Regingada
Regingada Compliance Suite · Your Digital Twin for DSA, AI Act & GDPR

Your Digital Twin for EU digital law.

It starts as cartography: EU digital law — the DSA, AI Act, GDPR, DMA and NIS2 — mapped into one interactive graph of 824 nodes, 1,692 edges and 126 curated cross-regulation links. That map is the foundation of your twin: you classify once, and the living model shows what applies and reports what changes. Built by a German lawyer specialised in EU digital regulation.

Build your twin go-live pending Watch the tour → Talk to the firm →

Software: Regingada UG (haftungsbeschränkt) i.G. · Legal advice exclusively: Kanzlei Theo Funk

The numbers

Real numbers. No marketing math.

No customer counts, no saved-hours claims. Every corpus figure below is rendered live in the suite — open the product and count along.

5regimes mapped
824nodes
1,692edges
126curated cross-regulation links
12L9 enforcement trackers
0external loads by default
the suite KPI band as rendered in the product: 824 KORPUS-KNOTEN (nodes), 1692 EDGES, 5 REGIMES, 126 CROSS-REG-EDGES, 12 L9-TRACKER AKTIV
The same numbers, as rendered live in the suite.
The twin

What is your Digital Twin?

Not six separate tools — one model of your duties. You answer a compact five-question pre-wizard about your case; the Legal Map marks the obligation nodes that apply to you, live. That marked, living map is your twin: it shows what applies and reports what changes.

The Legal Map is the engine of your Digital Twin — a living model of EU digital law that turns your profile into individual, proactive and reactive orientation.

1

Your profile

You answer a compact five-question pre-wizard about your case — rule-based and reproducible, no account, no black box.

2

The map marks

The Legal Map marks the obligation nodes that apply to you — live, across all five regimes, each grounded to its legal source.

3

Your living twin

This marked, living map is your twin: it shows what applies and reports what changes. Change one input and the duties, deadlines and cross-regulation links move with it.

Regingada Compliance Suite welcome screen — 'What is your Digital Twin?' with the three steps (your profile, the map marks, your living twin) and the per-regime twin cards

The twin mirrors and orients — it does not advise. It shows which duties your inputs point to; it does not decide them, guarantee anything or take them on. The legal judgment and the handling of duties stay with the firm, in a separate mandate.

The suite

One suite. Five regimes.

Six modules, one product — every card shows live data.

Legal Map

824 nodes of EU digital law as one interactive graph — filter by regime, concept or case law.

the suite legal map canvas, dark theme: colored regime clusters with cross-regulation edges

Cross-Reg Heatmap

Where DSA, AI Act, GDPR, DMA and NIS2 overlap — curated links, not statistical guesses.

Cross-regulation heatmap cells: AI Act × GDPR matrix detail with curated hit cells

Obligation Cockpits

VLOP, Annex IV, DPIA, gatekeeper and cyber duties as working checklists — every obligation grounded to its legal source.

VLOP cockpit cards, dark theme: systemic risk assessment, risk mitigation, crisis response, independent audit

Cmd-K Research

Full-text and concept search across the entire corpus — works completely offline.

the suite command palette, dark theme: query 'liability' returns the subject facet Intermediary service liability plus offline corpus hits — DSA Art. 13(3), Chapter II, ECJ C-324/09 L'Oréal v eBay, DSA Art. 4(1)

AI Assistant

Optional Claude-powered explanations via a Cloudflare Worker. Strictly opt-in — the suite never requires it.

the suite AI assistant modal head, dark theme: locked opt-in gate — three steps (free intake call, access code, AI panel) before any request leaves the browser

Mandate Funnel

From anonymous self-check to a mandate-ready DRAFT artifact — the handoff to the firm is a deliberate, documented act.

the suite mandate funnel, dark theme: step status cards, regime-profile fill state and the step-2 handoff panel — DRAFT discipline notice visible in the product footer
Coverage

Every regime, full depth.

We certify nothing and badge nothing — we map. Five regimes, each down to article level.

DSA

Your DSA twin: shows which platform duties apply — service-by-service, intermediary up to VLOP — and reports what changes.

From notice to VLOP.

Art. 34/35 systemic-risk cockpit · notice-and-action, transparency and audit duties mapped.

Plus: service-by-service portfolio tiering · duty workspace with kanban and an owner per duty — who in your org handles which DSA obligation.

