Regulatory Compliance

Evrotrust is fully certified under the eIDAS Regulation (EU No. 910/2014) and registered as a Qualified Trust Service Provider (QTSP) on the EU Trusted List. Our services are lawfully recognized in Albania under Law 107/2015 and Law 9880/2008 and have been operational in the Albanian financial sector since 2019.

Compliance Credentials:

• QTSP Certification: Registered in the EU Trusted List and subject to periodic conformity audits.
• GDPR Compliance: Evrotrust acts as an independent data controller when providing its qualified trust services, and fully complies with the GDPR obligations applicable to controllers, including data minimization, purpose limitation, user rights, and transparency.
• Certificate & Key Storage: Signing keys and certificates are generated and stored securely within EU-based infrastructure.
• Audit Logs: All QES and identity verification steps are logged, timestamped, and stored in an immutable archive for at least 10 years.
• Transparency & Documentation: We provide ISO 27001 certificates, independent audit results, and where applicable - a DPA governing controller–controller data relations.
• **User Rights Support: **Users can exercise GDPR rights including access, rectification, erasure, and objection through formal processes.

These compliance measures ensure full regulatory coverage under EU and international compliance frameworks and provide risk mitigation through auditable, certified, and legally binding processes.

For more details please refer to https://evrotrust.com/tsp-documents/.