Explore guides

Loi pour la Confiance dans l'Economie Numerique (Loi n.2004-575)

0 guides

LCEN

Digital economy operators, e-commerce, ISPs. Authority: Gouvernement.

Penalties: National penalties apply
Authority: Gouvernement
Deadline: June 21, 2004
Explore guides

PCI-DSS

2 guides

PCI-DSS v4.0 (effective March 31, 2024)

Security standard for entities that handle, process, or transmit payment card data

Penalties: Fines from card networks (Visa, Mastercard) up to $500K/month + revocation
Authority: PCI Security Standards Council
Explore guides

Discover Your Compliance Level for Retail & Commerce

Check in just a few minutes which regulations apply to your retail & commerce business and the priority actions to become compliant.

Start Free Assessment

Audit your website automatically

Scan your public website for GDPR cookie banner, accessibility (WCAG 2.1 AA), legal transparency and security headers — AI generates copy-pasteable fixes and a PDF report.

Discover the Website Compliance Audit