AI Act

Your AI Act twin: shows the classification of each AI system — prohibited, high-risk, transparency or GPAI, provider and deployer apart — and reports what changes.

Annex IV, operational.

GPAI gating (Art. 51–56) · applicability timeline · technical-documentation cockpit.

Plus: auto-classification per AI system — prohibited, high-risk, transparency or GPAI — with provider and deployer duties kept strictly apart.

GDPR

Your GDPR twin: shows which duties your processing profile triggers — DPIA, transfers, DPO, employee data — and reports what changes.

DPIA, mapped.

Art. 35/36 triggers with DSK lists · EDPB WP248 risk assessment · Art. 30 records.

Plus: processing records as structured input · conditional cockpits appear only when your profile triggers them — transfers, DPO, employee data.

DMA

Your DMA twin: shows your CPS portfolio and threshold status in one run — through to the Art. 15 report — and reports what changes.

Gatekeeper duties.

Art. 5/6/7 obligations · interoperability and self-preferencing rules in one cockpit.

Plus: one continuous run from CPS portfolio and threshold status to the Art. 15 report generator.

NIS2

Your NIS2 twin: shows whether your entity is essential or important — with 24 h / 72 h / 1-month reporting clocks — and reports what changes.

Cyber baseline.

Directive (EU) 2022/2555 · risk-management measures and reporting duties.

Plus: incident register with live 24 h / 72 h / 1-month reporting deadlines · supplier register with risk rating.

The whole picture

Five regimes, one suite — the graph links DSA, AI Act and GDPR down to article level; DMA and NIS2 plug in as cockpits and search.

Open the full map → go-live pending
Cross-regulation

One measure. Many duties.

126 curated cross-regulation links

as rendered live in the suite — the curated heatmap selection; the graph holds further cross-regime edges

A risk assessment you run for the DSA can serve the AI Act and the GDPR too. the suite shows exactly where — the overlap a flat checklist misses.

  • Curated edges, lawyer-ratified — not AI guesswork at runtime.
  • Sources grounded down to CELEX identifiers.
  • Subject-matter grouping across regime borders.
Open the heatmap go-live pending
Cross-regulation edge list, AI Act ⇔ GDPR: each curated edge with its CELEX source identifiers and pinpoint citations
the suite cross-regulation heatmap, dark theme: AI Act × GDPR matrix with 11 hits across 10 cells and the hit-count chip visible
The map

824 nodes. Zero black box.

Every node carries its legal source. Every edge says why it exists. The corpus is lawyer-curated and ratified, source-grounded down to CELEX — and the product shows its work.

  • Funk taxonomy — 51 legal concepts as cross-regime filters
  • CJEU case law with CELEX references on the node
  • Tri-lingual nodes — EN · DE · ZH
  • Runs fully offline by default — the only network paths are the opt-in AI request and your deliberate funnel submission
the suite legal map canvas, dark theme: colored regime clusters with cross-regulation edges

Live map canvas — dark theme, colored regime clusters, real corpus data

The cockpits

From article to action.

Reading the law is step one. the suite classifies your profile, triggers the duties indicated by your inputs, and puts them on a timeline — checklists, roadmaps and what-if scenarios a compliance team can actually run.

Every cockpit obligation grounded to its legal source
  • VLOP cockpit — DSA Art. 34/35/22/24/39
  • AI Act Annex IV cockpit with GPAI timeline
  • GDPR DPIA cockpit — Art. 35/36/30, DSK lists
  • DMA gatekeeper and NIS2 cyber cockpits
  • Applicability roadmaps with phases and dependencies — plus what-if scenarios
  • Duty benchmark against four model profiles — declared model-based, no market-data claims
the suite VLOP cockpit, dark theme: systemic obligations DSA Art. 33-58 with risk assessment, mitigation, crisis response and audit cards
AI Act roadmap timeline: phases from Active today (Prohibitions & GPAI) to Annex I harmonised products, plus the Regulatory Intelligence feed
From map to action

First the map. Then the work.

the suite doesn't stop at cartography. Five moves from first orientation to a documented handoff — four in the software, the fifth in the mandate.

1 · CLASSIFY

Quick check & classification

A five-question quick check per regime feeds a deterministic engine: DSA service tier up to VLOP, AI-Act risk class, DMA gatekeeper status, NIS2 essential or important. Rule-based and reproducible — no black box.

