Diligence Library

Regulatory Packs

This library reorganizes the trust program into due-diligence ready packs. Each pack groups the regulations, public documents, machine-readable evidence, operational controls, and truthful boundaries for one regulatory family.

These packs are designed to help customers, partners, and counsel review the current baseline quickly. They are structured summaries of the implemented repository posture, not a substitute for external legal advice or external certification.
Live legal baseline0 sectionsRights routing activeDocs-ready presentation
Last updated May 31, 2026
Page structure
Hero briefing
Scope, applicability, and status markers
Live surface
Interactive controls, forms, or datasets below
Support docs
Related policies, packs, and trust materials
Related docs
Docs Center
Core policies and rights flows
Privacy Request Center
Access, delete, export
Regulatory Packs
Counsel and diligence view
Vendor Register
Processor and DPA posture
Recommended use

This is the best place to fill the space: not decorative noise, but a useful orientation layer. It gives readers page structure, supporting docs, and a quick sense of what to do next before they reach the live form, pack, or data surface below.

Recommended filler pattern
  • Quick actions or entry points
  • Support response timing or scope note
  • Cross-links to the most relevant trust materials
Open primary docOpen support path

Need the law-by-law view too?

The Regulatory Atlas stays useful for detailed law-by-law inspection, and the Regulatory Annexes stay useful for document-specific wording. These packs sit above both and give counsel or customers one cleaner review layer.

Open Regulatory AtlasOpen Regulatory Annexes
Diligence packs

Regulatory pack library

These packs are designed for due diligence, external counsel review, and enterprise buyer conversations. Each pack groups the live documents, controls, evidence paths, and boundaries for one regulatory family instead of forcing reviewers to reconstruct that view from multiple trust pages.

Pack library
5
Implemented
3
Active laws
3
Evidence links
4
EEA, UK, and similar European consent-regulated markets

Europe GDPR and ePrivacy Pack

This pack consolidates the European transparency, rights, consent, and processor-governance posture for the covered repository surfaces, including the corporate site and Lucid legal flows.

Implemented baseline
Privacy counsel, enterprise buyers, partner diligence teams, and European launch reviewers
Laws in this pack
GDPR
ePrivacy Directive baseline
Planet49-style consent expectations
Pack posture

Each pack is structured for diligence review: live legal text, mapped controls, customer-safe evidence, and explicit boundaries are shown together so reviewers can evaluate coverage without inferring hidden assumptions.

Public documents
Corporate privacy policyCookie policyCookie preference centerLucid privacy noticePrivacy request centerRegulatory annexes
Machine-readable evidence
Regulatory atlas APIRegulatory annexes APIBrowser technologies APIVendor register API
Operational coverage
  • Controller identity, purposes, legal-basis framing, recipients, transfers, retention categories, and rights-routing are published in GDPR-style structure.
  • DSAR intake supports access, rectification, erasure, restriction, objection, portability, consent withdrawal, and follow-up review flows.
  • Non-essential browser technologies remain behind explicit consent, and a supported Global Privacy Control signal is honored as a restrictive browser-layer baseline until an explicit site choice is made.
  • Processor, subprocessor, and infrastructure governance is reflected in the public vendor register and internal cadence tracking.
Customer-safe evidence
  • Published privacy, cookies, and Lucid notices
  • Public consent and preference-center controls
  • Public vendor register and browser-technology inventory
  • Customer-safe trust pages and assurance packet
Remaining boundaries
  • This pack does not replace external legal advice for a specific European market or product launch.
  • Any future analytics, ad-tech, or materially different child-brand flow still requires notice and consent review before activation.
Primary sources
EUR-Lex GDPR textEuropean Commission transparency guidanceEUR-Lex ePrivacy Directive