Comprehensive Compliance
Meeting global standards and regulations to ensure your charging operations are compliant, secure, and future-ready.
EV Echos maintains comprehensive compliance with global regulations, industry standards, and best practices. Our compliance program spans data protection, security frameworks, EV charging protocols, environmental standards, and accessibility requirements. We continuously monitor regulatory changes and proactively update our systems to ensure ongoing compliance, giving you confidence that your charging operations meet all applicable requirements.
Global Regulatory Compliance
GDPR (European Union)
Full compliance with the EU General Data Protection Regulation. We maintain legal basis for data processing, honor data subject rights including access, rectification, and erasure, conduct Data Protection Impact Assessments (DPIAs), and have appointed a Data Protection Officer. Cross-border data transfers are protected by Standard Contractual Clauses.
CCPA (California)
Compliance with the California Consumer Privacy Act and California Privacy Rights Act (CPRA). California residents can exercise rights to know, delete, and opt-out of data sales (though we don't sell personal information). We provide clear privacy notices and transparent data practices.
UK GDPR
Following Brexit, we maintain compliance with UK GDPR requirements. We have a UK representative for data protection matters and ensure appropriate safeguards for data transfers involving UK data subjects.
Other Regional Laws
We comply with privacy laws in all jurisdictions where we operate, including Brazil's LGPD, Canada's PIPEDA, Australia's Privacy Act, and other regional data protection regulations. Our global privacy program adapts to evolving international requirements.
Energy & Utility Compliance
Electric Grid Compliance
Our platform complies with grid interconnection standards and utility regulations. We work with local utility companies to ensure proper load management, demand response capabilities, and adherence to grid stability requirements.
Energy Metering Standards
Compliance with energy metering accuracy standards including IEC 62053 and ANSI C12. Our platform ensures accurate billing, proper energy measurement, and transparent consumption reporting.
Demand Response Programs
Support for utility demand response programs and load management requirements. Our platform can participate in grid balancing initiatives and comply with emergency load reduction mandates.
Renewable Energy Compliance
Tracking and reporting for renewable energy credits (RECs), compliance with renewable portfolio standards, and integration with clean energy programs.
Industry Standards & Protocols
OCPP Compliance
Full support for Open Charge Point Protocol (OCPP) versions 1.6 and 2.0.1. Our implementation is tested and certified for interoperability with major charging station manufacturers. We actively participate in the Open Charge Alliance.
ISO 15118
Support for ISO 15118 "Plug & Charge" standard enabling automatic authentication and payment. Implementation includes Vehicle-to-Grid (V2G) communication protocols for bidirectional charging capabilities.
IEC 61851
Compliance with international electric vehicle conductive charging system standards. Our platform supports the full range of charging modes and safety requirements defined in IEC 61851-1.
OCPI (Open Charge Point Interface)
Implementation of OCPI protocol for roaming and inter-network connectivity. Enables seamless charging across different charging networks and automatic billing reconciliation.
Security & Data Protection Standards
ISO 27001
Certified Information Security Management System (ISMS) following ISO/IEC 27001:2013 standards. Annual third-party audits verify our security controls, risk management processes, and continuous improvement practices.
SOC 2 Type II
Annual Service Organization Control 2 Type II audit examining our controls related to security, availability, processing integrity, confidentiality, and privacy. Full audit reports available to enterprise customers under NDA.
PCI DSS
Payment Card Industry Data Security Standard compliance for handling payment card data. Level 1 Service Provider certification ensures the highest standards of payment security.
NIST Cybersecurity Framework
Our security program aligns with NIST CSF guidelines covering identify, protect, detect, respond, and recover functions. Regular gap assessments ensure ongoing alignment.
Environmental Compliance
Carbon Reporting
Tools for tracking and reporting greenhouse gas emissions in accordance with GHG Protocol. Support for Scope 2 emissions reporting related to electricity consumption and renewable energy usage.
Environmental Management
Our operations follow ISO 14001 environmental management principles. We maintain environmental policies covering energy efficiency, waste reduction, and sustainable practices.
E-Waste Management
Compliance with WEEE (Waste Electrical and Electronic Equipment) Directive and RoHS (Restriction of Hazardous Substances). Proper disposal and recycling programs for electronic components.
Sustainability Reporting
Support for ESG (Environmental, Social, Governance) reporting requirements. Integration with sustainability reporting frameworks including GRI, SASB, and TCFD.
Accessibility & Inclusion
WCAG 2.1 AA Compliance
Our platform interface meets Web Content Accessibility Guidelines (WCAG) 2.1 Level AA standards. Regular accessibility audits ensure usability for users with disabilities.
Section 508 Compliance
Compliance with Section 508 of the Rehabilitation Act for federal agency customers. Our platform is accessible to individuals with disabilities including screen reader compatibility and keyboard navigation.
ADA Compliance
Platform design follows Americans with Disabilities Act guidelines. Mobile applications include accessibility features such as VoiceOver and TalkBack support.
Multilingual Support
Interface available in multiple languages to serve diverse user populations. Right-to-left language support for Arabic and Hebrew users.
Business & Contractual Compliance
Service Level Agreements
Documented SLAs with uptime guarantees, response time commitments, and remediation procedures. Monthly SLA reporting and service credits for qualifying outages.
Data Processing Agreements
Standard DPA templates meeting GDPR Article 28 requirements. Clear definition of controller-processor relationships, data processing instructions, and sub-processor management.
Vendor Management
Rigorous third-party vendor assessment program. All sub-processors undergo security and privacy reviews. Maintenance of approved vendor list and regular reassessments.
Business Continuity
Documented business continuity and disaster recovery plans. Regular testing of failover procedures, backup restoration, and incident response capabilities. Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) defined by service tier.
Certifications & Attestations
Current Certifications
ISO 27001:2013 Information Security Management, SOC 2 Type II Service Organization Controls, ISO 14001 Environmental Management, and ISO 9001 Quality Management System certifications maintained with annual surveillance audits.
Industry Memberships
Active members of the Open Charge Alliance, CharIN (Charging Interface Initiative), and International Electrotechnical Commission (IEC). Participation in standards development and industry working groups.
Audit Reports
SOC 2 Type II reports available to customers under NDA. Penetration test summaries and security assessment reports provided to enterprise customers. ISO certification documents available upon request.
Continuous Compliance
Quarterly internal compliance reviews, annual third-party audits, continuous monitoring of regulatory changes, and proactive updates to maintain compliance with evolving standards.
Compliance Frameworks
Standards and certifications we maintain
ISO 27001
Information Security Management
SOC 2 Type II
Service Organization Controls
GDPR
EU Data Protection
CCPA
California Privacy Rights
OCPP 2.0.1
Open Charge Point Protocol
ISO 15118
Plug & Charge Standard
PCI DSS
Payment Card Security
WCAG 2.1 AA
Web Accessibility
Audit Reports & Documentation
We provide comprehensive compliance documentation to our enterprise customers. SOC 2 Type II reports, ISO certification documents, penetration test summaries, and security assessment reports are available under Non-Disclosure Agreement (NDA).
To request compliance documentation or discuss specific compliance requirements for your organization, please contact our compliance team at compliance@evechos.com
Questions About Compliance?
Our compliance team can provide detailed information about our certifications and regulatory adherence
Contact Compliance Team