2 · CHECK

Obligation cockpit

Your profile triggers the duties indicated by your inputs — each with its article anchor, phase and concrete tasks. A benchmark compares your duty load against four model profiles, honestly declared as model-based.

3 · PLAN

Roadmap & what-if

Applicability timelines per regime, what-if scenarios — simulate VLOP scale or giving up the EU seat — and a horizon radar that watches beyond the five regimes.

4 · EVIDENCE

Evidence Vault & reports

Map each document to the duty it covers in the local Evidence Vault, then export cockpit reports as DOCX. Your files stay in the browser — no third-party upload.

5 · MANDATE

When it gets serious

Everything up to here is software: structured self-assessment, not legal advice. Taking on the handling of duties — EU representation, authority correspondence, legal judgment — is the firm's work, under a separate engagement.

Talk to the firm →

The funnel

Self-check today. Mandate-ready tomorrow.

The honest boundary is the feature: software output is a DRAFT and says so on every page. FINAL exists only after a lawyer takes the mandate — and responsibility.

  • No account required
  • Your inputs stay in the browser until you decide to send
  • Artifact exported as DOCX — with a visible DRAFT footer
the suite mandate funnel, light theme: client workflow dashboard with step status, regime profile and the DRAFT discipline footer
1 · CHECK

Structured self-assessment

In the software. Anonymous, no account — decision support under GDPR and RDG discipline.

2 · DRAFT

DRAFT artifact

The software generates a DRAFT document — expressly not legal advice, and labeled as such.

3 · FINAL

Lawyer sign-off

Only Kanzlei Theo Funk turns a DRAFT into FINAL — after a separate engagement and full lawyer review.

Talk to the firm →

Use cases

Five archetypes. Zero invented customers.

No logos, no testimonials — instead, five synthetic demo personas built into the product. Each one is a complete walkthrough from classification to mandate handoff.

HR-AI provider

High-risk under Annex III no. 4 — the full provider duty stack, cleanly separated from deployer duties.

Marketplace at VLOP scale

Above 45 million users — once designated by the Commission — the DSA changes character: Art. 34/35 systemic-risk work in a dedicated cockpit.

Credit-scoring fintech

Art. 22 GDPR and Art. 22 AI Act are false friends — the suite keeps them apart, SCHUFA case law included.

SME deploying bought-in AI

Deployer duties under Art. 26 — and the honest line: the Annex IV documentation sits with your vendor, not with you.

Non-EU GPAI provider

Art. 53/55 model tiers plus the triple representation bundle — Art. 54 AI Act, Art. 13 DSA, Art. 27 GDPR — treated as one issue.

All five are demo scenarios with synthetic data — clearly labeled in the product. No real client data, ever.

Representation

EU representation, as a service.

Established outside the EU? Several EU digital laws require you to appoint a representative inside the Union. Regingada scopes which one you need in a few questions — the representation itself is a legal service, provided by Kanzlei Theo Funk in cooperation.

Art. 13 DSA

DSA Representative

The statutory addressee in the EU for non-EU intermediary services — for the Digital Services Coordinator, the Commission and the EBDS.

Art. 22 / 54 AI Act

AI Act Representative

The authorised representative for non-EU providers of high-risk AI systems (Art. 22) and GPAI models (Art. 54).

Art. 26(3) NIS2

NIS2 Representative

The EU representative for non-EU DNS, cloud, data-centre, CDN and other in-scope digital service providers.

Software & scoping: Regingada UG (haftungsbeschränkt) i.G. · Representation, a legal service: Kanzlei Theo Funk · RAK Bamberg — under a separate engagement.

Lawyer-built

Software from a lawyer. Advice from his firm.

No customer logos, no invented testimonials. What we have instead: a founder who practices the law his software maps — and a boundary that protects you.

Regingada UG (haftungsbeschränkt) i.G.

