Legal compliance

The eID API architecture and services have been designed to deliver the maximum quality standards according to systems information security, personal data and privacy, electronic signature, e-commerce and information society. We comply with the following standards:

Scope Regulation Documents
Certification eIDAS, implementing regulation 2015/1502 Commission Implementing Regulation (EU) 2015/1502 of 8 September 2015 on setting out minimum technical specifications and procedures for assurance levels for electronic identification means pursuant to Article 8(3) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market 3rd party evaluation VideoID with high level of security regarding electronic identification means
Certification Regulation 910/2014 regarding Electronic identification and eTrust services to electronic transactions in internal markets.
Directive 1999/93/CE of European Parliament
European Regulation 910/2014
Directive 1999/93/CE of European Parliament
eTrust 3rd Parties Electronic Signature
e-Commerce and Information Society
Law 59/2003, of 19 of December of Electronic signature
Law 34/2002, of 11 of July of Society Information Services and electronic commerce
Privacy Organic Law 15/1999 of Personal Data Protectiona Privacy Policy
Privacy Personal Data Protection European AWS Customer Agreement AWS Amendment to Customer Agreement about privacy Spanish laws
Physical and Logic Security SOC, PCI DSS, CSA, ISO 27001 AWS Compliance
Code Security Open Web Application Security Project Methodology OWASP Penetration Testing Audit