Compliance
Saudi PDPL, UAE PDPL, GDPR, and Egypt's Law 151/2020 — plus our own site's accessibility conformance, since we sell accessibility audits and must hold ourselves to the same standard.
Per-regulation summary
Saudi PDPL and UAE PDPL: we implement processor-level controls — consent flows, purpose limitation, data-subject request support, and breach-notification support — and offer in-region hosting where a client requires it.
GDPR (for EU-lane work): the same processor-level controls apply, alongside a Data Processing Agreement with GDPR terms for clients whose end users are in the EU.
Egypt's Personal Data Protection Law No. 151/2020: the same processor commitments apply for our Cairo-based operations and any Egypt-facing client work.
EU AI Act: Annex III obligations land December 2, 2027. We treat this as a monitored horizon for EU-lane clients and will publish our readiness position as the date approaches.
Our own site's accessibility
We sell accessibility audits, so we hold nano-ai.net to WCAG 2.2 AA: audited with the same methodology we sell — an automated scan plus a manual screen-reader pass with NVDA and VoiceOver — before every major release and quarterly. Our current conformance statement, last audit date, known issues, and remediation deadlines are published on this page.
If you find a barrier we missed, email accessibility@nano-ai.net — we treat it as a P2 issue.
Certifications & memberships
We operate an ISO 27001-aligned policy set, with a certification audit planned for H1 2027 — not yet a certificate. Where we hold an earned partner badge (such as a cloud or platform partner tier), it is listed here only after written acceptance into that program, and removed within 5 business days if status lapses. We do not display pending or mock badges.