  • Builds and operates the Regingada Compliance Suite
  • GDPR + RDG discipline: structured self-assessment and decision support
  • No legal advice — by design
  • Output: DRAFT artifacts, labeled as such
  • EU data discipline → Trust Center
Strict separation, by design

Kanzlei Theo Funk

  • Rechtsanwalt · Rechtsanwaltskammer Bamberg
  • Takes mandates — under a separate engagement
  • Professional secrecy (§ 203 StGB) applies once you become a client
  • Signs off FINAL artifacts
  • EU representation: legal representative under Art. 13 DSA · authorised representative under Art. 22 / Art. 54 AI Act — for non-EU providers
  • theofunklaw.com →
  • office@theofunklaw.com

Software by Regingada UG (haftungsbeschränkt) i.G. · Legal advice exclusively by Kanzlei Theo Funk under separate engagement

When it gets serious, the work changes sides: the firm acts as legal representative under Art. 13 DSA and authorised representative under Art. 22 / Art. 54 AI Act, coordinates authority correspondence and incident notifications, accompanies audits — and, where needed, proceedings. The software shows the duty; the firm takes on its handling. That is the work on the 'right to operate' — done in the mandate.

Portrait of Theo Funk, Rechtsanwalt, founder of Regingada UG (haftungsbeschränkt) i.G.
“Every mandate began the same way — re-tracing how five EU regimes interlock for that one client. So I built the software that does the mapping: it classifies, checks and plans. The duties themselves it doesn’t take on; their handling is my firm’s work in the mandate, along with the legal judgment.”
Theo Funk · Rechtsanwalt · Rechtsanwaltskammer Bamberg
Developers

The EU digital-law corpus, as an API.

Grounded, not generated: a curated, CELEX/ELI-citable, versioned corpus your app and your AI can call. A free key to start; Pro and Enterprise scale the limits. All three surfaces are built and verified — hosting and keys follow at launch.

Embed widget

A 43 KB widget. The Regingada quick check on your own site — one sandboxed iframe, no tracker scripts.

<script src="dcis-check.js" defer></script>
<dcis-check lang="en"></dcis-check>

Public API v1

Fail-closed by construction: a missing server-side key set returns 503, a missing or invalid client key 403 — never data.

GET /api/v1/search?regime=dsa
X-API-Key: <your-key>

MCP server

Plug the corpus into your AI assistant as a Model Context Protocol server — grounded answers instead of hallucinated articles.

{ "mcpServers": { "funk-eu-digital-law": {
    "command": "python",
    "args": ["mcp_server/server.py"] } } }
Plans

Free forever. Pay only for depth.

The Digital Twin is free — the full tool, offline, forever. Paid plans add tool and data depth: persistence, teams, monitoring, the Corpus API, white-label. They never add legal assessment — that stays with Kanzlei Theo Funk, in a mandate.

Twin

€0
free, forever

The full Digital Twin — offline, in your browser.

  • All five regimes · 824-node Legal Map
  • Cross-regulation heatmap & cockpits
  • Cmd-K search · opt-in AI
  • Free Corpus-API key (read-only)
Start free go-live pending
Most popular

Workspace Solo

€24 / month

Your twin, saved and synced.

  • Save & sync across devices
  • Versioned cockpit snapshots
  • PDF / JSON export, brand-free
  • Pro Corpus-API key + hosted MCP
Join the waitlist

Workspace Team

€59 / seat / month

Compliance as a team.

  • Shared cockpits · roles & rights
  • Team audit trail · evidence vault
  • Includes one monitoring feed
  • Priority support
Join the waitlist

Monitoring

€199 / regime / month

Your twin watches ahead.

  • Enforcement & horizon alerts
  • Triggered by corpus change
  • Cross-regulation impact hints
  • Reports what changed — for review by RA Funk
Join the waitlist

Regingada for Firms

White-label for firms & consultancies.

  • Your branding & subdomain
  • Corpus API at scale · remote MCP
  • SSO · DPA/AVV · EU residency (Frankfurt)
  • Partner margin & certified-partner tiers
Custom
white-label · sales-led
Book a demo

Every plan is software. The other way to work with Regingada is the firm — mandate & EU representation by Kanzlei Theo Funk. Two paths, one honest boundary.

Indicative launch pricing · net of VAT · public launch in preparation.

Trust

No badge wall. Real answers.

EU data discipline No tracking, no ads Strict software ↔ mandate boundary Visit the Trust Center →
RCS

Map your obligations.

Five regimes, one map, an honest boundary. Public launch in preparation — the firm is reachable today.

And when it gets serious: EU representation under Art. 13 DSA and Art. 22 / 54 AI Act, authority correspondence, support through audits and proceedings — handled by the firm, in the mandate.

Talk to the firm Build your twin go-live pending

“Talk to the firm” reaches Kanzlei Theo Funk — mandate inquiries go to the lawyer, not the software company.

Get notified at go-live →